feat: user profile page - save info + change pwd

1e4d5132 · NGPixel · Nicolas Giard · c7f3c9d9 · 1e4d5132 · 1e4d5132
Commit 1e4d5132 authored Apr 05, 2020 by NGPixel Committed by Nicolas Giard Apr 05, 2020
19 changed files
--- a/client/components/admin.vue
+++ b/client/components/admin.vue
@@ -123,7 +123,7 @@
            v-list-item-avatar(size='24', tile): v-icon mdi-heart-outline
            v-list-item-title {{ $t('admin:contribute.title') }}

-    v-content(:class='darkMode ? "grey darken-4" : ""')
+    v-content(:class='darkMode ? "grey darken-4" : "grey lighten-5"')
      transition(name='admin-router')
        router-view


--- a/client/components/admin/admin-groups-edit-rules.vue
+++ b/client/components/admin/admin-groups-edit-rules.vue
@@ -195,7 +195,9 @@

 <script>
 import _ from 'lodash'
-import nanoid from 'nanoid/non-secure/generate'
+import { customAlphabet } from 'nanoid/non-secure'
+
+const nanoid = customAlphabet('1234567890abcdef', 10)

 export default {
  props: {
@@ -241,7 +243,7 @@ export default {
  methods: {
    addRule(group) {
      this.group.pageRules.push({
-        id: nanoid('1234567890abcdef', 10),
+        id: nanoid(),
        path: '',
        roles: [],
        match: 'START',

--- a/client/components/admin/admin-system.vue
+++ b/client/components/admin/admin-system.vue
@@ -166,7 +166,7 @@ export default {
            return 'mdi-linux'
          }
        case 'win32':
-          return 'mdi-windows'
+          return 'mdi-microsoft-windows'
        default:
          return ''
      }

--- a/client/components/editor.vue
+++ b/client/components/editor.vue
@@ -355,8 +355,12 @@ export default {
    },
    async saveAndClose() {
      try {
-        await this.save({ rethrow: true })
-        await this.exit()
+        if (this.$store.get('editor/mode') === 'create') {
+          await this.save()
+        } else {
+          await this.save({ rethrow: true })
+          await this.exit()
+        }
      } catch (err) {
        // Error is already handled
      }

--- a/client/components/login.vue
+++ b/client/components/login.vue
@@ -170,7 +170,7 @@
                    v-spacer

    loader(v-model='isLoading', :color='loaderColor', :title='loaderTitle', :subtitle='$t(`auth:pleaseWait`)')
-    nav-footer(color='grey darken-5')
+    nav-footer(color='grey darken-5', dark-color='grey darken-5')
    notify
 </template>


--- a/client/components/profile/profile.vue
+++ b/client/components/profile/profile.vue
--- a/client/components/register.vue
+++ b/client/components/register.vue
@@ -23,7 +23,7 @@
                    solo
                    flat
                    prepend-icon='mdi-email'
-                    background-color='grey lighten-4'
+                    :background-color='$vuetify.theme.dark ? `grey darken-3` : `grey lighten-4`'
                    hide-details
                    ref='iptEmail'
                    v-model='email'
@@ -34,7 +34,7 @@
                    solo
                    flat
                    prepend-icon='mdi-textbox-password'
-                    background-color='grey lighten-4'
+                    :background-color='$vuetify.theme.dark ? `grey darken-3` : `grey lighten-4`'
                    ref='iptPassword'
                    v-model='password'
                    :append-icon='hidePassword ? "mdi-eye-off" : "mdi-eye"'
@@ -50,7 +50,7 @@
                    solo
                    flat
                    prepend-icon='mdi-textbox-password'
-                    background-color='grey lighten-4'
+                    :background-color='$vuetify.theme.dark ? `grey darken-3` : `grey lighten-4`'
                    hide-details
                    ref='iptVerifyPassword'
                    v-model='verifyPassword'
@@ -63,7 +63,7 @@
                    solo
                    flat
                    prepend-icon='mdi-account'
-                    background-color='grey lighten-4'
+                    :background-color='$vuetify.theme.dark ? `grey darken-3` : `grey lighten-4`'
                    ref='iptName'
                    v-model='name'
                    :placeholder='$t("auth:fields.name")'
@@ -85,14 +85,14 @@
                    ) {{ $t('auth:actions.register') }}
                  v-spacer
                v-divider
-                v-card-actions.py-3.grey.lighten-4
+                v-card-actions.py-3.grey(:class='$vuetify.theme.dark ? `darken-4-l1` : `lighten-4`')
                  v-spacer
                  i18next.caption(path='auth:switchToLogin.text', tag='div')
                    a.caption(href='/login', place='link') {{ $t('auth:switchToLogin.link') }}
                  v-spacer

