mirror of
https://github.com/HeyPuter/puter.git
synced 2025-01-28 02:08:42 +08:00
Added configuration option for closing registration
Set config.registration_closed=true; in ./src/backend/src/config.js to close registration
This commit is contained in:
parent
56b73b385d
commit
222d7dede3
@ -65,273 +65,281 @@ module.exports = eggspress(['/signup'], {
|
||||
body: req.body,
|
||||
});
|
||||
|
||||
// check bot trap, if `p102xyzname` is anything but an empty string it means
|
||||
// that a bot has filled the form
|
||||
// doesn't apply to temp users
|
||||
if(!req.body.is_temp && req.body.p102xyzname !== '')
|
||||
return res.send();
|
||||
|
||||
// check if user is already logged in
|
||||
if ( req.body.is_temp && req.cookies[config.cookie_name] ) {
|
||||
const { user, token } = await svc_auth.check_session(
|
||||
req.cookies[config.cookie_name]
|
||||
if(config.registration_closed==true)
|
||||
{
|
||||
return res.status(403).send('Registration is closed.');
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
// check bot trap, if `p102xyzname` is anything but an empty string it means
|
||||
// that a bot has filled the form
|
||||
// doesn't apply to temp users
|
||||
if(!req.body.is_temp && req.body.p102xyzname !== '')
|
||||
return res.send();
|
||||
|
||||
// check if user is already logged in
|
||||
if ( req.body.is_temp && req.cookies[config.cookie_name] ) {
|
||||
const { user, token } = await svc_auth.check_session(
|
||||
req.cookies[config.cookie_name]
|
||||
);
|
||||
res.cookie(config.cookie_name, token, {
|
||||
sameSite: 'none',
|
||||
secure: true,
|
||||
httpOnly: true,
|
||||
});
|
||||
// const decoded = await jwt.verify(token, config.jwt_secret);
|
||||
// const user = await get_user({ uuid: decoded.uuid });
|
||||
if ( user ) {
|
||||
return res.send({
|
||||
token: token,
|
||||
user: {
|
||||
username: user.username,
|
||||
uuid: user.uuid,
|
||||
email: user.email,
|
||||
email_confirmed: user.email_confirmed,
|
||||
requires_email_confirmation: user.requires_email_confirmation,
|
||||
is_temp: (user.password === null && user.email === null),
|
||||
taskbar_items: await get_taskbar_items(user),
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// temporary user
|
||||
if(req.body.is_temp && !config.disable_temp_users){
|
||||
req.body.username = await generate_random_username();
|
||||
req.body.email = req.body.username + '@gmail.com';
|
||||
req.body.password = 'sadasdfasdfsadfsa';
|
||||
}else if(config.disable_temp_users){
|
||||
return res.status(400).send('Temp users are disabled.');
|
||||
}
|
||||
|
||||
// send_confirmation_code
|
||||
req.body.send_confirmation_code = req.body.send_confirmation_code ?? true;
|
||||
|
||||
// username is required
|
||||
if(!req.body.username)
|
||||
return res.status(400).send('Username is required')
|
||||
// username must be a string
|
||||
else if (typeof req.body.username !== 'string')
|
||||
return res.status(400).send('username must be a string.')
|
||||
// check if username is valid
|
||||
else if(!req.body.username.match(config.username_regex))
|
||||
return res.status(400).send('Username can only contain letters, numbers and underscore (_).')
|
||||
// check if username is of proper length
|
||||
else if(req.body.username.length > config.username_max_length)
|
||||
return res.status(400).send(`Username cannot be longer than ${config.username_max_length} characters.`)
|
||||
// check if username matches any reserved words
|
||||
else if(config.reserved_words.includes(req.body.username))
|
||||
return res.status(400).send({message: 'This username is not available.'});
|
||||
// TODO: DRY: change_email.js
|
||||
else if(!req.body.is_temp && !req.body.email)
|
||||
return res.status(400).send('Email is required');
|
||||
// email, if present, must be a string
|
||||
else if (req.body.email && typeof req.body.email !== 'string')
|
||||
return res.status(400).send('email must be a string.')
