lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: use monorepo organization

Browse source
This commit is contained in:
Rafael Taranto 2025-05-12 10:52:54 +01:00
parent deaf7d6ecc
commit a687827f7e
1099 changed files with 8184 additions and 11535 deletions
Download patch file Download diff file Expand all files Collapse all files

49
packages/server/lib/new-admin/graphql/directives/auth.js Normal file
View file

@ -0,0 +1,49 @@
const _ = require('lodash/fp')
const { mapSchema, getDirective, MapperKind } = require('@graphql-tools/utils')
const { defaultFieldResolver } = require('graphql')
const { AuthenticationError } = require('../errors')
function authDirectiveTransformer(schema, directiveName = 'auth') {
return mapSchema(schema, {
// For object types
[MapperKind.OBJECT_TYPE]: (objectType) => {
const directive = getDirective(schema, objectType, directiveName)?.[0]
if (directive) {
const requiredAuthRole = directive.requires
objectType._requiredAuthRole = requiredAuthRole
}
return objectType
},
// For field definitions
[MapperKind.OBJECT_FIELD]: (fieldConfig, _fieldName, typeName) => {
const directive = getDirective(schema, fieldConfig, directiveName)?.[0]
if (directive) {
const requiredAuthRole = directive.requires
fieldConfig._requiredAuthRole = requiredAuthRole
}
// Get the parent object type
const objectType = schema.getType(typeName)
// Apply auth check to the field's resolver
const { resolve = defaultFieldResolver } = fieldConfig
fieldConfig.resolve = function (root, args, context, info) {
const requiredRoles = fieldConfig._requiredAuthRole || objectType._requiredAuthRole
if (!requiredRoles) return resolve.apply(this, [root, args, context, info])
const user = context.req.session.user
if (!user || !_.includes(_.upperCase(user.role), requiredRoles)) {
throw new AuthenticationError('You do not have permission to access this resource!')
}
return resolve.apply(this, [root, args, context, info])
}
return fieldConfig
}
})
}
module.exports = authDirectiveTransformer

3
packages/server/lib/new-admin/graphql/directives/index.js Normal file
View file

@ -0,0 +1,3 @@
const authDirectiveTransformer = require('./auth')
module.exports = { authDirectiveTransformer }

71
packages/server/lib/new-admin/graphql/errors.js Normal file
View file

@ -0,0 +1,71 @@
const { GraphQLError } = require('graphql')
const { ApolloServerErrorCode } = require('@apollo/server/errors')
class AuthenticationError extends GraphQLError {
constructor() {
super('Authentication failed', {
extensions: {
code: 'UNAUTHENTICATED'
}
})
}
}
class InvalidCredentialsError extends GraphQLError {
constructor() {
super('Invalid credentials', {
extensions: {
code: 'INVALID_CREDENTIALS'
}
})
}
}
class UserAlreadyExistsError extends GraphQLError {
constructor() {
super('User already exists', {
extensions: {
code: 'USER_ALREADY_EXISTS'
}
})
}
}
class InvalidTwoFactorError extends GraphQLError {
constructor() {
super('Invalid two-factor code', {
extensions: {
code: 'INVALID_TWO_FACTOR_CODE'
}
})
}
}
class InvalidUrlError extends GraphQLError {
constructor() {
super('Invalid URL token', {
extensions: {
code: 'INVALID_URL_TOKEN'
}
})
}
}
class UserInputError extends GraphQLError {
constructor() {
super('User input error', {
extensions: {
code: ApolloServerErrorCode.BAD_USER_INPUT
}
})
}
}
module.exports = {
AuthenticationError,
InvalidCredentialsError,
UserAlreadyExistsError,
InvalidTwoFactorError,
InvalidUrlError,
UserInputError
}

175
packages/server/lib/new-admin/graphql/modules/authentication/FIDO2FAStrategy.js Normal file
View file

@ -0,0 +1,175 @@
const simpleWebauthn = require('@simplewebauthn/server')
const base64url = require('base64url')
const _ = require('lodash/fp')
const userManagement = require('../userManagement')
const credentials = require('../../../../hardware-credentials')
const T = require('../../../../time')
const users = require('../../../../users')
const devMode = require('minimist')(process.argv.slice(2)).dev
const REMEMBER_ME_AGE = 90 * T.day
const generateAttestationOptions = (session, options) => {
return users.getUserById(options.userId).then(user => {
return Promise.all([credentials.getHardwareCredentialsByUserId(user.id), user])
}).then(([userDevices, user]) => {
const opts = simpleWebauthn.generateAttestationOptions({
rpName: 'Lamassu',
rpID: options.domain,
userName: user.username,
userID: user.id,
timeout: 60000,
attestationType: 'indirect',
excludeCredentials: userDevices.map(dev => ({
id: dev.data.credentialID,
type: 'public-key',
transports: ['usb', 'ble', 'nfc', 'internal']
})),
authenticatorSelection: {
userVerification: 'discouraged',
requireResidentKey: false
}
})
session.webauthn = {
attestation: {
challenge: opts.challenge
}
}
return opts
})
}
const generateAssertionOptions = (session, options) => {
return userManagement.authenticateUser(options.username, options.password).then(user => {
return credentials.getHardwareCredentialsByUserId(user.id).then(devices => {
const opts = simpleWebauthn.generateAssertionOptions({
timeout: 60000,
allowCredentials: devices.map(dev => ({
id: dev.data.credentialID,
type: 'public-key',
transports: ['usb', 'ble', 'nfc', 'internal']
})),
userVerification: 'discouraged',
rpID: options.domain
})
session.webauthn = {
assertion: {
challenge: opts.challenge
}
}
return opts
})
})
}
const validateAttestation = (session, options) => {
const webauthnData = session.webauthn.attestation
const expectedChallenge = webauthnData.challenge
return Promise.all([
users.getUserById(options.userId),
simpleWebauthn.verifyAttestationResponse({
credential: options.attestationResponse,
expectedChallenge: `${expectedChallenge}`,
expectedOrigin: `https://${options.domain}${devMode ? `:3001` : ``}`,
expectedRPID: options.domain
})
])
.then(([user, verification]) => {
const { verified, attestationInfo } = verification
if (!(verified || attestationInfo)) {
session.webauthn = null
return false
}
const {
counter,
credentialPublicKey,
credentialID
} = attestationInfo
return credentials.getHardwareCredentialsByUserId(user.id)
.then(userDevices => {
const existingDevice = userDevices.find(device => device.data.credentialID === credentialID)
if (!existingDevice) {
const newDevice = {
counter,
credentialPublicKey,
credentialID
}
credentials.createHardwareCredential(user.id, newDevice)
}
session.webauthn = null
return verified
})
})
}
const validateAssertion = (session, options) => {
return userManagement.authenticateUser(options.username, options.password).then(user => {
const expectedChallenge = session.webauthn.assertion.challenge
return credentials.getHardwareCredentialsByUserId(user.id).then(devices => {
const dbAuthenticator = _.find(dev => {
return Buffer.from(dev.data.credentialID).compare(base64url.toBuffer(options.assertionResponse.rawId)) === 0
}, devices)
if (!dbAuthenticator.data) {
throw new Error(`Could not find authenticator matching ${options.assertionResponse.id}`)
}
const convertedAuthenticator = _.merge(
dbAuthenticator.data,
{ credentialPublicKey: Buffer.from(dbAuthenticator.data.credentialPublicKey) }
)
let verification
try {
verification = simpleWebauthn.verifyAssertionResponse({
credential: options.assertionResponse,
expectedChallenge: `${expectedChallenge}`,
expectedOrigin: `https://${options.domain}${devMode ? `:3001` : ``}`,
expectedRPID: options.domain,
authenticator: convertedAuthenticator
})
} catch (err) {
console.error(err)
return false
}
const { verified, assertionInfo } = verification
if (!verified) {
session.webauthn = null
return false
}
dbAuthenticator.data.counter = assertionInfo.newCounter
return credentials.updateHardwareCredential(dbAuthenticator)
.then(() => {
const finalUser = { id: user.id, username: user.username, role: user.role }
session.user = finalUser
if (options.rememberMe) session.cookie.maxAge = REMEMBER_ME_AGE
session.webauthn = null
return verified
})
})
})
}
module.exports = {
generateAttestationOptions,
generateAssertionOptions,
validateAttestation,
validateAssertion
}

174
packages/server/lib/new-admin/graphql/modules/authentication/FIDOPasswordlessStrategy.js Normal file
View file

