feat: add graphql support (#349)

* fix: eslint warnings * refactor: use ramda + sanctuary instead of lodash * refactor: use prettier-standard for formatting * feat: enable security * feat: add graphql * chore: remove trailing commas from linter * docs: new scripts on react and new-admin-server * feat: handle authentication on graphql * fix: perf improvement to date picker * chore: add insecure-dev script to run servers
2019-12-24 14:36:41 +00:00 · 2019-12-24 14:36:41 +00:00 · b8e0c2175b
commit b8e0c2175b
parent 49f434f1d1
182 changed files with 8827 additions and 4623 deletions
--- a/lib/new-admin/login.js
+++ b/lib/new-admin/login.js
@ -0,0 +1,48 @@
+const crypto = require('crypto')
+
+const db = require('../db')
+
+function generateOTP (name) {
+  const otp = crypto.randomBytes(32).toString('hex')
+
+  const sql = 'insert into one_time_passes (token, name) values ($1, $2)'
+
+  return db.none(sql, [otp, name])
+    .then(() => otp)
+}
+
+function validateOTP (otp) {
+  const sql = `delete from one_time_passes
+    where token=$1
+    returning name, created < now() - interval '1 hour' as expired`
+
+  return db.one(sql, [otp])
+    .then(r => ({ success: !r.expired, expired: r.expired, name: r.name }))
+    .catch(() => ({ success: false, expired: false }))
+}
+
+function register (otp) {
+  return validateOTP(otp)
+    .then(r => {
+      if (!r.success) return r
+
+      const token = crypto.randomBytes(32).toString('hex')
+      const sql = 'insert into user_tokens (token, name) values ($1, $2)'
+
+      return db.none(sql, [token, r.name])
+        .then(() => ({ success: true, token: token }))
+    })
+    .catch(() => ({ success: false, expired: false }))
+}
+
+function authenticate (token) {
+  const sql = 'select token from user_tokens where token=$1'
+
+  return db.one(sql, [token]).then(() => true).catch(() => false)
+}
+
+module.exports = {
+  generateOTP,
+  register,
+  authenticate
+}