|
||||
// if email is present, validate it
|
||||
else if(!req.body.is_temp && !validator.isEmail(req.body.email))
|
||||
return res.status(400).send('Please enter a valid email address.')
|
||||
else if(!req.body.is_temp && !req.body.password)
|
||||
return res.status(400).send('Password is required');
|
||||
// password, if present, must be a string
|
||||
else if (req.body.password && typeof req.body.password !== 'string')
|
||||
return res.status(400).send('password must be a string.')
|
||||
else if(!req.body.is_temp && req.body.password.length < config.min_pass_length)
|
||||
return res.status(400).send(`Password must be at least ${config.min_pass_length} characters long.`);
|
||||
|
||||
// duplicate username check
|
||||
if(await username_exists(req.body.username))
|
||||
return res.status(400).send('This username already exists in our database. Please use another one.');
|
||||
// duplicate email check (pseudo-users don't count)
|
||||
let rows2 = await db.read(`SELECT EXISTS(SELECT 1 FROM user WHERE email=? AND password IS NOT NULL) AS email_exists`, [req.body.email]);
|
||||
if(rows2[0].email_exists)
|
||||
return res.status(400).send('This email already exists in our database. Please use another one.');
|
||||
// get pseudo user, if exists
|
||||
let pseudo_user = await db.read(`SELECT * FROM user WHERE email = ? AND password IS NULL`, [req.body.email]);
|
||||
pseudo_user = pseudo_user[0];
|
||||
// get uuid user, if exists
|
||||
if(req.body.uuid){
|
||||
uuid_user = await db.read(`SELECT * FROM user WHERE uuid = ? LIMIT 1`, [req.body.uuid]);
|
||||
uuid_user = uuid_user[0];
|
||||
}
|
||||
|
||||
// email confirmation is required by default unless:
|
||||
// Pseudo user converting and matching uuid is provided
|
||||
let email_confirmation_required = 1;
|
||||
if(pseudo_user && uuid_user && pseudo_user.id === uuid_user.id)
|
||||
email_confirmation_required = 0;
|
||||
|
||||
// -----------------------------------
|
||||
// Get referral user
|
||||
// -----------------------------------
|
||||
let referred_by_user = undefined;
|
||||
if ( req.body.referral_code ) {
|
||||
referred_by_user = await get_user({ referral_code: req.body.referral_code });
|
||||
if ( ! referred_by_user ) {
|
||||
return res.status(400).send('Referral code not found');
|
||||
}
|
||||
}
|
||||
|
||||
// -----------------------------------
|
||||
// New User
|
||||
// -----------------------------------
|
||||
const user_uuid = uuidv4();
|
||||
const email_confirm_token = uuidv4();
|
||||
let insert_res;
|
||||
let email_confirm_code = Math.floor(100000 + Math.random() * 900000);
|
||||
|
||||
if(pseudo_user === undefined){
|
||||
insert_res = await db.write(
|
||||
`INSERT INTO user
|
||||
(username, email, password, uuid, referrer, email_confirm_code, email_confirm_token, free_storage, referred_by) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
|
||||
[
|
||||
// username
|
||||
req.body.username,
|
||||
// email
|
||||
req.body.is_temp ? null : req.body.email,
|
||||
// password
|
||||
req.body.is_temp ? null : await bcrypt.hash(req.body.password, 8),
|
||||
// uuid
|
||||
user_uuid,
|
||||
// referrer
|
||||
req.body.referrer ?? null,
|
||||
// email_confirm_code
|
||||
email_confirm_code,
|
||||
// email_confirm_token
|
||||
email_confirm_token,
|
||||
// free_storage
|
||||
config.storage_capacity,
|
||||
// referred_by
|
||||
referred_by_user ? referred_by_user.id : null,
|
||||
]);
|
||||
|
||||
// record activity
|
||||
db.write(
|
||||
'UPDATE `user` SET `last_activity_ts` = now() WHERE id=? LIMIT 1',
|
||||
[insert_res.insertId]
|
||||
);
|
||||
|
||||
// TODO: cache group id
|
||||
const svc_group = req.services.get('group');
|
||||
await svc_group.add_users({
|
||||
uid: req.body.is_temp ?