@ -0,0 +1,174 @@
const simpleWebauthn = require('@simplewebauthn/server')
const base64url = require('base64url')
const _ = require('lodash/fp')
const credentials = require('../../../../hardware-credentials')
const T = require('../../../../time')
const users = require('../../../../users')
const devMode = require('minimist')(process.argv.slice(2)).dev
const REMEMBER_ME_AGE = 90 * T.day
const generateAttestationOptions = (session, options) => {
return users.getUserById(options.userId).then(user => {
return Promise.all([credentials.getHardwareCredentialsByUserId(user.id), user])
}).then(([userDevices, user]) => {
const opts = simpleWebauthn.generateAttestationOptions({
rpName: 'Lamassu',
rpID: options.domain,
userName: user.username,
userID: user.id,
timeout: 60000,
attestationType: 'indirect',
excludeCredentials: userDevices.map(dev => ({
id: dev.data.credentialID,
type: 'public-key',
transports: ['usb', 'ble', 'nfc', 'internal']
})),
authenticatorSelection: {
userVerification: 'discouraged',
requireResidentKey: false
}
})
session.webauthn = {
attestation: {
challenge: opts.challenge
}
}
return opts
})
}
const generateAssertionOptions = (session, options) => {
return users.getUserByUsername(options.username).then(user => {
return credentials.getHardwareCredentialsByUserId(user.id).then(devices => {
const opts = simpleWebauthn.generateAssertionOptions({
timeout: 60000,
allowCredentials: devices.map(dev => ({
id: dev.data.credentialID,
type: 'public-key',
transports: ['usb', 'ble', 'nfc', 'internal']
})),
userVerification: 'discouraged',
rpID: options.domain
})
session.webauthn = {
assertion: {
challenge: opts.challenge
}
}
return opts
})
})
}
const validateAttestation = (session, options) => {
const webauthnData = session.webauthn.attestation
const expectedChallenge = webauthnData.challenge
return Promise.all([
users.getUserById(options.userId),
simpleWebauthn.verifyAttestationResponse({
credential: options.attestationResponse,
expectedChallenge: `${expectedChallenge}`,
expectedOrigin: `https://${options.domain}${devMode ? `:3001` : ``}`,
expectedRPID: options.domain
})
])
.then(([user, verification]) => {
const { verified, attestationInfo } = verification
if (!(verified || attestationInfo)) {
session.webauthn = null
return false
}
const {
counter,
credentialPublicKey,
credentialID
} = attestationInfo
return credentials.getHardwareCredentialsByUserId(user.id)
.then(userDevices => {
const existingDevice = userDevices.find(device => device.data.credentialID === credentialID)
if (!existingDevice) {
const newDevice = {
counter,
credentialPublicKey,
credentialID
}
credentials.createHardwareCredential(user.id, newDevice)
}
session.webauthn = null
return verified
})
})
}
const validateAssertion = (session, options) => {
return users.getUserByUsername(options.username).then(user => {
const expectedChallenge = session.webauthn.assertion.challenge
return credentials.getHardwareCredentialsByUserId(user.id).then(devices => {
const dbAuthenticator = _.find(dev => {
return Buffer.from(dev.data.credentialID).compare(base64url.toBuffer(options.assertionResponse.rawId)) === 0
}, devices)
if (!dbAuthenticator.data) {
throw new Error(`Could not find authenticator matching ${options.assertionResponse.id}`)
}
const convertedAuthenticator = _.merge(
dbAuthenticator.data,
{ credentialPublicKey: Buffer.from(dbAuthenticator.data.credentialPublicKey) }
)
let verification
try {
verification = simpleWebauthn.verifyAssertionResponse({
credential: options.assertionResponse,
expectedChallenge: `${expectedChallenge}`,
expectedOrigin: `https://${options.domain}${devMode ? `:3001` : ``}`,
expectedRPID: options.domain,
authenticator: convertedAuthenticator
})
} catch (err) {
console.error(err)
return false
}
const { verified, assertionInfo } = verification
if (!verified) {
context.req.session.webauthn = null
return false
}
dbAuthenticator.data.counter = assertionInfo.newCounter
return credentials.updateHardwareCredential(dbAuthenticator)
.then(() => {
const finalUser = { id: user.id, username: user.username, role: user.role }
session.user = finalUser
if (options.rememberMe) session.cookie.maxAge = REMEMBER_ME_AGE
session.webauthn = null
return verified
})
})
})
}
module.exports = {
generateAttestationOptions,
generateAssertionOptions,
validateAttestation,
validateAssertion
}

181
packages/server/lib/new-admin/graphql/modules/authentication/FIDOUsernamelessStrategy.js Normal file
View file

@ -0,0 +1,181 @@
const simpleWebauthn = require('@simplewebauthn/server')
const base64url = require('base64url')
const _ = require('lodash/fp')
const credentials = require('../../../../hardware-credentials')
const T = require('../../../../time')
const users = require('../../../../users')
const devMode = require('minimist')(process.argv.slice(2)).dev
const REMEMBER_ME_AGE = 90 * T.day
const generateAttestationOptions = (session, options) => {
return credentials.getHardwareCredentials().then(devices => {
const opts = simpleWebauthn.generateAttestationOptions({
rpName: 'Lamassu',
rpID: options.domain,
userName: `Usernameless user created at ${new Date().toISOString()}`,
userID: options.userId,
timeout: 60000,
attestationType: 'direct',
excludeCredentials: devices.map(dev => ({
id: dev.data.credentialID,
type: 'public-key',
transports: ['usb', 'ble', 'nfc', 'internal']
})),
authenticatorSelection: {
authenticatorAttachment: 'cross-platform',
userVerification: 'discouraged',
requireResidentKey: false
}
})
session.webauthn = {
attestation: {
challenge: opts.challenge
}
}
return opts
})
}
const generateAssertionOptions = (session, options) => {
return credentials.getHardwareCredentials().then(devices => {
const opts = simpleWebauthn.generateAssertionOptions({
timeout: 60000,
allowCredentials: devices.map(dev => ({
id: dev.data.credentialID,
type: 'public-key',
transports: ['usb', 'ble', 'nfc', 'internal']
})),
userVerification: 'discouraged',
rpID: options.domain
})
session.webauthn = {
assertion: {
challenge: opts.challenge
}
}
return opts
})
}
const validateAttestation = (session, options) => {
const webauthnData = session.webauthn.attestation
const expectedChallenge = webauthnData.challenge
return Promise.all([
users.getUserById(options.userId),
simpleWebauthn.verifyAttestationResponse({
credential: options.attestationResponse,
expectedChallenge: `${expectedChallenge}`,
expectedOrigin: `https://${options.domain}${devMode ? `:3001` : ``}`,
expectedRPID: options.domain
})
])
.then(([user, verification]) => {
const { verified, attestationInfo } = verification
if (!(verified || attestationInfo)) {
session.webauthn = null
return verified
}
const {
fmt,
counter,
aaguid,
credentialPublicKey,
credentialID,
credentialType,
userVerified,
attestationObject
} = attestationInfo
return credentials.getHardwareCredentialsByUserId(user.id)
.then(userDevices => {
const existingDevice = userDevices.find(device => device.data.credentialID === credentialID)
if (!existingDevice) {
const newDevice = {
fmt,
counter,
aaguid,
credentialPublicKey,
credentialID,
credentialType,
userVerified,
attestationObject
}
credentials.createHardwareCredential(user.id, newDevice)
}
session.webauthn = null
return verified
})
})
}
const validateAssertion = (session, options) => {
const expectedChallenge = session.webauthn.assertion.challenge
return credentials.getHardwareCredentials().then(devices => {
const dbAuthenticator = _.find(dev => {
return Buffer.from(dev.data.credentialID).compare(base64url.toBuffer(options.assertionResponse.rawId)) === 0
}, devices)
if (!dbAuthenticator.data) {
throw new Error(`Could not find authenticator matching ${options.assertionResponse.id}`)
}
const convertedAuthenticator = _.merge(
dbAuthenticator.data,
{ credentialPublicKey: Buffer.from(dbAuthenticator.data.credentialPublicKey) }
)
let verification
try {
verification = simpleWebauthn.verifyAssertionResponse({
credential: options.assertionResponse,
expectedChallenge: `${expectedChallenge}`,
expectedOrigin: `https://${options.domain}${devMode ? `:3001` : ``}`,
expectedRPID: options.domain,
authenticator: convertedAuthenticator
})
} catch (err) {
console.error(err)
return false
}
const { verified, assertionInfo } = verification
if (!verified) {
session.webauthn = null
return false
}
dbAuthenticator.data.counter = assertionInfo.newCounter
return Promise.all([
credentials.updateHardwareCredential(dbAuthenticator),
users.getUserById(dbAuthenticator.user_id)
])
.then(([_, user]) => {
const finalUser = { id: user.id, username: user.username, role: user.role }
session.user = finalUser
session.cookie.maxAge = REMEMBER_ME_AGE
session.webauthn = null
return verified
})
})
}
module.exports = {
generateAttestationOptions,
generateAssertionOptions,
validateAttestation,
validateAssertion
}

17
packages/server/lib/new-admin/graphql/modules/authentication/index.js Normal file
View file

@ -0,0 +1,17 @@
const FIDO2FA = require('./FIDO2FAStrategy')
const FIDOPasswordless = require('./FIDOPasswordlessStrategy')
const FIDOUsernameless = require('./FIDOUsernamelessStrategy')
const STRATEGIES = {
FIDO2FA,
FIDOPasswordless,
FIDOUsernameless
}
// FIDO2FA, FIDOPasswordless or FIDOUsernameless
const CHOSEN_STRATEGY = 'FIDO2FA'
module.exports = {
CHOSEN_STRATEGY,
strategy: STRATEGIES[CHOSEN_STRATEGY]
}

271
packages/server/lib/new-admin/graphql/modules/userManagement.js Normal file
View file

