search

frankcollins3 / fill_container

codecamp team project updated with new icon screen menu + puppeteer icon search, GraphQL, redux, relational psql !mongo, and accuweatherAPI
1 stars 0 forks source link

account Recovery: [11:27pm] #144

Open frankcollins3 opened 1 year ago

frankcollins3 commented 1 year ago

linkUserWithGoogle: a graphql query that parses user-signup-data as args and updates the user account 

  linkUserWithGoogle: {
    type: UsersType,
    description: 'List of Settings',
    args: {
      username: { type: GraphQLString },
      googleId: { type: GraphQLString },
      icon: { type: GraphQLString }
    },
    resolve: async (parent, args) => {
      const { username, googleId, icon  } = args
      let argsArray = [googleId, icon]
      let iconGIDconcat = `${googleId}///${icon}`
      let allusers = await prisma.users.findMany()    
      let me = allusers.filter(user => user.username === username)

      let myid = me[0].id  

      let encodePromise = new Promise( (resolve, reject) => {
          let encodedArray = argsArray.map((arg) =>                   // map over the elements which will return an array
          typeof arg === 'string' ? encodeURIComponent(arg).replace(/\s/g, '') : []
        );
          resolve(encodedArray);
          reject('-____-')
      })
      return encodePromise
      .then(async(encoded) => {
        **let alreadyUsedGoogleId = allusers.some(user => user.googleId === googleId)
        let alreadyUsedGoogleIcon = allusers.some(user => user.icon === icon)**

        return await prisma.users.update({
        // const updateUser = await prisma.users.update({
          where: {
            id: myid
          },
          data: {          
            google_id: alreadyUsedGoogleId ? googleId : 'Google Id already linked Up!',          // access .map() ----> let argsArray = [googleId, icon]   [0] = googleId  [1] = icon
            icon: alreadyUsedGoogleIcon ? icon : "Good icon is used for another account",
          },
        }).then( (updatedUser) => {        
          const u = updatedUser
        return { id: u.id || 1, googleId: u.google_id, icon: u.icon, username: u.username, password: u.password, email: u.email, age: u.age }      
        })
      })            
    }
  },

This app could consider the user more if it were to allow for functionality that: i.e. ------> someone signed into google with someone else's account, now the actual accountHolder can't link google.

hypothetical ofc: people probably wont be scrambling by the 1000s to log into this app with someone elses googleId

as I type this now, i believe original app dont have such functionality & only allowed for google sign in. This means that a user can get 🔒out if someone were to log in with their account.

team project during bootcamp & only a week to spend coding on it so this is definitely an extra feature / extra edge case

proposed approach:

1: create a quiz type of game: problem with this is that the googleId info (name, lastname) pretty easy to guess if they knew the pesron who logged in

2: create a profile settings page which will have to share the {navbar->gear.png->settings} /dashboard the user will be able to clear the data in the users.google_id && users.google_icon columns.

frankcollins3 commented 1 year ago

this also makes other avenues of account recovery like: "forgot password" "forgot email / username" [11:27pm]