Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const accountsPassword = new AccountsPassword({
// This option is called when a new user create an account
// Inside we can apply our logic to validate the user fields
validateNewUser: user => {
// For example we can allow only some kind of emails
if (user.email.endsWith('.xyz')) {
throw new Error('Invalid email');
}
return user;
},
});
const accountsServer = new AccountsServer(
{
db: new MongoDBInterface(db),
tokenSecret: 'secret',
},
{
password: accountsPassword,
}
);
accountsServer.on(ServerHooks.ValidateLogin, ({ user }) => {
// This hook is called every time a user try to login.
// You can use it to only allow users with verified email to login.
// If you throw an error here it will be returned to the client.
});
app.use(accountsExpress(accountsServer));
app.get('/user', userLoader(accountsServer), (req, res) => {
async function main() {
const mongoClient = await MongoClient.connect(MONGO_URI, {
useNewUrlParser: true,
native_parser: true
});
const db = mongoClient.db();
// Create accounts server that holds a lower level of all accounts operations
const accountsServer = new AccountsServer(
{
db: new AccountsMongoDB(db),
tokenSecret: TOKEN_SECRET
},
{
password: new AccountsPassword(),
}
);
const { schema, context } = AppModule.forRoot({
accountsServer,
db
});
const apolloServer = new ApolloServer({
schema,
context,
introspection: true
});
const { url } = await apolloServer.listen(PORT);
const start = async () => {
// Create database connection
await mongoose.connect('mongodb://localhost:27017/accounts-js-graphql-example', {
useNewUrlParser: true,
});
const mongoConn = mongoose.connection;
// Build a storage for storing users
const userStorage = new MongoDBInterface(mongoConn);
// Create database manager (create user, find users, sessions etc) for accounts-js
const accountsDb = new DatabaseManager({
sessionStorage: userStorage,
userStorage,
});
const accountsPassword = new AccountsPassword({
// This option is called when a new user create an account
// Inside we can apply our logic to validate the user fields
validateNewUser: user => {
// For example we can allow only some kind of emails
if (user.email.endsWith('.xyz')) {
throw new Error('Invalid email');
}
return user;
},
export const createApolloAccounts = ({ db, ...givenOptions }) => {
if (!db) {
console.error('createApolloAccounts: db is a required parameter')
}
if (!givenOptions.tokenSecret) {
console.log(
'Warning: Must provide a tokenSecret (long random string) to createApolloAccounts()'
)
}
const mongoStorage = new MongoDBInterface(db, {
convertUserIdToMongoObjectId: false,
convertSessionIdToMongoObjectId: false,
idProvider,
dateProvider
})
const dbManager = new DatabaseManager({
sessionStorage: mongoStorage,
userStorage: mongoStorage
})
const options = defaultsDeep(givenOptions, defaultOptions)
const accountsServer = new AccountsServer(
{ db: dbManager, ...options },
{
mongoAdapter = await MongoClient.connect(MONGO_URL).then(db => new MongoAdapter(db));
}
Meteor.startup(() => {
const mongodb = MongoInternals.defaultRemoteCollectionDriver().mongo.db;
const mongoAdapter = new MongoAdapter(mongodb, {
convertUserIdToMongoObjectId: false,
});
AccountsServer.config({
tokenConfigs: {
accessToken: {
expiresIn: '3d',
},
refreshToken: {
expiresIn: '30d',
},
},
passwordHashAlgorithm: 'sha256',
}, mongoAdapter);
});