@ -0,0 +1,271 @@
const otplib = require('otplib')
const argon2 = require('argon2')
const _ = require('lodash/fp')
const constants = require('../../../constants')
const authTokens = require('../../../auth-tokens')
const loginHelper = require('../../services/login')
const T = require('../../../time')
const users = require('../../../users')
const sessionManager = require('../../../session-manager')
const authErrors = require('../errors')
const credentials = require('../../../hardware-credentials')
const REMEMBER_ME_AGE = 90 * T.day
const authenticateUser = (username, password) => {
return users.getUserByUsername(username)
.then(user => {
const hashedPassword = user.password
if (!hashedPassword || !user.enabled) throw new authErrors.InvalidCredentialsError()
return Promise.all([argon2.verify(hashedPassword, password), hashedPassword])
})
.then(([isMatch, hashedPassword]) => {
if (!isMatch) throw new authErrors.InvalidCredentialsError()
return loginHelper.validateUser(username, hashedPassword)
})
.then(user => {
if (!user) throw new authErrors.InvalidCredentialsError()
return user
})
}
const destroySessionIfSameUser = (context, user) => {
const sessionUser = getUserFromCookie(context)
if (sessionUser && user.id === sessionUser.id) { context.req.session.destroy() }
}
const destroySessionIfBeingUsed = (sessID, context) => {
if (sessID === context.req.session.id) {
context.req.session.destroy()
}
}
const getUserFromCookie = context => {
return context.req.session.user
}
const getLamassuCookie = context => {
return context.req.cookies && context.req.cookies.lamassu_sid
}
const initializeSession = (context, user, rememberMe) => {
const finalUser = { id: user.id, username: user.username, role: user.role }
context.req.session.user = finalUser
if (rememberMe) context.req.session.cookie.maxAge = REMEMBER_ME_AGE
}
const executeProtectedAction = (code, id, context, action) => {
return users.getUserById(id)
.then(user => {
if (user.role !== 'superuser') {
return action()
}
return confirm2FA(code, context)
.then(() => action())
})
}
const getUserData = context => {
const lidCookie = getLamassuCookie(context)
if (!lidCookie) return
const user = getUserFromCookie(context)
return user
}
const get2FASecret = (username, password) => {
return authenticateUser(username, password)
.then(user => {
const secret = otplib.authenticator.generateSecret()
const otpauth = otplib.authenticator.keyuri(user.username, constants.AUTHENTICATOR_ISSUER_ENTITY, secret)
return Promise.all([users.saveTemp2FASecret(user.id, secret), secret, otpauth])
})
.then(([_, secret, otpauth]) => {
return { secret, otpauth }
})
}
const confirm2FA = (token, context) => {
const requestingUser = getUserFromCookie(context)
if (!requestingUser) throw new authErrors.InvalidCredentialsError()
return users.getUserById(requestingUser.id).then(user => {
const secret = user.twofa_code
const isCodeValid = otplib.authenticator.verify({ token, secret })
if (!isCodeValid) throw new authErrors.InvalidTwoFactorError()
return true
})
}
const validateRegisterLink = token => {
if (!token) throw new authErrors.InvalidUrlError()
return users.validateUserRegistrationToken(token)
.then(r => {
if (!r.success) throw new authErrors.InvalidUrlError()
return { username: r.username, role: r.role }
})
}
const validateResetPasswordLink = token => {
if (!token) throw new authErrors.InvalidUrlError()
return users.validateAuthToken(token, 'reset_password')
.then(r => {
if (!r.success) throw new authErrors.InvalidUrlError()
return { id: r.userID }
})
}
const validateReset2FALink = token => {
if (!token) throw new authErrors.InvalidUrlError()
return users.validateAuthToken(token, 'reset_twofa')
.then(r => {
if (!r.success) throw new authErrors.InvalidUrlError()
return users.getUserById(r.userID)
})
.then(user => {
const secret = otplib.authenticator.generateSecret()
const otpauth = otplib.authenticator.keyuri(user.username, constants.AUTHENTICATOR_ISSUER_ENTITY, secret)
return Promise.all([users.saveTemp2FASecret(user.id, secret), user, secret, otpauth])
})
.then(([_, user, secret, otpauth]) => {
return { user_id: user.id, secret, otpauth }
})
}
const deleteSession = (sessionID, context) => {
destroySessionIfBeingUsed(sessionID, context)
return sessionManager.deleteSessionById(sessionID)
}
const login = (username, password) => {
return authenticateUser(username, password)
.then(user => {
return Promise.all([credentials.getHardwareCredentialsByUserId(user.id), user.twofa_code])
})
.then(([devices, twoFASecret]) => {
if (!_.isEmpty(devices)) return 'FIDO'
return twoFASecret ? 'INPUT2FA' : 'SETUP2FA'
})
}
const input2FA = (username, password, rememberMe, code, context) => {
return authenticateUser(username, password)
.then(user => {
const secret = user.twofa_code
const isCodeValid = otplib.authenticator.verify({ token: code, secret: secret })
if (!isCodeValid) throw new authErrors.InvalidTwoFactorError()
initializeSession(context, user, rememberMe)
return true
})
}
const setup2FA = (username, password, rememberMe, codeConfirmation, context) => {
return authenticateUser(username, password)
.then(user => {
const isCodeValid = otplib.authenticator.verify({ token: codeConfirmation, secret: user.temp_twofa_code })
if (!isCodeValid) throw new authErrors.InvalidTwoFactorError()
initializeSession(context, user, rememberMe)
return users.save2FASecret(user.id, user.temp_twofa_code)
})
.then(() => true)
}
const changeUserRole = (code, id, newRole, context) => {
const action = () => users.changeUserRole(id, newRole)
return executeProtectedAction(code, id, context, action)
}
const enableUser = (code, id, context) => {
const action = () => users.enableUser(id)
return executeProtectedAction(code, id, context, action)
}
const disableUser = (code, id, context) => {
const action = () => users.disableUser(id)
return executeProtectedAction(code, id, context, action)
}
const createResetPasswordToken = (code, userID, context) => {
const action = () => authTokens.createAuthToken(userID, 'reset_password')
return executeProtectedAction(code, userID, context, action)
}
const createReset2FAToken = (code, userID, context) => {
const action = () => authTokens.createAuthToken(userID, 'reset_twofa')
return executeProtectedAction(code, userID, context, action)
}
const createRegisterToken = (username, role) => {
return users.getUserByUsername(username)
.then(user => {
if (user) throw new authErrors.UserAlreadyExistsError()
return users.createUserRegistrationToken(username, role)
})
}
const register = (token, username, password, role) => {
return users.getUserByUsername(username)
.then(user => {
if (user) throw new authErrors.UserAlreadyExistsError()
return users.register(token, username, password, role).then(() => true)
})
}
const resetPassword = (token, userID, newPassword, context) => {
return users.getUserById(userID)
.then(user => {
destroySessionIfSameUser(context, user)
return users.updatePassword(token, user.id, newPassword)
})
.then(() => true)
}
const reset2FA = (token, userID, code, context) => {
return users.getUserById(userID)
.then(user => {
const isCodeValid = otplib.authenticator.verify({ token: code, secret: user.temp_twofa_code })
if (!isCodeValid) throw new authErrors.InvalidTwoFactorError()
destroySessionIfSameUser(context, user)
return users.reset2FASecret(token, user.id, user.temp_twofa_code)
})
.then(() => true)
}
const getToken = context => {
if (_.isNil(context.req.cookies['lamassu_sid']) || _.isNil(context.req.session.user.id))
throw new authErrors.AuthenticationError('Authentication failed')
return context.req.session.user.id
}
module.exports = {
authenticateUser,
getUserData,
get2FASecret,
confirm2FA,
validateRegisterLink,
validateResetPasswordLink,
validateReset2FALink,
deleteSession,
login,
input2FA,
setup2FA,
changeUserRole,
enableUser,
disableUser,
createResetPasswordToken,
createReset2FAToken,
createRegisterToken,
register,
resetPassword,
reset2FA,
getToken
}

9
packages/server/lib/new-admin/graphql/resolvers/bill.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const bills = require('../../services/bills')
const resolvers = {
Query: {
bills: (...[, { filters }]) => bills.getBills(filters)
}
}
module.exports = resolvers

18
packages/server/lib/new-admin/graphql/resolvers/blacklist.resolver.js Normal file
View file

@ -0,0 +1,18 @@
const blacklist = require('../../../blacklist')
const resolvers = {
Query: {
blacklist: () => blacklist.getBlacklist(),
blacklistMessages: () => blacklist.getMessages()
},
Mutation: {
deleteBlacklistRow: (...[, { address }]) =>
blacklist.deleteFromBlacklist(address),
insertBlacklistRow: (...[, { address }]) =>
blacklist.insertIntoBlacklist(address),
editBlacklistMessage: (...[, { id, content }]) =>
blacklist.editBlacklistMessage(id, content)
}
}
module.exports = resolvers

17
packages/server/lib/new-admin/graphql/resolvers/cashbox.resolver.js Normal file
View file

@ -0,0 +1,17 @@
const { parseAsync } = require('json2csv')
const cashbox = require('../../../cashbox-batches')
const logDateFormat = require('../../../logs').logDateFormat
const resolvers = {
Query: {
cashboxBatches: () => cashbox.getBatches(),
cashboxBatchesCsv: (...[, { from, until, timezone }]) => cashbox.getBatches(from, until)
.then(data => parseAsync(logDateFormat(timezone, cashbox.logFormatter(data), ['created'])))
},
Mutation: {
createBatch: (...[, { deviceId, cashboxCount }]) => cashbox.createCashboxBatch(deviceId, cashboxCount),
editBatch: (...[, { id, performedBy }]) => cashbox.editBatchById(id, performedBy)
}
}
module.exports = resolvers

11
packages/server/lib/new-admin/graphql/resolvers/config.resolver.js Normal file
View file

@ -0,0 +1,11 @@
const { accounts: accountsConfig, countries, languages } = require('../../config')
const resolver = {
Query: {
countries: () => countries,
languages: () => languages,
accountsConfig: () => accountsConfig
}
}
module.exports = resolver

10
packages/server/lib/new-admin/graphql/resolvers/currency.resolver.js Normal file
View file

@ -0,0 +1,10 @@
const { coins, currencies } = require('../../config')
const resolver = {
Query: {
currencies: () => currencies,
cryptoCurrencies: () => coins
}
}
module.exports = resolver

33
packages/server/lib/new-admin/graphql/resolvers/customInfoRequests.resolver.js Normal file
View file

@ -0,0 +1,33 @@
const authentication = require('../modules/userManagement')
const queries = require('../../services/customInfoRequests')
const DataLoader = require('dataloader')
const customerCustomInfoRequestsLoader = new DataLoader(ids => queries.batchGetAllCustomInfoRequestsForCustomer(ids), { cache: false })
const customInfoRequestLoader = new DataLoader(ids => queries.batchGetCustomInfoRequest(ids), { cache: false })
const resolvers = {
Customer: {
customInfoRequests: parent => customerCustomInfoRequestsLoader.load(parent.id)
},
CustomRequestData: {
customInfoRequest: parent => customInfoRequestLoader.load(parent.infoRequestId)
},
Query: {
customInfoRequests: (...[, { onlyEnabled }]) => queries.getCustomInfoRequests(onlyEnabled),
customerCustomInfoRequests: (...[, { customerId }]) => queries.getAllCustomInfoRequestsForCustomer(customerId),
customerCustomInfoRequest: (...[, { customerId, infoRequestId }]) => queries.getCustomInfoRequestForCustomer(customerId, infoRequestId)
},
Mutation: {
insertCustomInfoRequest: (...[, { customRequest }]) => queries.addCustomInfoRequest(customRequest),
removeCustomInfoRequest: (...[, { id }]) => queries.removeCustomInfoRequest(id),
editCustomInfoRequest: (...[, { id, customRequest }]) => queries.editCustomInfoRequest(id, customRequest),
setAuthorizedCustomRequest: (...[, { customerId, infoRequestId, override }, context]) => {
const token = authentication.getToken(context)
return queries.setAuthorizedCustomRequest(customerId, infoRequestId, override, token)
},
setCustomerCustomInfoRequest: (...[, { customerId, infoRequestId, data }]) => queries.setCustomerData(customerId, infoRequestId, data)
}
}
module.exports = resolvers

66
packages/server/lib/new-admin/graphql/resolvers/customer.resolver.js Normal file
View file

@ -0,0 +1,66 @@
const authentication = require('../modules/userManagement')
const anonymous = require('../../../constants').anonymousCustomer
const customers = require('../../../customers')
const filters = require('../../filters')
const customerNotes = require('../../../customer-notes')
const machineLoader = require('../../../machine-loader')
const addLastUsedMachineName = customer =>
(customer.lastUsedMachine ? machineLoader.getMachineName(customer.lastUsedMachine) : Promise.resolve(null))
.then(lastUsedMachineName => Object.assign(customer, { lastUsedMachineName }))
const resolvers = {
Customer: {
isAnonymous: parent => (parent.customerId === anonymous.uuid)
},
Query: {
customers: (...[, { phone, email, name, address, id }]) => customers.getCustomersList(phone, name, address, id, email),
customer: (...[, { customerId }]) => customers.getCustomerById(customerId).then(addLastUsedMachineName),
customerFilters: () => filters.customer()
},
Mutation: {
setCustomer: (root, { customerId, customerInput }, context, info) => {
const token = authentication.getToken(context)
if (customerId === anonymous.uuid) return customers.getCustomerById(customerId)
return customers.updateCustomer(customerId, customerInput, token)
},
addCustomField: (...[, { customerId, label, value }]) => customers.addCustomField(customerId, label, value),
saveCustomField: (...[, { customerId, fieldId, value }]) => customers.saveCustomField(customerId, fieldId, value),
removeCustomField: (...[, [ { customerId, fieldId } ]]) => customers.removeCustomField(customerId, fieldId),
editCustomer: async (root, { customerId, customerEdit }, context) => {
const token = authentication.getToken(context)
const editedData = await customerEdit
return customers.edit(customerId, editedData, token)
},
replacePhoto: async (root, { customerId, photoType, newPhoto }, context) => {
const token = authentication.getToken(context)
const { file } = newPhoto
const photo = await file
if (!photo) return customers.getCustomerById(customerId)
return customers.updateEditedPhoto(customerId, photo, photoType)
.then(newPatch => customers.edit(customerId, newPatch, token))
},
deleteEditedData: (root, { customerId, customerEdit }) => {
// TODO: NOT IMPLEMENTING THIS FEATURE FOR THE CURRENT VERSION
return customers.getCustomerById(customerId)
},
createCustomerNote: (...[, { customerId, title, content }, context]) => {
const token = authentication.getToken(context)
return customerNotes.createCustomerNote(customerId, token, title, content)
},
editCustomerNote: (...[, { noteId, newContent }, context]) => {
const token = authentication.getToken(context)
return customerNotes.updateCustomerNote(noteId, token, newContent)
},
deleteCustomerNote: (...[, { noteId }]) => {
return customerNotes.deleteCustomerNote(noteId)
},
createCustomer: (...[, { phoneNumber }]) => customers.add({ phone: phoneNumber }),
enableTestCustomer: (...[, { customerId }]) =>
customers.enableTestCustomer(customerId),
disableTestCustomer: (...[, { customerId }]) =>
customers.disableTestCustomer(customerId)
}
}
module.exports = resolvers

9
packages/server/lib/new-admin/graphql/resolvers/funding.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const funding = require('../../services/funding')
const resolvers = {
Query: {
funding: () => funding.getFunding()
}
}
module.exports = resolvers

53
packages/server/lib/new-admin/graphql/resolvers/index.js Normal file
View file

@ -0,0 +1,53 @@
const { mergeResolvers } = require('@graphql-tools/merge')
const bill = require('./bill.resolver')
const blacklist = require('./blacklist.resolver')
const cashbox = require('./cashbox.resolver')
const config = require('./config.resolver')
const currency = require('./currency.resolver')
const customer = require('./customer.resolver')
const customInfoRequests = require('./customInfoRequests.resolver')
const funding = require('./funding.resolver')
const log = require('./log.resolver')
const loyalty = require('./loyalty.resolver')
const machine = require('./machine.resolver')
const market = require('./market.resolver')
const notification = require('./notification.resolver')
const pairing = require('./pairing.resolver')
const rates = require('./rates.resolver')
const sanctions = require('./sanctions.resolver')
const scalar = require('./scalar.resolver')
const settings = require('./settings.resolver')
const sms = require('./sms.resolver')
const status = require('./status.resolver')
const transaction = require('./transaction.resolver')
const user = require('./users.resolver')
const version = require('./version.resolver')
const resolvers = [
bill,
blacklist,
cashbox,
config,
currency,
customer,
customInfoRequests,
funding,
log,
loyalty,
machine,
market,
notification,
pairing,
rates,
sanctions,
scalar,
settings,
sms,
status,
transaction,
user,
version
]
module.exports = mergeResolvers(resolvers)

22
packages/server/lib/new-admin/graphql/resolvers/log.resolver.js Normal file
View file

@ -0,0 +1,22 @@
const { parseAsync } = require('json2csv')
const _ = require('lodash/fp')
const logs = require('../../../logs')
const serverLogs = require('../../services/server-logs')
const resolvers = {
Query: {
machineLogs: (...[, { deviceId, from, until, limit, offset }]) =>
logs.simpleGetMachineLogs(deviceId, from, until, limit, offset),
machineLogsCsv: (...[, { deviceId, from, until, limit, offset, timezone }]) =>
logs.simpleGetMachineLogs(deviceId, from, until, limit, offset)
.then(res => parseAsync(logs.logDateFormat(timezone, res, ['timestamp']))),
serverLogs: (...[, { from, until, limit, offset }]) =>
serverLogs.getServerLogs(from, until, limit, offset),
serverLogsCsv: (...[, { from, until, limit, offset, timezone }]) =>
serverLogs.getServerLogs(from, until, limit, offset)
.then(res => parseAsync(logs.logDateFormat(timezone, res, ['timestamp'])))
}
}
module.exports = resolvers

26
packages/server/lib/new-admin/graphql/resolvers/loyalty.resolver.js Normal file
View file

@ -0,0 +1,26 @@
const DataLoader = require('dataloader')
const loyalty = require('../../../loyalty')
const { getSlimCustomerByIdBatch } = require('../../../customers')
const customerLoader = new DataLoader(ids => {
return getSlimCustomerByIdBatch(ids)
}, { cache: false })
const resolvers = {
IndividualDiscount: {
customer: parent => customerLoader.load(parent.customerId)
},
Query: {
promoCodes: () => loyalty.getAvailablePromoCodes(),
individualDiscounts: () => loyalty.getAvailableIndividualDiscounts()
},
Mutation: {
createPromoCode: (...[, { code, discount }]) => loyalty.createPromoCode(code, discount),
deletePromoCode: (...[, { codeId }]) => loyalty.deletePromoCode(codeId),
createIndividualDiscount: (...[, { customerId, discount }]) => loyalty.createIndividualDiscount(customerId, discount),
deleteIndividualDiscount: (...[, { discountId }]) => loyalty.deleteIndividualDiscount(discountId)
}
}
module.exports = resolvers

27
packages/server/lib/new-admin/graphql/resolvers/machine.resolver.js Normal file
View file

@ -0,0 +1,27 @@
const DataLoader = require('dataloader')
const { machineAction } = require('../../services/machines')
const machineLoader = require('../../../machine-loader')
const machineEventsByIdBatch = require('../../../postgresql_interface').machineEventsByIdBatch
const machineEventsLoader = new DataLoader(ids => {
return machineEventsByIdBatch(ids)
}, { cache: false })
const resolvers = {
Machine: {
latestEvent: parent => machineEventsLoader.load(parent.deviceId)
},
Query: {
machines: () => machineLoader.getMachineNames(),
machine: (...[, { deviceId }]) => machineLoader.getMachine(deviceId),
unpairedMachines: () => machineLoader.getUnpairedMachines()
},
Mutation: {
machineAction: (...[, { deviceId, action, cashUnits, newName }, context]) =>
machineAction({ deviceId, action, cashUnits, newName }, context)
}
}
module.exports = resolvers

9
packages/server/lib/new-admin/graphql/resolvers/market.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const exchange = require('../../../exchange')
const resolvers = {
Query: {
getMarkets: () => exchange.getMarkets()
}
}
module.exports = resolvers

15
packages/server/lib/new-admin/graphql/resolvers/notification.resolver.js Normal file
View file

@ -0,0 +1,15 @@
const notifierQueries = require('../../../notifier/queries')
const resolvers = {
Query: {
notifications: () => notifierQueries.getNotifications(),
hasUnreadNotifications: () => notifierQueries.hasUnreadNotifications(),
alerts: () => notifierQueries.getAlerts()
},
Mutation: {
toggleClearNotification: (...[, { id, read }]) => notifierQueries.setRead(id, read),
clearAllNotifications: () => notifierQueries.markAllAsRead()
}
}
module.exports = resolvers

9
packages/server/lib/new-admin/graphql/resolvers/pairing.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const pairing = require('../../services/pairing')
const resolvers = {
Mutation: {
createPairingTotem: (...[, { name }]) => pairing.totem(name)
}
}
module.exports = resolvers

21
packages/server/lib/new-admin/graphql/resolvers/rates.resolver.js Normal file
View file

@ -0,0 +1,21 @@
const settingsLoader = require('../../../new-settings-loader')
const forex = require('../../../forex')
const plugins = require('../../../plugins')
const resolvers = {
Query: {
cryptoRates: () =>
settingsLoader.loadLatest().then(settings => {
const pi = plugins(settings)
return pi.getRawRates().then(r => {
return {
withCommissions: pi.buildRates(r),
withoutCommissions: pi.buildRatesNoCommission(r)
}
})
}),
fiatRates: () => forex.getFiatRates()
}
}
module.exports = resolvers

13
packages/server/lib/new-admin/graphql/resolvers/sanctions.resolver.js Normal file
View file

@ -0,0 +1,13 @@
const sanctions = require('../../../sanctions')
const authentication = require('../modules/userManagement')
const resolvers = {
Query: {
checkAgainstSanctions: (...[, { customerId }, context]) => {
const token = authentication.getToken(context)
return sanctions.checkByUser(customerId, token)
}
}
}
module.exports = resolvers

9
packages/server/lib/new-admin/graphql/resolvers/scalar.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const { DateTimeISOResolver, JSONResolver, JSONObjectResolver } = require('graphql-scalars')
const resolvers = {
JSON: JSONResolver,
JSONObject: JSONObjectResolver,
DateTimeISO: DateTimeISOResolver
}
module.exports = resolvers

14
packages/server/lib/new-admin/graphql/resolvers/settings.resolver.js Normal file
View file

@ -0,0 +1,14 @@
const settingsLoader = require('../../../new-settings-loader')
const resolvers = {
Query: {
accounts: () => settingsLoader.showAccounts(),
config: () => settingsLoader.loadLatestConfigOrNone()
},
Mutation: {
saveAccounts: (...[, { accounts }]) => settingsLoader.saveAccounts(accounts),
saveConfig: (...[, { config }]) => settingsLoader.saveConfig(config),
}
}
module.exports = resolvers

14
packages/server/lib/new-admin/graphql/resolvers/sms.resolver.js Normal file
View file

@ -0,0 +1,14 @@
const smsNotices = require('../../../sms-notices')
const resolvers = {
Query: {
SMSNotices: () => smsNotices.getSMSNotices()
},
Mutation: {
editSMSNotice: (...[, { id, event, message }]) => smsNotices.editSMSNotice(id, event, message),
enableSMSNotice: (...[, { id }]) => smsNotices.enableSMSNotice(id),
disableSMSNotice: (...[, { id }]) => smsNotices.disableSMSNotice(id)
}
}
module.exports = resolvers

9
packages/server/lib/new-admin/graphql/resolvers/status.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const supervisor = require('../../services/supervisor')
const resolvers = {
Query: {
uptime: () => supervisor.getAllProcessInfo()
}
}
module.exports = resolvers

43
packages/server/lib/new-admin/graphql/resolvers/transaction.resolver.js Normal file
View file

@ -0,0 +1,43 @@
const DataLoader = require('dataloader')
const { parseAsync } = require('json2csv')
const _ = require('lodash/fp')
const filters = require('../../filters')
const cashOutTx = require('../../../cash-out/cash-out-tx')
const cashInTx = require('../../../cash-in/cash-in-tx')
const transactions = require('../../services/transactions')
const anonymous = require('../../../constants').anonymousCustomer
const logDateFormat = require('../../../logs').logDateFormat
const transactionsLoader = new DataLoader(ids => transactions.getCustomerTransactionsBatch(ids), { cache: false })
const resolvers = {
Customer: {
transactions: parent => transactionsLoader.load(parent.id)
},
Transaction: {
isAnonymous: parent => (parent.customerId === anonymous.uuid)
},
Query: {
transactions: (...[, { from, until, limit, offset, txClass, deviceId, customerName, fiatCode, cryptoCode, toAddress, status, swept, excludeTestingCustomers }]) =>
transactions.batch(from, until, limit, offset, txClass, deviceId, customerName, fiatCode, cryptoCode, toAddress, status, swept, excludeTestingCustomers),
transactionsCsv: (...[, { from, until, limit, offset, txClass, deviceId, customerName, fiatCode, cryptoCode, toAddress, status, swept, timezone, excludeTestingCustomers, simplified }]) =>
transactions.batch(from, until, limit, offset, txClass, deviceId, customerName, fiatCode, cryptoCode, toAddress, status, swept, excludeTestingCustomers, simplified)
.then(data => parseAsync(logDateFormat(timezone, data, ['created', 'sendTime', 'publishedAt']))),
transactionCsv: (...[, { id, txClass, timezone }]) =>
transactions.getTx(id, txClass).then(data =>
parseAsync(logDateFormat(timezone, [data], ['created', 'sendTime', 'publishedAt']))
),
txAssociatedDataCsv: (...[, { id, txClass, timezone }]) =>
transactions.getTxAssociatedData(id, txClass).then(data =>
parseAsync(logDateFormat(timezone, data, ['created']))
),
transactionFilters: () => filters.transaction()
},
Mutation: {
cancelCashOutTransaction: (...[, { id }]) => cashOutTx.cancel(id),
cancelCashInTransaction: (...[, { id }]) => cashInTx.cancel(id)
}
}
module.exports = resolvers

92
packages/server/lib/new-admin/graphql/resolvers/users.resolver.js Normal file
View file

@ -0,0 +1,92 @@
const authentication = require('../modules/authentication')
const userManagement = require('../modules/userManagement')
const users = require('../../../users')
const sessionManager = require('../../../session-manager')
const getAttestationQueryOptions = variables => {
switch (authentication.CHOSEN_STRATEGY) {
case 'FIDO2FA':
return { userId: variables.userID, domain: variables.domain }
case 'FIDOPasswordless':
return { userId: variables.userID, domain: variables.domain }
case 'FIDOUsernameless':
return { userId: variables.userID, domain: variables.domain }
default:
return {}
}
}
const getAssertionQueryOptions = variables => {
switch (authentication.CHOSEN_STRATEGY) {
case 'FIDO2FA':
return { username: variables.username, password: variables.password, domain: variables.domain }
case 'FIDOPasswordless':
return { username: variables.username, domain: variables.domain }
case 'FIDOUsernameless':
return { domain: variables.domain }
default:
return {}
}
}
const getAttestationMutationOptions = variables => {
switch (authentication.CHOSEN_STRATEGY) {
case 'FIDO2FA':
return { userId: variables.userID, attestationResponse: variables.attestationResponse, domain: variables.domain }
case 'FIDOPasswordless':
return { userId: variables.userID, attestationResponse: variables.attestationResponse, domain: variables.domain }
case 'FIDOUsernameless':
return { userId: variables.userID, attestationResponse: variables.attestationResponse, domain: variables.domain }
default:
return {}
}
}
const getAssertionMutationOptions = variables => {
switch (authentication.CHOSEN_STRATEGY) {
case 'FIDO2FA':
return { username: variables.username, password: variables.password, rememberMe: variables.rememberMe, assertionResponse: variables.assertionResponse, domain: variables.domain }
case 'FIDOPasswordless':
return { username: variables.username, rememberMe: variables.rememberMe, assertionResponse: variables.assertionResponse, domain: variables.domain }
case 'FIDOUsernameless':
return { assertionResponse: variables.assertionResponse, domain: variables.domain }
default:
return {}
}
}
const resolver = {
Query: {
users: () => users.getUsers(),
sessions: () => sessionManager.getSessions(),
userSessions: (...[, { username }]) => sessionManager.getSessionsByUsername(username),
userData: (...[, {}, context]) => userManagement.getUserData(context),
get2FASecret: (...[, { username, password }]) => userManagement.get2FASecret(username, password),
confirm2FA: (...[, { code }, context]) => userManagement.confirm2FA(code, context),
validateRegisterLink: (...[, { token }]) => userManagement.validateRegisterLink(token),
validateResetPasswordLink: (...[, { token }]) => userManagement.validateResetPasswordLink(token),
validateReset2FALink: (...[, { token }]) => userManagement.validateReset2FALink(token),
generateAttestationOptions: (...[, variables, context]) => authentication.strategy.generateAttestationOptions(context.req.session, getAttestationQueryOptions(variables)),
generateAssertionOptions: (...[, variables, context]) => authentication.strategy.generateAssertionOptions(context.req.session, getAssertionQueryOptions(variables))
},
Mutation: {
enableUser: (...[, { confirmationCode, id }, context]) => userManagement.enableUser(confirmationCode, id, context),
disableUser: (...[, { confirmationCode, id }, context]) => userManagement.disableUser(confirmationCode, id, context),
deleteSession: (...[, { sid }, context]) => userManagement.deleteSession(sid, context),
deleteUserSessions: (...[, { username }]) => sessionManager.deleteSessionsByUsername(username),
changeUserRole: (...[, { confirmationCode, id, newRole }, context]) => userManagement.changeUserRole(confirmationCode, id, newRole, context),
login: (...[, { username, password }]) => userManagement.login(username, password),
input2FA: (...[, { username, password, rememberMe, code }, context]) => userManagement.input2FA(username, password, rememberMe, code, context),
setup2FA: (...[, { username, password, rememberMe, codeConfirmation }, context]) => userManagement.setup2FA(username, password, rememberMe, codeConfirmation, context),
createResetPasswordToken: (...[, { confirmationCode, userID }, context]) => userManagement.createResetPasswordToken(confirmationCode, userID, context),
createReset2FAToken: (...[, { confirmationCode, userID }, context]) => userManagement.createReset2FAToken(confirmationCode, userID, context),
createRegisterToken: (...[, { username, role }]) => userManagement.createRegisterToken(username, role),
register: (...[, { token, username, password, role }]) => userManagement.register(token, username, password, role),
resetPassword: (...[, { token, userID, newPassword }, context]) => userManagement.resetPassword(token, userID, newPassword, context),
reset2FA: (...[, { token, userID, code }, context]) => userManagement.reset2FA(token, userID, code, context),
validateAttestation: (...[, variables, context]) => authentication.strategy.validateAttestation(context.req.session, getAttestationMutationOptions(variables)),
validateAssertion: (...[, variables, context]) => authentication.strategy.validateAssertion(context.req.session, getAssertionMutationOptions(variables))
}
}
module.exports = resolver

9
packages/server/lib/new-admin/graphql/resolvers/version.resolver.js Normal file
View file

@ -0,0 +1,9 @@
const serverVersion = require('../../../../package.json').version
const resolvers = {
Query: {
serverVersion: () => serverVersion
}
}
module.exports = resolvers

7
packages/server/lib/new-admin/graphql/schema.js Normal file
View file

@ -0,0 +1,7 @@
const types = require('./types')
const resolvers = require('./resolvers')
module.exports = {
resolvers: resolvers,
typeDefs: types
}

18
packages/server/lib/new-admin/graphql/types/bill.type.js Normal file
View file

@ -0,0 +1,18 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Bill {
id: ID
fiat: Int
fiatCode: String
deviceId: ID
created: DateTimeISO
cashUnitOperationId: ID
}
type Query {
bills(filters: JSONObject): [Bill] @auth
}
`
module.exports = typeDef

28
packages/server/lib/new-admin/graphql/types/blacklist.type.js Normal file
View file

@ -0,0 +1,28 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Blacklist {
address: String!
blacklistMessage: BlacklistMessage!
}
type BlacklistMessage {
id: ID
label: String
content: String
allowToggle: Boolean
}
type Query {
blacklist: [Blacklist] @auth
blacklistMessages: [BlacklistMessage] @auth
}
type Mutation {
deleteBlacklistRow(address: String!): Blacklist @auth
insertBlacklistRow(address: String!): Blacklist @auth
editBlacklistMessage(id: ID, content: String): BlacklistMessage @auth
}
`
module.exports = typeDef

26
packages/server/lib/new-admin/graphql/types/cashbox.type.js Normal file
View file

@ -0,0 +1,26 @@
const gql = require('graphql-tag')
const typeDef = gql`
type CashboxBatch {
id: ID
deviceId: ID
created: DateTimeISO
operationType: String
customBillCount: Int
performedBy: String
billCount: Int
fiatTotal: Int
}
type Query {
cashboxBatches: [CashboxBatch] @auth
cashboxBatchesCsv(from: DateTimeISO, until: DateTimeISO, timezone: String): String @auth
}
type Mutation {
createBatch(deviceId: ID, cashboxCount: Int): CashboxBatch @auth
editBatch(id: ID, performedBy: String): CashboxBatch @auth
}
`
module.exports = typeDef

29
packages/server/lib/new-admin/graphql/types/config.type.js Normal file
View file

@ -0,0 +1,29 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Country {
code: String!
display: String!
}
type Language {
code: String!
display: String!
}
type AccountConfig {
code: String!
display: String!
class: String!
cryptos: [String]
deprecated: Boolean
}
type Query {
countries: [Country] @auth
languages: [Language] @auth
accountsConfig: [AccountConfig] @auth
}
`
module.exports = typeDef

22
packages/server/lib/new-admin/graphql/types/currency.type.js Normal file
View file

@ -0,0 +1,22 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Currency {
code: String!
display: String!
}
type CryptoCurrency {
code: String!
display: String!
codeDisplay: String!
isBeta: Boolean
}
type Query {
currencies: [Currency] @auth
cryptoCurrencies: [CryptoCurrency] @auth
}
`
module.exports = typeDef

57
packages/server/lib/new-admin/graphql/types/customInfoRequests.type.js Normal file
View file

@ -0,0 +1,57 @@
const gql = require('graphql-tag')
const typeDef = gql`
type CustomInfoRequest {
id: ID!,
enabled: Boolean,
customRequest: JSON
}
input CustomRequestInputField {
choiceList: [String]
constraintType: String
type: String
numDigits: String
label1: String
label2: String
}
input CustomRequestInputScreen {
text: String
title: String
}
input CustomRequestInput {
name: String
input: CustomRequestInputField
screen1: CustomRequestInputScreen
screen2: CustomRequestInputScreen
}
type CustomRequestData {
customerId: ID
infoRequestId: ID
override: String
overrideAt: DateTimeISO
overrideBy: ID
customerData: JSON
customInfoRequest: CustomInfoRequest
}
type Query {
customInfoRequests(onlyEnabled: Boolean): [CustomInfoRequest] @auth
customerCustomInfoRequests(customerId: ID!): [CustomRequestData] @auth
customerCustomInfoRequest(customerId: ID!, infoRequestId: ID!): CustomRequestData @auth
}
type Mutation {
insertCustomInfoRequest(customRequest: CustomRequestInput!): CustomInfoRequest @auth
removeCustomInfoRequest(id: ID!): CustomInfoRequest @auth
editCustomInfoRequest(id: ID!, customRequest: CustomRequestInput!): CustomInfoRequest @auth
setAuthorizedCustomRequest(customerId: ID!, infoRequestId: ID!, override: String!): Boolean @auth
setCustomerCustomInfoRequest(customerId: ID!, infoRequestId: ID!, data: JSON!): Boolean @auth
}
`
module.exports = typeDef

120
packages/server/lib/new-admin/graphql/types/customer.type.js Normal file
View file