    loader(v-model='isLoading', :mode='loaderMode', :icon='loaderIcon', :color='loaderColor', :title='loaderTitle', :subtitle='loaderSubtitle')
-    nav-footer(color='grey darken-4', dark-color='grey darken-4')
+    nav-footer(color='grey darken-5', dark-color='grey darken-5')
    notify
 </template>


--- a/client/themes/default/components/nav-footer.vue
+++ b/client/themes/default/components/nav-footer.vue
@@ -29,9 +29,8 @@ export default {
  computed: {
    company: get('site/company'),
    contentLicense: get('site/contentLicense'),
-    darkMode: get('site/dark'),
    bgColor() {
-      if (!this.darkMode) {
+      if (!this.$vuetify.theme.dark) {
        return this.color
      } else {
        return this.darkColor

--- a/package.json
+++ b/package.json
@@ -48,13 +48,13 @@
    "apollo-server": "2.11.0",
    "apollo-server-express": "2.11.0",
    "auto-load": "3.0.4",
-    "aws-sdk": "2.639.0",
+    "aws-sdk": "2.653.0",
    "azure-search-client": "3.1.5",
    "bcryptjs-then": "1.0.1",
    "bluebird": "3.7.2",
    "body-parser": "1.19.0",
    "brute-knex": "4.0.0",
-    "chalk": "3.0.0",
+    "chalk": "4.0.0",
    "cheerio": "1.0.0-rc.3",
    "chokidar": "3.3.1",
    "clean-css": "4.2.3",
@@ -75,7 +75,7 @@
    "express-session": "1.17.0",
    "file-type": "14.1.4",
    "filesize": "6.1.0",
-    "fs-extra": "8.1.0",
+    "fs-extra": "9.0.0",
    "getos": "3.1.5",
    "graphql": "14.6.0",
    "graphql-list-fields": "2.0.2",
@@ -84,7 +84,7 @@
    "graphql-tools": "4.0.7",
    "he": "1.2.0",
    "highlight.js": "9.18.1",
-    "i18next": "19.3.2",
+    "i18next": "19.3.4",
    "i18next-express-middleware": "1.9.1",
    "i18next-node-fs-backend": "2.1.3",
    "image-size": "0.8.3",
@@ -94,7 +94,7 @@
    "jsonwebtoken": "8.5.1",
    "katex": "0.11.1",
    "klaw": "3.0.0",
-    "knex": "0.20.11",
+    "knex": "0.20.13",
    "lodash": "4.17.15",
    "markdown-it": "10.0.0",
    "markdown-it-abbr": "1.0.4",
@@ -118,10 +118,10 @@
    "mssql": "6.2.0",
    "multer": "1.4.2",
    "mysql2": "2.1.0",
-    "nanoid": "2.1.11",
+    "nanoid": "3.0.2",
    "node-2fa": "1.1.2",
    "node-cache": "5.1.0",
-    "nodemailer": "6.4.5",
+    "nodemailer": "6.4.6",
    "objection": "2.1.3",
    "passport": "0.4.1",
    "passport-auth0": "1.3.2",
@@ -130,7 +130,7 @@
    "passport-discord": "0.1.3",
    "passport-dropbox-oauth2": "1.1.0",
    "passport-facebook": "3.0.0",
-    "passport-github2": "0.1.11",
+    "passport-github2": "0.1.12",
    "passport-gitlab2": "5.0.0",
    "passport-google-oauth20": "2.0.0",
