Skip to content
This repository was archived by the owner on Jun 11, 2025. It is now read-only.

API: Invite code implementation#326

Merged
nxtcoder17 merged 1 commit into
mainfrom
feat/invite-code
May 27, 2024
Merged

API: Invite code implementation#326
nxtcoder17 merged 1 commit into
mainfrom
feat/invite-code

Conversation

@nxtcoder19
Copy link
Copy Markdown
Contributor

@nxtcoder19 nxtcoder19 commented May 27, 2024

sourcery-ai[bot]
sourcery-ai Bot reviewed May 27, 2024
View reviewed changes
Copy link
Copy Markdown

@sourcery-ai sourcery-ai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @nxtcoder19 - I've reviewed your changes and found some issues that need to be addressed.

Blocking issues:

  • Potential hard-coded invite code found. (link)
  • Potential hard-coded invite code found. (link)
Here's what I looked at during the review
  • 🟡 General issues: 1 issue found
  • 🔴 Security: 2 blocking issues
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.

Comment thread apps/auth/internal/app/graph/generated/generated.go
auth_resendVerificationEmail: Boolean! @isLoggedIn
auth_changePassword(currentPassword: String!, newPassword: String!): Boolean! @isLoggedInAndVerified

auth_createInviteCode(name: String!, inviteCode: String!): InviteCode!
Copy link
Copy Markdown

@sourcery-ai sourcery-ai Bot May 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Consider adding a description for the new GraphQL fields.

Adding descriptions to the new GraphQL fields 'auth_createInviteCode', 'auth_deleteInviteCode', and 'auth_verifyInviteCode' would improve the schema documentation.

Suggested change
auth_createInviteCode(name: String!, inviteCode: String!): InviteCode!
# Creates a new invite code with the specified name and invite code.
auth_createInviteCode(name: String!, inviteCode: String!): InviteCode!

Comment thread apps/auth/internal/app/graph/schema.graphqls
auth_resendVerificationEmail: Boolean! @isLoggedIn
auth_changePassword(currentPassword: String!, newPassword: String!): Boolean! @isLoggedInAndVerified

auth_createInviteCode(name: String!, inviteCode: String!): InviteCode!
Copy link
Copy Markdown

@sourcery-ai sourcery-ai Bot May 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 issue (security): Potential hard-coded invite code found.

The inviteCode parameter in the auth_createInviteCode mutation appears to be a hard-coded secret. Consider using a more secure method to handle invite codes, such as generating them dynamically or fetching them from a secure source.

Comment thread apps/auth/internal/app/graph/schema.graphqls
type InviteCode {
id: ID!
name: String!
inviteCode: String!
Copy link
Copy Markdown

@sourcery-ai sourcery-ai Bot May 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 issue (security): Potential hard-coded invite code found.

The inviteCode field in the InviteCode type appears to be a hard-coded secret. Consider using a more secure method to handle invite codes, such as generating them dynamically or fetching them from a secure source.

@nxtcoder17 nxtcoder17 merged commit d8665b9 into main May 27, 2024
@nxtcoder17 nxtcoder17 deleted the feat/invite-code branch May 27, 2024 05:58
abdheshnayak pushed a commit that referenced this pull request Nov 5, 2024
@nxtcoder17
Merge pull request #326 from kloudlite/feat/invite-code
bff47d8 
API: Invite code implementation
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@karthik1729 karthik1729 Awaiting requested review from karthik1729 karthik1729 is a code owner

@nxtcoder17 nxtcoder17 Awaiting requested review from nxtcoder17 nxtcoder17 is a code owner

1 more reviewer

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

API: Invite code implementation

2 participants

@nxtcoder19 @nxtcoder17