Created
April 30, 2018 19:48
-
-
Save ameistad/046b7bbdc6f69631d7d7347cb72594da to your computer and use it in GitHub Desktop.
Prisma reset password example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const bcrypt = require('bcryptjs') | |
const jwt = require('jsonwebtoken') | |
const authMutations = { | |
async signup (parent, args, ctx, info) { | |
const { email } = args | |
const userExists = await ctx.db.exists.User({ email }) | |
if (userExists) { | |
throw new Error('User already exists') | |
} | |
const password = await bcrypt.hash(args.password, 10) | |
const user = await ctx.db.mutation.createUser({ | |
data: { ...args, password }, | |
}) | |
return { | |
token: jwt.sign({ userId: user.id }, process.env.APP_SECRET), | |
user, | |
} | |
}, | |
async login (parent, { email, password }, ctx, info) { | |
const user = await ctx.db.query.user({ where: { email } }) | |
if (!user) { | |
throw new Error(`No such user found for email: ${email}`) | |
} | |
const valid = await bcrypt.compare(password, user.password) | |
if (!valid) { | |
throw new Error('Wrong password') | |
} | |
return { | |
token: jwt.sign({ userId: user.id }, process.env.APP_SECRET), | |
user, | |
} | |
}, | |
async resetPasswordRequest (parent, { email }, ctx, info) { | |
const user = await ctx.db.query.user({ where: { email } }) | |
const token = jwt.sign({ userId: user.id}, process.env.APP_SECRET, { expiresIn: '1h'}) | |
// Send email to user with url and token | |
console.log(token) // TODO: implement sending of email with url and token | |
return { email: user.email } | |
}, | |
async resetPassword (parent, { token, password }, ctx, info) { | |
// Verify token and check if the user exist | |
const { userId } = jwt.verify(token, process.env.APP_SECRET) | |
const userExists = await ctx.db.exists.User({ id: userId }) | |
if (!userExists) { | |
throw new Error(`User doesn't exist.`) | |
} | |
// If no error, set new password. | |
const newPassword = await bcrypt.hash(password, 10) | |
return ctx.db.mutation.updateUser({ | |
where: { id: userId }, | |
data: { password: newPassword } | |
}) | |
} | |
} | |
module.exports = { authMutations } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
type User { | |
id: ID! @unique | |
createdAt: DateTime! | |
updatedAt: DateTime! | |
email: String! @unique | |
password: String! | |
name: String | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
type Mutation { | |
signup(email: String!, password: String!, name: String): AuthPayload! | |
login(email: String!, password: String!): AuthPayload! | |
resetPasswordRequest(email: String!): PasswordResetRequestPayload! | |
resetPassword(token: String!, password: String!): User! | |
} | |
type AuthPayload { | |
token: String! | |
user: User! | |
} | |
type PasswordResetRequestPayload { | |
email: String! | |
} | |
type User { | |
id: ID! | |
email: String! | |
name: String! | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment