fix(api): log errors

src/pages/api/activate_account.js

@@ -28,21 +28,16 @@ export function createRequestHandler({
       return apiError(Boom.badRequest(error.details[0].message));
     }
 
-    let result;
-    try {
-      result = await client
-        .query(mutation, {
-          secret_token: value.token,
-          password: await hash(value.password),
-          now: new Date().toISOString(),
-        })
-        .toPromise();
-    } catch (error) {
-      console.error(error);
-      return apiError(Boom.serverUnavailable("update failed"));
-    }
+    const result = await client
+      .query(mutation, {
+        secret_token: value.token,
+        password: await hash(value.password),
+        now: new Date().toISOString(),
+      })
+      .toPromise();
+
     if (result.error) {
-      console.error(error);
+      console.error(result.error);
       return apiError(Boom.unauthorized("request failed"));
     }
 

src/pages/api/change_password.js

@@ -24,21 +24,15 @@ export default async function changePassword(req, res) {
     return apiError(Boom.badRequest(error.details[0].message));
   }
 
-  let result;
-  try {
-    result = await client
-      .query(getOldPassword, {
-        id: value.id,
-      })
-      .toPromise();
-  } catch (error) {
-    console.error(error);
-    return apiError(Boom.serverUnavailable("get old password failed"));
-  }
+  let result = await client
+    .query(getOldPassword, {
+      id: value.id,
+    })
+    .toPromise();
 
   if (result.error) {
     console.error(result.error);
-    return apiError(Boom.badRequest("request error"));
+    return apiError(Boom.serverUnavailable("get old password failed"));
   }
 
   const { user } = result.data;
@@ -53,20 +47,16 @@ export default async function changePassword(req, res) {
     return apiError(Boom.unauthorized("Invalid id or password"));
   }
 
-  try {
-    result = await client
-      .query(changeMyPasswordMutation, {
-        id: value.id,
-        password: await hash(value.password),
-      })
-      .toPromise();
-  } catch (error) {
-    console.error(error);
-    return apiError(Boom.serverUnavailable("set new password failed"));
-  }
+  result = await client
+    .query(changeMyPasswordMutation, {
+      id: value.id,
+      password: await hash(value.password),
+    })
+    .toPromise();
+
   if (result.error) {
     console.error(result.error);
-    return apiError(Boom.badRequest("request error"));
+    return apiError(Boom.serverUnavailable("set new password failed"));
   }
 
   console.log("[change password]", value.id);

src/pages/api/login.js

@@ -30,21 +30,19 @@ export default async function login(req, res) {
 
   const { username, password } = value;
 
-  let result;
-  try {
-    result = await client
-      .query(loginQuery, {
-        username,
-      })
-      .toPromise();
-  } catch (e) {
-    console.error(e);
-    // console.error('Error connection to GraphQL');
-    return apiError(Boom.unauthorized("Unable to find 'user'"));
+  let result = await client
+    .query(loginQuery, {
+      username,
+    })
+    .toPromise();
+
+  if (result.error) {
+    console.error(result.error);
+    return apiError(Boom.serverUnavailable("login error"));
   }
 
-  if (result.data.users.length === 0) {
-    // console.error("No user with this 'username'");
+  if (result.data.users?.length === 0) {
+    console.error("No user with 'username'", username);
     return apiError(Boom.unauthorized("Invalid 'username' or 'password'"));
   }
 
@@ -65,23 +63,28 @@ export default async function login(req, res) {
   }
 
   const jwt_token = generateJwtToken(user);
-  try {
-    result = await client
-      .query(refreshTokenMutation, {
-        refresh_token_data: {
-          user_id: user.id,
-          expires_at: getExpiryDate(
-            parseInt(process.env.REFRESH_TOKEN_EXPIRES, 10)
-          ),
-        },
-      })
-      .toPromise();
-  } catch (e) {
-    console.error(e);
+
+  result = await client
+    .query(refreshTokenMutation, {
+      refresh_token_data: {
+        user_id: user.id,
+        expires_at: getExpiryDate(
+          parseInt(process.env.REFRESH_TOKEN_EXPIRES, 10)
+        ),
+      },
+    })
+    .toPromise();
+
+  if (result.error) {
+    console.error(result.error);
     return apiError(
-      Boom.badImplementation("Could not update 'refresh token' for user")
+      Boom.badImplementation(
+        "Could not update 'refresh token' for user",
+        username
+      )
     );
   }
+
   console.log("[login]", user.id);
   const { refresh_token } = result.data.insert_data.returning[0];
 

src/pages/api/logout.js

@@ -27,16 +27,16 @@ export default async function logout(req, res) {
 
   // delete refresh token passed in data
 
-  try {
-    await client
-      .query(mutation, {
-        refresh_token: refresh_token,
-      })
-      .toPromise();
-  } catch (e) {
-    console.error(e);
-    // let this error pass. Just log out the user by sending https status code 200 back
+  const result = await client
+    .query(mutation, {
+      refresh_token: refresh_token,
+    })
+    .toPromise();
+
+  if (result.error) {
+    console.error("logout error", result.error);
   }
+
   console.log("[ logout ]", { refresh_token });
   res.setHeader(
     "Set-Cookie",