@ -0,0 +1,120 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Customer {
id: ID!
authorizedOverride: String
daysSuspended: Int
isSuspended: Boolean
newPhoto: Upload
photoType: String
frontCameraPath: String
frontCameraAt: DateTimeISO
frontCameraOverride: String
phone: String
email: String
isAnonymous: Boolean
smsOverride: String
idCardData: JSONObject
idCardDataOverride: String
idCardDataExpiration: DateTimeISO
idCardPhoto: Upload
idCardPhotoPath: String
idCardPhotoOverride: String
idCardPhotoAt: DateTimeISO
usSsn: String
usSsnOverride: String
sanctions: Boolean
sanctionsAt: DateTimeISO
sanctionsOverride: String
totalTxs: Int
totalSpent: String
lastActive: DateTimeISO
lastTxFiat: String
lastTxFiatCode: String
lastTxClass: String
lastUsedMachine: String
lastUsedMachineName: String
transactions: [Transaction]
subscriberInfo: JSONObject
phoneOverride: String
customFields: [CustomerCustomField]
customInfoRequests: [CustomRequestData]
notes: [CustomerNote]
isTestCustomer: Boolean
externalCompliance: [JSONObject]
}
input CustomerInput {
authorizedOverride: String
frontCameraPath: String
frontCameraOverride: String
phone: String
smsOverride: String
idCardData: JSONObject
idCardDataOverride: String
idCardDataExpiration: DateTimeISO
idCardPhotoPath: String
idCardPhotoOverride: String
usSsn: String
usSsnOverride: String
sanctions: Boolean
sanctionsAt: DateTimeISO
sanctionsOverride: String
totalTxs: Int
totalSpent: String
lastActive: DateTimeISO
lastTxFiat: String
lastTxFiatCode: String
lastTxClass: String
suspendedUntil: DateTimeISO
phoneOverride: String
}
input CustomerEdit {
idCardData: JSONObject
idCardPhoto: Upload
usSsn: String
subscriberInfo: JSONObject
}
type CustomerNote {
id: ID
customerId: ID
created: DateTimeISO
lastEditedAt: DateTimeISO
lastEditedBy: ID
title: String
content: String
}
type CustomerCustomField {
id: ID
label: String
value: String
}
type Query {
customers(phone: String, name: String, email: String, address: String, id: String): [Customer] @auth
customer(customerId: ID!): Customer @auth
customerFilters: [Filter] @auth
}
type Mutation {
setCustomer(customerId: ID!, customerInput: CustomerInput): Customer @auth
addCustomField(customerId: ID!, label: String!, value: String!): Boolean @auth
saveCustomField(customerId: ID!, fieldId: ID!, value: String!): Boolean @auth
removeCustomField(customerId: ID!, fieldId: ID!): Boolean @auth
editCustomer(customerId: ID!, customerEdit: CustomerEdit): Customer @auth
deleteEditedData(customerId: ID!, customerEdit: CustomerEdit): Customer @auth
replacePhoto(customerId: ID!, photoType: String, newPhoto: Upload): Customer @auth
createCustomerNote(customerId: ID!, title: String!, content: String!): Boolean @auth
editCustomerNote(noteId: ID!, newContent: String!): Boolean @auth
deleteCustomerNote(noteId: ID!): Boolean @auth
createCustomer(phoneNumber: String): Customer @auth
enableTestCustomer(customerId: ID!): Boolean @auth
disableTestCustomer(customerId: ID!): Boolean @auth
}
`
module.exports = typeDef

23
packages/server/lib/new-admin/graphql/types/funding.type.js Normal file
View file

@ -0,0 +1,23 @@
const gql = require('graphql-tag')
const typeDef = gql`
type CoinFunds {
cryptoCode: String!
errorMsg: String
fundingAddress: String
fundingAddressUrl: String
confirmedBalance: String
pending: String
fiatConfirmedBalance: String
fiatPending: String
fiatCode: String
display: String
unitScale: String
}
type Query {
funding: [CoinFunds] @auth
}
`
module.exports = typeDef

53
packages/server/lib/new-admin/graphql/types/index.js Normal file
View file

@ -0,0 +1,53 @@
const { mergeTypeDefs } = require('@graphql-tools/merge')
const bill = require('./bill.type')
const blacklist = require('./blacklist.type')
const cashbox = require('./cashbox.type')
const config = require('./config.type')
const currency = require('./currency.type')
const customer = require('./customer.type')
const customInfoRequests = require('./customInfoRequests.type')
const funding = require('./funding.type')
const log = require('./log.type')
const loyalty = require('./loyalty.type')
const machine = require('./machine.type')
const market = require('./market.type')
const notification = require('./notification.type')
const pairing = require('./pairing.type')
const rates = require('./rates.type')
const sanctions = require('./sanctions.type')
const scalar = require('./scalar.type')
const settings = require('./settings.type')
const sms = require('./sms.type')
const status = require('./status.type')
const transaction = require('./transaction.type')
const user = require('./users.type')
const version = require('./version.type')
const types = [
bill,
blacklist,
cashbox,
config,
currency,
customer,
customInfoRequests,
funding,
log,
loyalty,
machine,
market,
notification,
pairing,
rates,
sanctions,
scalar,
settings,
sms,
status,
transaction,
user,
version
]
module.exports = mergeTypeDefs(types)

26
packages/server/lib/new-admin/graphql/types/log.type.js Normal file
View file

@ -0,0 +1,26 @@
const gql = require('graphql-tag')
const typeDef = gql`
type MachineLog {
id: ID!
logLevel: String!
timestamp: DateTimeISO!
message: String!
}
type ServerLog {
id: ID!
logLevel: String!
timestamp: DateTimeISO!
message: String
}
type Query {
machineLogs(deviceId: ID!, from: DateTimeISO, until: DateTimeISO, limit: Int, offset: Int): [MachineLog] @auth
machineLogsCsv(deviceId: ID!, from: DateTimeISO, until: DateTimeISO, limit: Int, offset: Int, timezone: String): String @auth
serverLogs(from: DateTimeISO, until: DateTimeISO, limit: Int, offset: Int): [ServerLog] @auth
serverLogsCsv(from: DateTimeISO, until: DateTimeISO, limit: Int, offset: Int, timezone: String): String @auth
}
`
module.exports = typeDef

35
packages/server/lib/new-admin/graphql/types/loyalty.type.js Normal file
View file

@ -0,0 +1,35 @@
const gql = require('graphql-tag')
const typeDef = gql`
type IndividualDiscount {
id: ID!
customer: DiscountCustomer!
discount: Int
}
type DiscountCustomer {
id: ID!
phone: String
idCardData: JSONObject
}
type PromoCode {
id: ID!
code: String!
discount: Int
}
type Query {
promoCodes: [PromoCode] @auth
individualDiscounts: [IndividualDiscount] @auth
}
type Mutation {
createPromoCode(code: String!, discount: Int!): PromoCode @auth
deletePromoCode(codeId: ID!): PromoCode @auth
createIndividualDiscount(customerId: ID!, discount: Int!): IndividualDiscount @auth
deleteIndividualDiscount(discountId: ID!): IndividualDiscount @auth
}
`
module.exports = typeDef

105
packages/server/lib/new-admin/graphql/types/machine.type.js Normal file
View file

@ -0,0 +1,105 @@
const gql = require('graphql-tag')
const typeDef = gql`
type MachineStatus {
label: String!
type: String!
}
type Machine {
name: String!
deviceId: ID!
paired: Boolean!
lastPing: DateTimeISO
pairedAt: DateTimeISO
diagnostics: Diagnostics
version: String
model: String
cashUnits: CashUnits
numberOfCassettes: Int
numberOfRecyclers: Int
statuses: [MachineStatus]
latestEvent: MachineEvent
downloadSpeed: String
responseTime: String
packetLoss: String
}
type Diagnostics {
timestamp: DateTimeISO
frontTimestamp: DateTimeISO
scanTimestamp: DateTimeISO
}
type CashUnits {
cashbox: Int
cassette1: Int
cassette2: Int
cassette3: Int
cassette4: Int
recycler1: Int
recycler2: Int
recycler3: Int
recycler4: Int
recycler5: Int
recycler6: Int
}
input CashUnitsInput {
cashbox: Int
cassette1: Int
cassette2: Int
cassette3: Int
cassette4: Int
recycler1: Int
recycler2: Int
recycler3: Int
recycler4: Int
recycler5: Int
recycler6: Int
}
type UnpairedMachine {
id: ID!
deviceId: ID!
name: String
model: String
paired: DateTimeISO!
unpaired: DateTimeISO!
}
type MachineEvent {
id: ID
deviceId: String
eventType: String
note: String
created: DateTimeISO
age: Float
deviceTime: DateTimeISO
}
enum MachineAction {
rename
resetCashOutBills
setCassetteBills
unpair
reboot
shutdown
restartServices
emptyUnit
refillUnit
diagnostics
}
type Query {
machines: [Machine] @auth
machine(deviceId: ID!): Machine @auth
unpairedMachines: [UnpairedMachine!]! @auth
}
type Mutation {
machineAction(deviceId:ID!, action: MachineAction!, cashUnits: CashUnitsInput, newName: String): Machine @auth
}
`
module.exports = typeDef

9
packages/server/lib/new-admin/graphql/types/market.type.js Normal file
View file

@ -0,0 +1,9 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Query {
getMarkets: JSONObject @auth
}
`
module.exports = typeDef

26
packages/server/lib/new-admin/graphql/types/notification.type.js Normal file
View file

@ -0,0 +1,26 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Notification {
id: ID!
type: String
detail: JSON
message: String
created: DateTimeISO
read: Boolean
valid: Boolean
}
type Query {
notifications: [Notification] @auth
alerts: [Notification] @auth
hasUnreadNotifications: Boolean @auth
}
type Mutation {
toggleClearNotification(id: ID!, read: Boolean!): Notification @auth
clearAllNotifications: Notification @auth
}
`
module.exports = typeDef

9
packages/server/lib/new-admin/graphql/types/pairing.type.js Normal file
View file

@ -0,0 +1,9 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Mutation {
createPairingTotem(name: String!): String @auth
}
`
module.exports = typeDef

16
packages/server/lib/new-admin/graphql/types/rates.type.js Normal file
View file

