Mutations for forgot-password and add session store #118
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mohit038-zz
commented
May 18, 2021
|
|
||
| export const server = new ApolloServer({ | ||
| schema: loadSchema(), | ||
| context: buildContext, | ||
| context: ({ req, res }) => buildContext({ req, res, redis }), |
There was a problem hiding this comment.
I couldn't find any way to pass this redis client to buildcontext function to access it inside resolvers. So For the time being I hard-coded in the node-module. This function is from graphql-passport (node_modules/graphql-passport/lib/buildContext.d.ts). I don't think it the correct way to do this.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds mutations for forget-password.
Implementation: The idea is to generate a token, save it in Redis, and send it in a link to the user's email. Then that link will land on the new password page. On this page, we will retrieve the token from the URL and call the change-password mutation
endpoint with the token and newly selected password. Then this mutation checks whether the token is valid or not. A token can be used only once to change the password and expires in 24 hrs.
Package:
UUID: To generate a token
Nodemailer: To send an email:
and Redis to store tokens