Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if (user.emails[0] && user.emails[0].address.indexOf("localhost") > -1) {
user.emails[0].verified = true;
emailIsVerified = true;
}
// Set the first email to be the default
if (user.emails[0]) {
user.emails[0].provides = "default";
}
// create a tokenObj and send a welcome email to new users,
// but skip the first default admin user and anonymous users
// (default admins already get a verification email)
let tokenObj;
if (shopId && !emailIsVerified && user.emails[0]) {
tokenObj = generateVerificationTokenObject({ address: user.emails[0].address });
}
// Get GraphQL context to pass to mutation
// This is the only place in the app that still
// uses `getGraphQLContextInMeteorMethod`
// Prioritize removing if possible
const context = Promise.await(getGraphQLContextInMeteorMethod(null));
Promise.await(context.mutations.createAccount({ ...context, isInternalCall: true }, {
emails: user.emails,
name: user.name,
profile,
shopId,
userId: user._id,
verificationToken: tokenObj && tokenObj.token
}));
// Make sure the user exists, and email is one of their addresses.
const user = await users.findOne({ _id: account.userId });
if (!user) {
Logger.error("sendResetAccountPasswordEmail - User not found");
throw new ReactionError("not-found", "User not found");
}
// make sure we have a valid email
if (!email || !user.emails || !user.emails.map((mailInfo) => mailInfo.address).includes(email)) {
Logger.error("sendResetPasswordEmail - Email not found");
throw new ReactionError("not-found", "Email not found");
}
// Create token for password reset
const tokenObj = generateVerificationTokenObject({ email });
const { value: updatedAccount } = await users.findOneAndUpdate({ _id: account.userId }, {
$set: {
"services.password.reset": tokenObj
}
}, {
returnOriginal: false
});
if (!updatedAccount) {
throw new ReactionError("error-occurred", "Unable to set password reset token");
}
// Get shop data for email display
const shop = await Shops.findOne({ _id: account.shopId });
const user = await users.findOne({ _id: userId });
if (!user) throw new ReactionError("not-found", `User ${userId} not found`);
const account = await Accounts.findOne({ userId });
if (!account) throw new ReactionError("not-found", "Account not found");
const { address } = _.find(user.emails || [], (item) => !item.verified) || {};
if (!address) {
// No unverified email addresses found
return null;
}
const tokenObj = generateVerificationTokenObject({ address });
await users.updateOne({ _id: userId }, {
$push: {
"services.email.verificationTokens": tokenObj
}
});
const { shopId } = account;
// Fall back to primary shop if account has no shop linked
let shop;
if (shopId) {
shop = await Shops.findOne({ _id: shopId });
} else {
shop = await Shops.findOne({ shopType: "primary" });
}
const { collections } = context;
const { Accounts, Shops, users } = collections;
const { accountId } = input;
const account = await Accounts.findOne({ _id: accountId });
if (!account) throw new Error(`Account with ID ${accountId} not found`);
const userEmail = account.emails && account.emails[0];
// Verify that we have an account and it has an email address that isn't yet verified
if (!userEmail || userEmail.verified) return false;
const { shopId, userId } = account;
// Generate a token for the user to verify their email address
const tokenObj = generateVerificationTokenObject({ address: userEmail.address });
await users.updateOne({ _id: userId }, {
$push: {
"services.email.verificationTokens": tokenObj
}
});
const shop = await Shops.findOne({ _id: shopId });
const copyrightDate = new Date().getFullYear();
const dataForEmail = {
// Shop Data
contactEmail: _.get(shop, "emails[0].address"),
copyrightDate,
legalName: _.get(shop, "addressBook[0].company"),
physicalAddress: {