@ -0,0 +1,16 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Rate {
code: String
name: String
rate: Float
}
type Query {
cryptoRates: JSONObject @auth
fiatRates: [Rate] @auth
}
`
module.exports = typeDef

13
packages/server/lib/new-admin/graphql/types/sanctions.type.js Normal file
View file

@ -0,0 +1,13 @@
const gql = require('graphql-tag')
const typeDef = gql`
type SanctionMatches {
ofacSanctioned: Boolean
}
type Query {
checkAgainstSanctions(customerId: ID): SanctionMatches @auth
}
`
module.exports = typeDef

10
packages/server/lib/new-admin/graphql/types/scalar.type.js Normal file
View file

@ -0,0 +1,10 @@
const gql = require('graphql-tag')
const typeDef = gql`
scalar JSON
scalar JSONObject
scalar DateTimeISO
scalar Upload
`
module.exports = typeDef

15
packages/server/lib/new-admin/graphql/types/settings.type.js Normal file
View file

@ -0,0 +1,15 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Query {
accounts: JSONObject @auth
config: JSONObject @auth
}
type Mutation {
saveAccounts(accounts: JSONObject): JSONObject @auth
saveConfig(config: JSONObject): JSONObject @auth
}
`
module.exports = typeDef

30
packages/server/lib/new-admin/graphql/types/sms.type.js Normal file
View file

@ -0,0 +1,30 @@
const gql = require('graphql-tag')
const typeDef = gql`
type SMSNotice {
id: ID!
event: SMSNoticeEvent!
message: String!
messageName: String!
enabled: Boolean!
allowToggle: Boolean!
}
enum SMSNoticeEvent {
smsCode
cashOutDispenseReady
smsReceipt
}
type Query {
SMSNotices: [SMSNotice] @auth
}
type Mutation {
editSMSNotice(id: ID!, event: SMSNoticeEvent!, message: String!): SMSNotice @auth
enableSMSNotice(id: ID!): SMSNotice @auth
disableSMSNotice(id: ID!): SMSNotice @auth
}
`
module.exports = typeDef

15
packages/server/lib/new-admin/graphql/types/status.type.js Normal file
View file

@ -0,0 +1,15 @@
const gql = require('graphql-tag')
const typeDef = gql`
type ProcessStatus {
name: String!
state: String!
uptime: Int!
}
type Query {
uptime: [ProcessStatus] @auth
}
`
module.exports = typeDef

76
packages/server/lib/new-admin/graphql/types/transaction.type.js Normal file
View file

@ -0,0 +1,76 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Transaction {
id: ID!
txClass: String!
deviceId: ID!
toAddress: String
cryptoAtoms: String!
cryptoCode: String!
fiat: String!
fiatCode: String!
fee: String
txHash: String
phone: String
error: String
created: DateTimeISO
send: Boolean
sendConfirmed: Boolean
dispense: Boolean
timedout: Boolean
sendTime: DateTimeISO
errorCode: String
operatorCompleted: Boolean
sendPending: Boolean
fixedFee: String
minimumTx: Float
customerId: ID
isAnonymous: Boolean
txVersion: Int!
termsAccepted: Boolean
commissionPercentage: String
rawTickerPrice: String
isPaperWallet: Boolean
customerPhone: String
customerEmail: String
customerIdCardDataNumber: String
customerIdCardDataExpiration: DateTimeISO
customerIdCardData: JSONObject
customerName: String
customerFrontCameraPath: String
customerIdCardPhotoPath: String
expired: Boolean
machineName: String
discount: Int
txCustomerPhotoPath: String
txCustomerPhotoAt: DateTimeISO
batched: Boolean
batchTime: DateTimeISO
batchError: String
walletScore: Int
profit: String
swept: Boolean
}
type Filter {
type: String
value: String
label: String
}
type Query {
transactions(from: DateTimeISO, until: DateTimeISO, limit: Int, offset: Int, txClass: String, deviceId: String, customerName: String, fiatCode: String, cryptoCode: String, toAddress: String, status: String, swept: Boolean, excludeTestingCustomers: Boolean): [Transaction] @auth
transactionsCsv(from: DateTimeISO, until: DateTimeISO, limit: Int, offset: Int, txClass: String, deviceId: String, customerName: String, fiatCode: String, cryptoCode: String, toAddress: String, status: String, swept: Boolean, timezone: String, excludeTestingCustomers: Boolean, simplified: Boolean): String @auth
transactionCsv(id: ID, txClass: String, timezone: String): String @auth
txAssociatedDataCsv(id: ID, txClass: String, timezone: String): String @auth
transactionFilters: [Filter] @auth
}
type Mutation {
cancelCashOutTransaction(id: ID): Transaction @auth
cancelCashInTransaction(id: ID): Transaction @auth
}
`
module.exports = typeDef

114
packages/server/lib/new-admin/graphql/types/users.type.js Normal file
View file

@ -0,0 +1,114 @@
const authentication = require('../modules/authentication')
const getFIDOStrategyQueryTypes = () => {
switch (authentication.CHOSEN_STRATEGY) {
case 'FIDO2FA':
return `generateAttestationOptions(userID: ID!, domain: String!): JSONObject
generateAssertionOptions(username: String!, password: String!, domain: String!): JSONObject`
case 'FIDOPasswordless':
return `generateAttestationOptions(userID: ID!, domain: String!): JSONObject
generateAssertionOptions(username: String!, domain: String!): JSONObject`
case 'FIDOUsernameless':
return `generateAttestationOptions(userID: ID!, domain: String!): JSONObject
generateAssertionOptions(domain: String!): JSONObject`
default:
return ``
}
}
const getFIDOStrategyMutationsTypes = () => {
switch (authentication.CHOSEN_STRATEGY) {
case 'FIDO2FA':
return `validateAttestation(userID: ID!, attestationResponse: JSONObject!, domain: String!): Boolean
validateAssertion(username: String!, password: String!, rememberMe: Boolean!, assertionResponse: JSONObject!, domain: String!): Boolean`
case 'FIDOPasswordless':
return `validateAttestation(userID: ID!, attestationResponse: JSONObject!, domain: String!): Boolean
validateAssertion(username: String!, rememberMe: Boolean!, assertionResponse: JSONObject!, domain: String!): Boolean`
case 'FIDOUsernameless':
return `validateAttestation(userID: ID!, attestationResponse: JSONObject!, domain: String!): Boolean
validateAssertion(assertionResponse: JSONObject!, domain: String!): Boolean`
default:
return ``
}
}
const typeDef = `
directive @auth(
requires: [Role] = [USER, SUPERUSER]
) on OBJECT | FIELD_DEFINITION
enum Role {
SUPERUSER
USER
}
type UserSession {
sid: String!
sess: JSONObject!
expire: DateTimeISO!
}
type User {
id: ID
username: String
role: String
enabled: Boolean
created: DateTimeISO
last_accessed: DateTimeISO
last_accessed_from: String
last_accessed_address: String
}
type TwoFactorSecret {
user_id: ID
secret: String!
otpauth: String!
}
type ResetToken {
token: String
user_id: ID
expire: DateTimeISO
}
type RegistrationToken {
token: String
username: String
role: String
expire: DateTimeISO
}
type Query {
users: [User] @auth(requires: [SUPERUSER])
sessions: [UserSession] @auth(requires: [SUPERUSER])
userSessions(username: String!): [UserSession] @auth(requires: [SUPERUSER])
userData: User
get2FASecret(username: String!, password: String!): TwoFactorSecret
confirm2FA(code: String!): Boolean @auth(requires: [SUPERUSER])
validateRegisterLink(token: String!): User
validateResetPasswordLink(token: String!): User
validateReset2FALink(token: String!): TwoFactorSecret
${getFIDOStrategyQueryTypes()}
}
type Mutation {
enableUser(confirmationCode: String, id: ID!): User @auth(requires: [SUPERUSER])
disableUser(confirmationCode: String, id: ID!): User @auth(requires: [SUPERUSER])
deleteSession(sid: String!): UserSession @auth(requires: [SUPERUSER])
deleteUserSessions(username: String!): [UserSession] @auth(requires: [SUPERUSER])
changeUserRole(confirmationCode: String, id: ID!, newRole: String!): User @auth(requires: [SUPERUSER])
toggleUserEnable(id: ID!): User @auth(requires: [SUPERUSER])
login(username: String!, password: String!): String
input2FA(username: String!, password: String!, code: String!, rememberMe: Boolean!): Boolean
setup2FA(username: String!, password: String!, rememberMe: Boolean!, codeConfirmation: String!): Boolean
createResetPasswordToken(confirmationCode: String, userID: ID!): ResetToken @auth(requires: [SUPERUSER])
createReset2FAToken(confirmationCode: String, userID: ID!): ResetToken @auth(requires: [SUPERUSER])
createRegisterToken(username: String!, role: String!): RegistrationToken @auth(requires: [SUPERUSER])
register(token: String!, username: String!, password: String!, role: String!): Boolean
resetPassword(token: String!, userID: ID!, newPassword: String!): Boolean
reset2FA(token: String!, userID: ID!, code: String!): Boolean
${getFIDOStrategyMutationsTypes()}
}
`
module.exports = typeDef

9
packages/server/lib/new-admin/graphql/types/version.type.js Normal file
View file

@ -0,0 +1,9 @@
const gql = require('graphql-tag')
const typeDef = gql`
type Query {
serverVersion: String! @auth
}
`
module.exports = typeDef