    "passport-jwt": "4.0.0",
@@ -143,9 +143,9 @@
    "passport-saml": "1.3.3",
    "passport-twitch-oauth": "1.0.0",
    "pem-jwk": "2.0.0",
-    "pg": "7.18.2",
+    "pg": "8.0.0",
    "pg-hstore": "2.3.3",
-    "pg-query-stream": "3.0.3",
+    "pg-query-stream": "3.0.4",
    "pg-tsquery": "8.1.0",
    "pug": "2.0.4",
    "punycode": "2.1.1",
@@ -162,22 +162,22 @@
    "simple-git": "1.132.0",
    "solr-node": "1.2.1",
    "sqlite3": "4.1.1",
-    "ssh2": "0.8.8",
+    "ssh2": "0.8.9",
    "ssh2-promise": "0.1.6",
    "striptags": "3.1.1",
    "subscriptions-transport-ws": "0.9.16",
-    "tar-fs": "2.0.0",
+    "tar-fs": "2.0.1",
    "twemoji": "12.1.5",
    "uslug": "1.0.4",
-    "uuid": "7.0.2",
+    "uuid": "7.0.3",
    "validate.js": "0.13.1",
    "winston": "3.2.1",
    "xss": "1.0.6",
-    "yargs": "15.3.0"
+    "yargs": "15.3.1"
  },
  "devDependencies": {
    "@babel/cli": "^7.8.4",
-    "@babel/core": "^7.8.7",
+    "@babel/core": "^7.9.0",
    "@babel/plugin-proposal-class-properties": "^7.8.3",
    "@babel/plugin-proposal-decorators": "^7.8.3",
    "@babel/plugin-proposal-export-namespace-from": "^7.8.3",
@@ -188,11 +188,11 @@
    "@babel/plugin-syntax-dynamic-import": "^7.8.3",
    "@babel/plugin-syntax-import-meta": "^7.8.3",
    "@babel/polyfill": "^7.8.7",
-    "@babel/preset-env": "^7.8.7",
+    "@babel/preset-env": "^7.9.0",
    "@mdi/font": "5.0.45",
    "@panter/vue-i18next": "0.15.2",
    "@requarks/ckeditor5": "12.4.0-wiki.14",
-    "@vue/babel-preset-app": "4.2.3",
+    "@vue/babel-preset-app": "4.3.0",
    "animate-sass": "0.8.2",
    "animated-number-vue": "1.0.0",
    "apollo-cache-inmemory": "1.6.5",
@@ -204,10 +204,10 @@
    "apollo-link-persisted-queries": "0.2.2",
    "apollo-link-ws": "1.0.19",
    "apollo-utilities": "1.3.3",
-    "autoprefixer": "9.7.4",
+    "autoprefixer": "9.7.5",
    "babel-eslint": "10.1.0",
-    "babel-jest": "25.1.0",
-    "babel-loader": "^8.0.6",
+    "babel-jest": "25.2.6",
+    "babel-loader": "^8.1.0",
    "babel-plugin-graphql-tag": "2.5.0",
    "babel-plugin-lodash": "3.3.4",
    "babel-plugin-prismjs": "2.0.1",
@@ -216,37 +216,37 @@
    "chart.js": "2.9.3",
    "clean-webpack-plugin": "3.0.0",
    "clipboard": "2.0.6",
-    "codemirror": "5.52.0",
+    "codemirror": "5.52.2",
    "copy-webpack-plugin": "5.1.1",
    "core-js": "3.6.4",
    "css-loader": "3.4.2",
    "cssnano": "4.1.10",
-    "d3": "5.15.0",
+    "d3": "5.15.1",
    "duplicate-package-checker-webpack-plugin": "3.0.0",
    "epic-spinners": "1.1.0",
