search

jonathasmarques04 / instaQChallenge

0 stars 0 forks source link

[Track 6/9] Login mutation #16

Open taki-tiler-server[bot] opened 1 day ago

taki-tiler-server[bot] commented 1 day ago

Step 1/5 - The mutation setup

Estimated time: 1 hour

In this track, you will implement a login mutation fully integrated with the database. There are many ways of implementing an authentication. The way we're doing it is: the user sends a password to prove that he is who he claims, and then the server provides a token that allows him to access some data on future requests. This token generally have an expiration, after which the user has to login again to get a new one.

This new mutation can be called login. It should receive an e-mail and a password as parameters and, in case of success, return the following structure on body:

{
  "data": {
    "login": {
      "user": {
        "id": 12,
        "name": "User Name",
        "email": "User e-mail",
        "birthDate": "04-25-1990",
      },
      "token": "the_token"
    }
  } 
}

For now, you can return the above structure directly on your code populated with some mock data.

NOTE: as a good practice, we recommend you create (or update) tests for this mutation after every step. This will help you create the right scenarios. Also, don't forget to open Pull Requests with the mutation and test codes.

jonathasmarques04 commented 1 day ago

finish

taki-tiler-server[bot] commented 1 day ago

Step 2/5 - Integrating with the database

Estimated time: 2 hours

Now you're going to fully integrate the Login mutation with the database. Create a user with the createUser mutation so you can test it properly.

  1. Get the input e-mail received on the mutation and try to find one on database.
  2. Check if the given password is correct. Remember that: in order to compare them properly, the input password should be submitted to the same process of transformation that the ones stored on database, right?
  3. If the e-mail can be found on the database and the password is valid, return the user info and a token. For now, the token can be only an empty string. You're going to implement it on next step.

Also, you should consider our "error handling" subject and check for errors. Try to consider all relevant error cases.