add isAuthenticated middleware

sdy
Commit a3647b7c39c5f2db3db6d53c0a451cd8034d0e87 a3647b7c 1 parent 88b1c139
Showing 1 changed file with 32 additions and 26 deletions
back/src/api/User/resetPassword/resetPassword.js
--- a/back/src/api/User/resetPassword/resetPassword.js
View file @a3647b7
+++ b/back/src/api/User/resetPassword/resetPassword.js
View file @a3647b7
-import { prisma } from "../../../utils";
+import { prisma, isAuthenticated } from "../../../utils";
 import bcrypt from "bcryptjs";
 export default {
   Mutation: {
     resetPassword: async (_, args) => {
-      const { secret, email, passwordOne, passwordTwo } = args;
+      if (isAuthenticated) {
-      const user = await prisma.user.findOne({
+        const { secret, email, passwordOne, passwordTwo } = args;
-        where: {
+        const user = await prisma.user.findOne({
-          email,
+          where: {
-        },
+            email,
-      });
+          },
-      const encryptSecret = await bcrypt.hash(user.emailSecret, 10);
+        });
-      if (encryptSecret !== secret) {
+        const encryptSecret = await bcrypt.hash(user.emailSecret, 10);
-        throw new Error(
+        if (encryptSecret !== secret) {
-          "not vaild secret value!, input another value or resend email"
+          throw new Error(
-        );
+            "not vaild secret value!, input another value or resend email"
-      } else {
+          );
-        if (passwordOne !== passwordTwo) {
-          // For check new password is right, the two things must be same.
-          throw new Error("the two password don't match each other, try again");
         } else {
-          await prisma.user.update({
+          if (passwordOne !== passwordTwo) {
-            where: {
+            // For check new password is right, the two things must be same.
-              email,
+            throw new Error(
-            },
+              "the two password don't match each other, try again"
-            data: {
+            );
-              emailSecret: "",
+          } else {
-              password: passwordOne,
+            await prisma.user.update({
-            },
+              where: {
-          });
+                email,
+              },
+              data: {
+                emailSecret: "",
+                password: passwordOne,
+              },
+            });
+          }
+          return user;
         }
-        return user;
+      } else {
+        throw new Error("You need to login first");
       }
     },
   },