|
||||
config.default_temp_group : config.default_user_group,
|
||||
users: [req.body.username]
|
||||
});
|
||||
}
|
||||
// -----------------------------------
|
||||
// Pseudo User converting
|
||||
// -----------------------------------
|
||||
else{
|
||||
insert_res = await db.write(
|
||||
`UPDATE user SET
|
||||
username = ?, password = ?, uuid = ?, email_confirm_code = ?, email_confirm_token = ?, email_confirmed = ?, requires_email_confirmation = 1,
|
||||
referred_by = ?
|
||||
WHERE id = ?`,
|
||||
[
|
||||
// username
|
||||
req.body.username,
|
||||
// password
|
||||
await bcrypt.hash(req.body.password, 8),
|
||||
// uuid
|
||||
user_uuid,
|
||||
// email_confirm_code
|
||||
email_confirm_code,
|
||||
// email_confirm_token
|
||||
email_confirm_token,
|
||||
// email_confirmed
|
||||
!email_confirmation_required,
|
||||
// id
|
||||
pseudo_user.id,
|
||||
// referred_by
|
||||
referred_by_user ? referred_by_user.id : null,
|
||||
]
|
||||
);
|
||||
|
||||
// TODO: cache group ids
|
||||
const svc_group = req.services.get('group');
|
||||
await svc_group.remove_users({
|
||||
uid: config.default_temp_group,
|
||||
users: [req.body.username],
|
||||
});
|
||||
await svc_group.add_users({
|
||||
uid: config.default_user_group,
|
||||
users: [req.body.username]
|
||||
});
|
||||
|
||||
// record activity
|
||||
db.write('UPDATE `user` SET `last_activity_ts` = now() WHERE id=? LIMIT 1', [pseudo_user.id]);
|
||||
invalidate_cached_user_by_id(pseudo_user.id);
|
||||
}
|
||||
|
||||
// user id
|
||||
// todo if pseudo user, assign directly no need to do another DB lookup
|
||||
const user_id = (pseudo_user === undefined) ? insert_res.insertId : pseudo_user.id;
|
||||
|
||||
const [user] = await db.pread(
|
||||
'SELECT * FROM `user` WHERE `id` = ? LIMIT 1',
|
||||
[user_id]
|
||||
);
|
||||
|
||||
// create token for login
|
||||
const { token } = await svc_auth.create_session_token(user, {
|
||||
req,
|
||||
});
|
||||
// jwt.sign({uuid: user_uuid}, config.jwt_secret);
|
||||
|
||||
//-------------------------------------------------------------
|
||||
// email confirmation
|
||||
//-------------------------------------------------------------
|
||||
if((!req.body.is_temp && email_confirmation_required) || user.requires_email_confirmation){
|
||||
if(req.body.send_confirmation_code || user.requires_email_confirmation)
|
||||
send_email_verification_code(email_confirm_code, user.email);
|
||||
else
|
||||
send_email_verification_token(user.email_confirm_token, user.email, user.uuid);
|
||||
}
|
||||
|
||||
//-------------------------------------------------------------
|
||||
// referral code
|
||||
//-------------------------------------------------------------
|
||||
let referral_code;
|
||||
if ( pseudo_user === undefined ) {
|
||||
const svc_referralCode = Context.get('services')
|
||||
.get('referral-code', { optional: true });
|
||||
if ( svc_referralCode ) {
|
||||
referral_code = await svc_referralCode.gen_referral_code(user);
|
||||
}
|
||||
}
|
||||
|
||||
await generate_system_fsentries(user);
|
||||
|
||||
//set cookie
|
||||
res.cookie(config.cookie_name, token, {
|
||||
sameSite: 'none',
|
||||
secure: true,
|
||||
httpOnly: true,
|
||||
});
|
||||
// const decoded = await jwt.verify(token, config.jwt_secret);
|
||||
// const user = await get_user({ uuid: decoded.uuid });