    "eslint": "6.8.0",
    "eslint-config-requarks": "1.0.7",
-    "eslint-config-standard": "14.1.0",
-    "eslint-plugin-import": "2.20.1",
-    "eslint-plugin-node": "11.0.0",
+    "eslint-config-standard": "14.1.1",
+    "eslint-plugin-import": "2.20.2",
+    "eslint-plugin-node": "11.1.0",
    "eslint-plugin-promise": "4.2.1",
    "eslint-plugin-standard": "4.0.1",
    "eslint-plugin-vue": "6.2.2",
    "fibers": "4.0.2",
-    "file-loader": "5.1.0",
+    "file-loader": "6.0.0",
    "filepond": "4.13.0",
-    "filepond-plugin-file-validate-type": "1.2.4",
+    "filepond-plugin-file-validate-type": "1.2.5",
    "filesize.js": "2.0.0",
    "graphql-persisted-document-loader": "2.0.0",
    "graphql-tag": "^2.10.3",
    "hammerjs": "2.0.8",
-    "html-webpack-plugin": "4.0.0-beta.8",
+    "html-webpack-plugin": "4.0.4",
    "html-webpack-pug-plugin": "2.0.0",
    "i18next-chained-backend": "2.0.1",
    "i18next-localstorage-backend": "3.1.1",
    "i18next-xhr-backend": "3.2.2",
    "ignore-loader": "0.1.2",
-    "jest": "25.1.0",
+    "jest": "25.2.7",
    "js-cookie": "2.2.1",
    "mermaid": "8.4.8",
    "mini-css-extract-plugin": "0.9.0",
@@ -260,7 +260,7 @@
    "postcss-loader": "3.0.0",
    "postcss-preset-env": "6.7.0",
    "postcss-selector-parser": "6.0.2",
-    "prismjs": "1.19.0",
+    "prismjs": "1.20.0",
    "pug-lint": "2.6.0",
    "pug-loader": "2.4.0",
    "pug-plain-loader": "1.0.0",
@@ -272,9 +272,9 @@
    "script-ext-html-webpack-plugin": "2.1.4",
    "simple-progress-webpack-plugin": "1.1.2",
    "style-loader": "1.1.3",
-    "terser": "4.6.6",
+    "terser": "4.6.10",
    "twemoji-awesome": "1.0.6",
-    "url-loader": "3.0.0",
+    "url-loader": "4.0.0",
    "velocity-animate": "1.5.2",
    "viz.js": "2.1.2",
    "vue": "2.6.11",
@@ -283,7 +283,7 @@
    "vue-clipboards": "1.3.0",
    "vue-filepond": "6.0.2",
    "vue-hot-reload-api": "2.3.4",
-    "vue-loader": "15.9.0",
+    "vue-loader": "15.9.1",
    "vue-moment": "4.1.0",
    "vue-router": "3.1.6",
    "vue-status-indicator": "1.2.1",
@@ -291,12 +291,12 @@
    "vue2-animate": "2.1.3",
    "vuedraggable": "2.23.2",
    "vuescroll": "4.15.0",
-    "vuetify": "2.2.17",
+    "vuetify": "2.2.20",
    "vuetify-loader": "1.4.3",
    "vuex": "3.1.3",
    "vuex-pathify": "1.4.1",
-    "vuex-persistedstate": "2.7.1",
-    "webpack": "4.42.0",
+    "vuex-persistedstate": "3.0.1",
+    "webpack": "4.42.1",
    "webpack-bundle-analyzer": "3.6.1",
    "webpack-cli": "3.3.11",
    "webpack-dev-middleware": "3.7.2",