src/pages/api/refresh_token.js

@@ -1,10 +1,10 @@
 import Boom from "@hapi/boom";
 import Joi from "@hapi/joi";
-import { setRefreshTokenCookie } from "src/lib/setRefreshTokenCookie";
 import { createErrorFor } from "src/lib/apiError";
 import { getExpiryDate } from "src/lib/duration";
 import { client } from "src/lib/graphqlApiClient";
 import { generateJwtToken } from "src/lib/jwt";
+import { setRefreshTokenCookie } from "src/lib/setRefreshTokenCookie";
 import { v4 as uuidv4 } from "uuid";
 import {
   deletePreviousRefreshTokenMutation,
@@ -16,7 +16,7 @@ export default async function refreshToken(req, res) {
   const schema = Joi.object({
     refresh_token: Joi.string().guid({ version: "uuidv4" }).required(),
   }).unknown();
-  console.log("[ /api/refresh_token ]", req.cookies, req.hostname);
+
   let { error, value } = schema.validate(req.query);
 
   if (error) {
@@ -36,28 +36,18 @@ export default async function refreshToken(req, res) {
   if (error) {
     return apiError(Boom.badRequest(error.details[0].message));
   }
-  let result;
-  try {
-    console.log({
+
+  let result = await client
+    .query(getRefreshTokenQuery, {
       refresh_token,
       current_timestampz: new Date(),
-    });
-    result = await client
-      .query(getRefreshTokenQuery, {
-        refresh_token,
-        current_timestampz: new Date(),
-      })
-      .toPromise();
-  } catch (e) {
-    console.error(e);
-    console.error("Error connecting to GraphQL");
+    })
+    .toPromise();
+
+  if (result.error) {
+    console.error(result.error);
     return apiError(Boom.unauthorized("Invalid 'refresh_token'"));
   }
-  console.log(
-    "[ api/refresh_token ]",
-    { refresh_token },
-    result.data.refresh_tokens.length > 0 ? "found" : "unknown"
-  );
 
   if (result.data.refresh_tokens.length === 0) {
     console.error("Incorrect user id or refresh token", refresh_token);
@@ -73,24 +63,24 @@ export default async function refreshToken(req, res) {
     new_refresh_token,
   });
 
-  try {
-    await client
-      .query(deletePreviousRefreshTokenMutation, {
-        old_refresh_token: refresh_token,
-        new_refresh_token_data: {
-          user_id: user.id,
-          refresh_token: new_refresh_token,
-          expires_at: getExpiryDate(
-            parseInt(process.env.REFRESH_TOKEN_EXPIRES, 10)
-          ),
-        },
-      })
-      .toPromise();
-  } catch (e) {
-    console.error(e);
-    console.error("unable to create new refresh token and delete old");
+  result = await client
+    .query(deletePreviousRefreshTokenMutation, {
+      old_refresh_token: refresh_token,
+      new_refresh_token_data: {
+        user_id: user.id,
+        refresh_token: new_refresh_token,
+        expires_at: getExpiryDate(
+          parseInt(process.env.REFRESH_TOKEN_EXPIRES, 10)
+        ),
+      },
+    })
+    .toPromise();
+
+  if (result.error) {
+    console.error(result.error);
     return apiError(Boom.unauthorized("Invalid 'refresh_token'"));
   }
+
   const jwt_token = generateJwtToken(user);
 
   setRefreshTokenCookie(res, new_refresh_token);

src/pages/api/reset_password.js

@@ -24,28 +24,25 @@ export default async function reset_password(req, res) {
   }
 
   const { email } = value;
-  let result;
-  try {
-    result = await client
-      .query(udpateSecretTokenMutation, {
-        email,
-        secret_token: uuidv4(),
-        expires: getExpiryDate(
-          parseInt(process.env.NEXT_PUBLIC_ACTIVATION_TOKEN_EXPIRES, 10)
-        ),
-      })
-      .toPromise();
-    if (result.error) {
-      throw result.error;
-    }
-  } catch (error) {
+  const result = await client
+    .query(udpateSecretTokenMutation, {
+      email,
+      secret_token: uuidv4(),
+      expires: getExpiryDate(
+        parseInt(process.env.NEXT_PUBLIC_ACTIVATION_TOKEN_EXPIRES, 10)
+      ),
+    })
+    .toPromise();
+
+  if (result.error) {
     // silently fail to not disclose if user exists or not
-    console.error(error);
+    console.error(result.error);
+    res.json({ message: "reset password" });
+    return;
   }
 
   console.log("[reset_password]", email);
-
-  res.json({ message: "reset password started" });
+  res.json({ message: "reset password" });
 }
 
 const udpateSecretTokenMutation = `

src/pages/api/webhooks/account.js

@@ -1,7 +1,8 @@
-import { createErrorFor } from "../../../../src/lib/apiError";
-import Joi from "@hapi/joi";
 import Boom from "@hapi/boom";
-import sendmail from "../../../lib/sendmail";
+import Joi from "@hapi/joi";
+import { createErrorFor } from "src/lib/apiError";
+import sendmail from "src/lib/sendmail";
+
 const BASE_URL =
   process.env.FRONTEND_URL || `http://localhost:${process.env.PORT}`;
 export default async function accountWebhook(req, res) {