|
||||
if ( user ) {
|
||||
return res.send({
|
||||
token: token,
|
||||
user: {
|
||||
username: user.username,
|
||||
uuid: user.uuid,
|
||||
email: user.email,
|
||||
email_confirmed: user.email_confirmed,
|
||||
requires_email_confirmation: user.requires_email_confirmation,
|
||||
is_temp: (user.password === null && user.email === null),
|
||||
taskbar_items: await get_taskbar_items(user),
|
||||
}
|
||||
});
|
||||
|
||||
// add to mailchimp
|
||||
if(!req.body.is_temp){
|
||||
const svc_event = Context.get('services').get('event');
|
||||
svc_event.emit('user.save_account', { user });
|
||||
}
|
||||
|
||||
// return results
|
||||
return res.send({
|
||||
token: token,
|
||||
user:{
|
||||
username: user.username,
|
||||
uuid: user.uuid,
|
||||
email: user.email,
|
||||
email_confirmed: user.email_confirmed,
|
||||
requires_email_confirmation: user.requires_email_confirmation,
|
||||
is_temp: (user.password === null && user.email === null),
|
||||
taskbar_items: await get_taskbar_items(user),
|
||||
referral_code,
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
// temporary user
|
||||
if(req.body.is_temp && !config.disable_temp_users){
|
||||
req.body.username = await generate_random_username();
|
||||
req.body.email = req.body.username + '@gmail.com';
|
||||
req.body.password = 'sadasdfasdfsadfsa';
|
||||
}else if(config.disable_temp_users){
|
||||
return res.status(400).send('Temp users are disabled.');
|
||||
}
|
||||
|
||||
// send_confirmation_code
|
||||
req.body.send_confirmation_code = req.body.send_confirmation_code ?? true;
|
||||
|
||||
// username is required
|
||||
if(!req.body.username)
|
||||
return res.status(400).send('Username is required')
|
||||
// username must be a string
|
||||
else if (typeof req.body.username !== 'string')
|
||||
return res.status(400).send('username must be a string.')
|
||||
// check if username is valid
|
||||
else if(!req.body.username.match(config.username_regex))
|
||||
return res.status(400).send('Username can only contain letters, numbers and underscore (_).')
|
||||
// check if username is of proper length
|
||||
else if(req.body.username.length > config.username_max_length)
|
||||
return res.status(400).send(`Username cannot be longer than ${config.username_max_length} characters.`)
|
||||
// check if username matches any reserved words
|
||||
else if(config.reserved_words.includes(req.body.username))
|
||||
return res.status(400).send({message: 'This username is not available.'});
|
||||
// TODO: DRY: change_email.js
|
||||
else if(!req.body.is_temp && !req.body.email)
|
||||
return res.status(400).send('Email is required');
|
||||
// email, if present, must be a string
|
||||
else if (req.body.email && typeof req.body.email !== 'string')
|
||||
return res.status(400).send('email must be a string.')
|
||||
// if email is present, validate it
|
||||
else if(!req.body.is_temp && !validator.isEmail(req.body.email))
|
||||
return res.status(400).send('Please enter a valid email address.')
|
||||
else if(!req.body.is_temp && !req.body.password)
|
||||
return res.status(400).send('Password is required');
|
||||
// password, if present, must be a string
|
||||
else if (req.body.password && typeof req.body.password !== 'string')
|
||||
return res.status(400).send('password must be a string.')