--- a/server/controllers/common.js
+++ b/server/controllers/common.js
@@ -278,6 +278,10 @@ router.get(['/i', '/i/:id'], async (req, res, next) => {
 * Profile
 */
 router.get(['/p', '/p/*'], (req, res, next) => {
+  if (!req.user || req.user.id < 1 || req.user.id === 2) {
+    return res.render('unauthorized', { action: 'view' })
+  }
+
  _.set(res.locals, 'pageMeta.title', 'User Profile')
  res.render('profile')
 })

--- a/server/db/migrations-sqlite/2.3.10.js
+++ b/server/db/migrations-sqlite/2.3.10.js
+exports.up = knex => {
+  return knex.schema
+    .alterTable('users', table => {
+      table.string('lastLoginAt')
+    })
+}
+
+exports.down = knex => { }
--- a/server/db/migrations/2.3.10.js
+++ b/server/db/migrations/2.3.10.js
+exports.up = knex => {
+  return knex.schema
+    .alterTable('users', table => {
+      table.string('lastLoginAt')
+    })
+}
+
+exports.down = knex => { }
--- a/server/graph/resolvers/system.js
+++ b/server/graph/resolvers/system.js
@@ -9,7 +9,7 @@ const moment = require('moment')
 const graphHelper = require('../../helpers/graph')
 const request = require('request-promise')
 const crypto = require('crypto')
-const nanoid = require('nanoid/non-secure/generate')
+const nanoid = require('nanoid/non-secure').customAlphabet('1234567890abcdef', 10)

 /* global WIKI */

@@ -150,7 +150,7 @@ module.exports = {
                      roles = _.concat(roles, ['write:pages', 'manage:pages', 'read:source', 'read:history', 'write:assets', 'manage:assets'])
                    }
                    return {
-                      id: nanoid('1234567890abcdef', 10),
+                      id: nanoid(),
                      roles: roles,
                      match: r.exact ? 'EXACT' : 'START',
                      deny: r.deny,

--- a/server/graph/resolvers/user.js
+++ b/server/graph/resolvers/user.js
 const graphHelper = require('../../helpers/graph')
+const _ = require('lodash')

 /* global WIKI */

@@ -35,15 +36,16 @@ module.exports = {
      if (!usr.isActive) {
        throw new WIKI.Error.AuthAccountBanned()
      }
-      const usrGroups = await usr.$relatedQuery('groups')
-      return {
-        ...usr,
-        password: '',
-        providerKey: '',
-        tfaSecret: '',
-        lastLoginOn: '1970-01-01',
-        groups: usrGroups.map(g => g.name)
-      }
+
+      const providerInfo = _.find(WIKI.data.authentication, ['key', usr.providerKey])
+
+      usr.providerName = _.get(providerInfo, 'title', 'Unknown')
+      usr.lastLoginAt = usr.lastLoginAt || usr.updatedAt
+      usr.password = ''
+      usr.providerId = ''
+      usr.tfaSecret = ''
+
+      return usr
    }
  },
  UserMutation: {
@@ -124,11 +126,88 @@ module.exports = {
    },
    resetPassword (obj, args) {
      return false
+    },
+    async updateProfile (obj, args, context) {
+      try {
+        if (!context.req.user || context.req.user.id < 1 || context.req.user.id === 2) {
+          throw new WIKI.Error.AuthRequired()
+        }
+        const usr = await WIKI.models.users.query().findById(context.req.user.id)
+        if (!usr.isActive) {
+          throw new WIKI.Error.AuthAccountBanned()
+        }
+        if (!usr.isVerified) {
+          throw new WIKI.Error.AuthAccountNotVerified()
+        }
+
+        await WIKI.models.users.updateUser({
+          id: usr.id,
+          name: _.trim(args.name),
+          jobTitle: _.trim(args.jobTitle),
+          location: _.trim(args.location),
+          timezone: args.timezone
+        })
+
+        const newToken = await WIKI.models.users.refreshToken(usr.id)
+
+        return {
+          responseResult: graphHelper.generateSuccess('User profile updated successfully'),
+          jwt: newToken.token
+        }
+      } catch (err) {
+        return graphHelper.generateError(err)
+      }
+    },
+    async changePassword (obj, args, context) {
+      try {
+        if (!context.req.user || context.req.user.id < 1 || context.req.user.id === 2) {
+          throw new WIKI.Error.AuthRequired()
+        }
+        const usr = await WIKI.models.users.query().findById(context.req.user.id)
+        if (!usr.isActive) {
+          throw new WIKI.Error.AuthAccountBanned()
+        }
+        if (!usr.isVerified) {
+          throw new WIKI.Error.AuthAccountNotVerified()
+        }
+        if (usr.providerKey !== 'local') {
+          throw new WIKI.Error.AuthProviderInvalid()
+        }
+        try {
+          await usr.verifyPassword(args.current)
+        } catch (err) {
+          throw new WIKI.Error.AuthPasswordInvalid()
+        }
+
+        await WIKI.models.users.updateUser({
+          id: usr.id,
+          newPassword: args.new
+        })
+
+        const newToken = await WIKI.models.users.refreshToken(usr)
+
+        return {
+          responseResult: graphHelper.generateSuccess('Password changed successfully'),
+          jwt: newToken.token
+        }
+      } catch (err) {
+        return graphHelper.generateError(err)
+      }
    }
  },
  User: {
-    groups(usr) {
+    groups (usr) {
      return usr.$relatedQuery('groups')
    }
+  },
+  UserProfile: {
+    async groups (usr) {
+      const usrGroups = await usr.$relatedQuery('groups')
+      return usrGroups.map(g => g.name)
+    },
+    async pagesTotal (usr) {
+      const result = await WIKI.models.pages.query().count('* as total').where('creatorId', usr.id).first()
+      return _.toSafeInteger(result.total)
+    }
  }
 }
--- a/server/graph/schemas/user.graphql
+++ b/server/graph/schemas/user.graphql
@@ -76,6 +76,18 @@ type UserMutation {
  resetPassword(
    id: Int!
  ): DefaultResponse
+
+  updateProfile(
+    name: String!
+    location: String!
+    jobTitle: String!
+    timezone: String!
+  ): UserTokenResponse
+
+  changePassword(
+    current: String!
+    new: String!
+  ): UserTokenResponse
 }