|
||||
else if(!req.body.is_temp && req.body.password.length < config.min_pass_length)
|
||||
return res.status(400).send(`Password must be at least ${config.min_pass_length} characters long.`);
|
||||
|
||||
// duplicate username check
|
||||
if(await username_exists(req.body.username))
|
||||
return res.status(400).send('This username already exists in our database. Please use another one.');
|
||||
// duplicate email check (pseudo-users don't count)
|
||||
let rows2 = await db.read(`SELECT EXISTS(SELECT 1 FROM user WHERE email=? AND password IS NOT NULL) AS email_exists`, [req.body.email]);
|
||||
if(rows2[0].email_exists)
|
||||
return res.status(400).send('This email already exists in our database. Please use another one.');
|
||||
// get pseudo user, if exists
|
||||
let pseudo_user = await db.read(`SELECT * FROM user WHERE email = ? AND password IS NULL`, [req.body.email]);
|
||||
pseudo_user = pseudo_user[0];
|
||||
// get uuid user, if exists
|
||||
if(req.body.uuid){
|
||||
uuid_user = await db.read(`SELECT * FROM user WHERE uuid = ? LIMIT 1`, [req.body.uuid]);
|
||||
uuid_user = uuid_user[0];
|
||||
}
|
||||
|
||||
// email confirmation is required by default unless:
|
||||
// Pseudo user converting and matching uuid is provided
|
||||
let email_confirmation_required = 1;
|
||||
if(pseudo_user && uuid_user && pseudo_user.id === uuid_user.id)
|
||||
email_confirmation_required = 0;
|
||||
|
||||
// -----------------------------------
|
||||
// Get referral user
|
||||
// -----------------------------------
|
||||
let referred_by_user = undefined;
|
||||
if ( req.body.referral_code ) {
|
||||
referred_by_user = await get_user({ referral_code: req.body.referral_code });
|
||||
if ( ! referred_by_user ) {
|
||||
return res.status(400).send('Referral code not found');
|
||||
}
|
||||
}
|
||||
|
||||
// -----------------------------------
|
||||
// New User
|
||||
// -----------------------------------
|
||||
const user_uuid = uuidv4();
|
||||
const email_confirm_token = uuidv4();
|
||||
let insert_res;
|
||||
let email_confirm_code = Math.floor(100000 + Math.random() * 900000);
|
||||
|
||||
if(pseudo_user === undefined){
|
||||
insert_res = await db.write(
|
||||
`INSERT INTO user
|
||||
(username, email, password, uuid, referrer, email_confirm_code, email_confirm_token, free_storage, referred_by) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
|
||||
[
|
||||
// username
|
||||
req.body.username,
|
||||
// email
|
||||
req.body.is_temp ? null : req.body.email,
|
||||
// password
|
||||
req.body.is_temp ? null : await bcrypt.hash(req.body.password, 8),
|
||||
// uuid
|
||||
user_uuid,
|
||||
// referrer
|
||||
req.body.referrer ?? null,
|
||||
// email_confirm_code
|
||||
email_confirm_code,
|
||||
// email_confirm_token
|
||||
email_confirm_token,
|
||||
// free_storage
|
||||
config.storage_capacity,
|
||||
// referred_by
|
||||
referred_by_user ? referred_by_user.id : null,
|
||||
]);
|
||||
|
||||
// record activity
|
||||
db.write(
|
||||
'UPDATE `user` SET `last_activity_ts` = now() WHERE id=? LIMIT 1',
|
||||
[insert_res.insertId]
|
||||
);
|
||||
|
||||
// TODO: cache group id
|
||||
const svc_group = req.services.get('group');
|
||||
await svc_group.add_users({
|
||||
uid: req.body.is_temp ?
|
||||
config.default_temp_group : config.default_user_group,
|
||||
users: [req.body.username]
|
||||
});
|
||||
}
|
||||
// -----------------------------------
|
||||
// Pseudo User converting
|
||||
// -----------------------------------
|
||||
else{
|
||||
insert_res = await db.write(
|
||||
`UPDATE user SET
|
||||
username = ?, password = ?, uuid = ?, email_confirm_code = ?, email_confirm_token = ?, email_confirmed = ?, requires_email_confirmation = 1,
|
||||
referred_by = ?
|
||||
WHERE id = ?`,
|
||||
[
|
||||
// username
|
||||
req.body.username,
|
||||
// password
|
||||
await bcrypt.hash(req.body.password, 8),
|
||||
// uuid
|
||||
user_uuid,
|
||||
// email_confirm_code
|
||||
email_confirm_code,
|
||||
// email_confirm_token
|
||||
email_confirm_token,
|
||||
// email_confirmed
|
||||
!email_confirmation_required,
|
||||
// id
|
||||
pseudo_user.id,
|
||||
// referred_by
|
||||
referred_by_user ? referred_by_user.id : null,
|
||||
]
|
||||
);
|
||||
|
||||
// TODO: cache group ids
|
||||
const svc_group = req.services.get('group');
|
||||
await svc_group.remove_users({
|
||||
uid: config.default_temp_group,
|
||||
users: [req.body.username],
|
||||
});
|
||||
await svc_group.add_users({
|
||||
uid: config.default_user_group,
|
||||
users: [req.body.username]
|
||||
});
|
||||
|
||||
// record activity
|
||||
db.write('UPDATE `user` SET `last_activity_ts` = now() WHERE id=? LIMIT 1', [pseudo_user.id]);
|
||||
invalidate_cached_user_by_id(pseudo_user.id);
|
||||
}
|
||||
|
||||
// user id
|
||||
// todo if pseudo user, assign directly no need to do another DB lookup
|
||||
const user_id = (pseudo_user === undefined) ? insert_res.insertId : pseudo_user.id;
|
||||
|
||||
const [user] = await db.pread(
|
||||
'SELECT * FROM `user` WHERE `id` = ? LIMIT 1',
|
||||
[user_id]
|
||||
);
|
||||
|
||||
// create token for login
|
||||
const { token } = await svc_auth.create_session_token(user, {
|
||||
req,
|
||||
});
|
||||
// jwt.sign({uuid: user_uuid}, config.jwt_secret);
|
||||
|
||||
//-------------------------------------------------------------
|
||||
// email confirmation
|
||||
//-------------------------------------------------------------
|
||||
if((!req.body.is_temp && email_confirmation_required) || user.requires_email_confirmation){
|
||||
if(req.body.send_confirmation_code || user.requires_email_confirmation)
|
||||
send_email_verification_code(email_confirm_code, user.email);
|
||||
else
|
||||
send_email_verification_token(user.email_confirm_token, user.email, user.uuid);
|
||||
}
|
||||
|
||||
//-------------------------------------------------------------
|
||||
// referral code
|
||||
//-------------------------------------------------------------
|
||||
let referral_code;
|
||||
if ( pseudo_user === undefined ) {
|
||||
const svc_referralCode = Context.get('services')
|
||||
.get('referral-code', { optional: true });
|
||||
if ( svc_referralCode ) {
|
||||
referral_code = await svc_referralCode.gen_referral_code(user);
|
||||
}
|
||||
}
|
||||
|
||||
await generate_system_fsentries(user);
|
||||
|
||||
//set cookie
|
||||
res.cookie(config.cookie_name, token, {
|
||||
sameSite: 'none',
|
||||
secure: true,
|
||||
httpOnly: true,
|
||||
});
|
||||
|
||||
// add to mailchimp
|
||||
if(!req.body.is_temp){
|
||||
const svc_event = Context.get('services').get('event');
|
||||
svc_event.emit('user.save_account', { user });
|
||||
}
|
||||
|
||||
// return results
|
||||
return res.send({
|
||||
token: token,
|
||||
user:{
|
||||
username: user.username,
|
||||
uuid: user.uuid,
|
||||
email: user.email,
|
||||
email_confirmed: user.email_confirmed,
|
||||
requires_email_confirmation: user.requires_email_confirmation,
|
||||
is_temp: (user.password === null && user.email === null),
|
||||
taskbar_items: await get_taskbar_items(user),
|
||||
referral_code,
|
||||
}
|
||||
})
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user