 # -----------------------------------------------
@@ -117,6 +129,7 @@ type UserProfile {
  id: Int!
  name: String!
  email: String!
+  providerKey: String
  providerName: String
  isSystem: Boolean!
  isVerified: Boolean!
@@ -125,6 +138,12 @@ type UserProfile {
  timezone: String!
  createdAt: Date!
  updatedAt: Date!
-  lastLoginOn: Date!
+  lastLoginAt: Date
  groups: [String]!
+  pagesTotal: Int!
+}
+
+type UserTokenResponse {
+  responseResult: ResponseStatus!
+  jwt: String
 }
--- a/server/helpers/error.js
+++ b/server/helpers/error.js
@@ -57,6 +57,10 @@ module.exports = {
    message: 'Invalid email / username or password.',
    code: 1002
  }),
+  AuthPasswordInvalid: CustomError('AuthPasswordInvalid', {
+    message: 'Password is incorrect.',
+    code: 1020
+  }),
  AuthProviderInvalid: CustomError('AuthProviderInvalid', {
    message: 'Invalid authentication provider.',
    code: 1003

--- a/server/models/userKeys.js
+++ b/server/models/userKeys.js
@@ -2,7 +2,7 @@

 const Model = require('objection').Model
 const moment = require('moment')
-const nanoid = require('nanoid')
+const nanoid = require('nanoid').nanoid

 /**
 * Users model

--- a/server/models/users.js
+++ b/server/models/users.js
@@ -341,6 +341,9 @@ module.exports = class User extends Model {
      user.groups = await user.$relatedQuery('groups').select('groups.id', 'permissions')
    }

+    // Update Last Login Date
+    await WIKI.models.users.query().findById(user.id).patch({ lastLoginAt: new Date().toISOString() })
+
    return {
      token: jwt.sign({
        id: user.id,

--- a/yarn.lock
+++ b/yarn.lock