[github/Chocobozzz/PeerTube.git] / server / middlewares / validators / users.ts

import * as Bluebird from 'bluebird'
import * as express from 'express'
import 'express-validator'
import { body, param } from 'express-validator/check'
import { omit } from 'lodash'
import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
import {
  isUserAutoPlayVideoValid, isUserBlockedReasonValid,
  isUserDescriptionValid,
  isUserDisplayNameValid,
  isUserNSFWPolicyValid,
  isUserPasswordValid,
  isUserRoleValid,
  isUserUsernameValid,
  isUserVideoQuotaValid,
  isUserVideoQuotaDailyValid
} from '../../helpers/custom-validators/users'
import { isVideoExist } from '../../helpers/custom-validators/videos'
import { logger } from '../../helpers/logger'
import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/signup'
import { Redis } from '../../lib/redis'
import { UserModel } from '../../models/account/user'
import { areValidationErrors } from './utils'
import { ActorModel } from '../../models/activitypub/actor'

const usersAddValidator = [
  body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'),
  body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),
  body('email').isEmail().withMessage('Should have a valid email'),
  body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
  body('videoQuotaDaily').custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
  body('role').custom(isUserRoleValid).withMessage('Should have a valid role'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersAdd parameters', { parameters: omit(req.body, 'password') })

    if (areValidationErrors(req, res)) return
    if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return

    return next()
  }
]

const usersRegisterValidator = [
  body('username').custom(isUserUsernameValid).withMessage('Should have a valid username'),
  body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),
  body('email').isEmail().withMessage('Should have a valid email'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersRegister parameters', { parameters: omit(req.body, 'password') })

    if (areValidationErrors(req, res)) return
    if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return

    return next()
  }
]

const usersRemoveValidator = [
  param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersRemove parameters', { parameters: req.params })

    if (areValidationErrors(req, res)) return
    if (!await checkUserIdExist(req.params.id, res)) return

    const user = res.locals.user
    if (user.username === 'root') {
      return res.status(400)
                .send({ error: 'Cannot remove the root user' })
                .end()
    }

    return next()
  }
]

const usersBlockingValidator = [
  param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
  body('reason').optional().custom(isUserBlockedReasonValid).withMessage('Should have a valid blocking reason'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersBlocking parameters', { parameters: req.params })

    if (areValidationErrors(req, res)) return
    if (!await checkUserIdExist(req.params.id, res)) return

    const user = res.locals.user
    if (user.username === 'root') {
      return res.status(400)
                .send({ error: 'Cannot block the root user' })
                .end()
    }

    return next()
  }
]

const deleteMeValidator = [
  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    const user: UserModel = res.locals.oauth.token.User
    if (user.username === 'root') {
      return res.status(400)
                .send({ error: 'You cannot delete your root account.' })
                .end()
    }

    return next()
  }
]

const usersUpdateValidator = [
  param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
  body('email').optional().isEmail().withMessage('Should have a valid email attribute'),
  body('videoQuota').optional().custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
  body('videoQuotaDaily').optional().custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
  body('role').optional().custom(isUserRoleValid).withMessage('Should have a valid role'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersUpdate parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    if (!await checkUserIdExist(req.params.id, res)) return

    const user = res.locals.user
    if (user.username === 'root' && req.body.role !== undefined && user.role !== req.body.role) {
      return res.status(400)
        .send({ error: 'Cannot change root role.' })
        .end()
    }

    return next()
  }
]

const usersUpdateMeValidator = [
  body('displayName').optional().custom(isUserDisplayNameValid).withMessage('Should have a valid display name'),
  body('description').optional().custom(isUserDescriptionValid).withMessage('Should have a valid description'),
  body('password').optional().custom(isUserPasswordValid).withMessage('Should have a valid password'),
  body('email').optional().isEmail().withMessage('Should have a valid email attribute'),
  body('nsfwPolicy').optional().custom(isUserNSFWPolicyValid).withMessage('Should have a valid display Not Safe For Work policy'),
  body('autoPlayVideo').optional().custom(isUserAutoPlayVideoValid).withMessage('Should have a valid automatically plays video attribute'),

  (req: express.Request, res: express.Response, next: express.NextFunction) => {
    // TODO: Add old password verification
    logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') })

    if (areValidationErrors(req, res)) return

    return next()
  }
]

const usersGetValidator = [
  param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersGet parameters', { parameters: req.params })

    if (areValidationErrors(req, res)) return
    if (!await checkUserIdExist(req.params.id, res)) return

    return next()
  }
]

const usersVideoRatingValidator = [
  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersVideoRating parameters', { parameters: req.params })

    if (areValidationErrors(req, res)) return
    if (!await isVideoExist(req.params.videoId, res)) return

    return next()
  }
]

const ensureUserRegistrationAllowed = [
  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    const allowed = await isSignupAllowed()
    if (allowed === false) {
      return res.status(403)
                .send({ error: 'User registration is not enabled or user limit is reached.' })
                .end()
    }

    return next()
  }
]

const ensureUserRegistrationAllowedForIP = [
  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    const allowed = isSignupAllowedForCurrentIP(req.ip)

    if (allowed === false) {
      return res.status(403)
                .send({ error: 'You are not on a network authorized for registration.' })
                .end()
    }

    return next()
  }
]

const usersAskResetPasswordValidator = [
  body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersAskResetPassword parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    const exists = await checkUserEmailExist(req.body.email, res, false)
    if (!exists) {
      logger.debug('User with email %s does not exist (asking reset password).', req.body.email)
      // Do not leak our emails
      return res.status(204).end()
    }

    return next()
  }
]

const usersResetPasswordValidator = [
  param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
  body('verificationString').not().isEmpty().withMessage('Should have a valid verification string'),
  body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersResetPassword parameters', { parameters: req.params })

    if (areValidationErrors(req, res)) return
    if (!await checkUserIdExist(req.params.id, res)) return

    const user = res.locals.user as UserModel
    const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id)

    if (redisVerificationString !== req.body.verificationString) {
      return res
        .status(403)
        .send({ error: 'Invalid verification string.' })
        .end()
    }

    return next()
  }
]

const usersAskSendVerifyEmailValidator = [
  body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking askUsersSendVerifyEmail parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    const exists = await checkUserEmailExist(req.body.email, res, false)
    if (!exists) {
      logger.debug('User with email %s does not exist (asking verify email).', req.body.email)
      // Do not leak our emails
      return res.status(204).end()
    }

    return next()
  }
]

const usersVerifyEmailValidator = [
  param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
  body('verificationString').not().isEmpty().withMessage('Should have a valid verification string'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking usersVerifyEmail parameters', { parameters: req.params })

    if (areValidationErrors(req, res)) return
    if (!await checkUserIdExist(req.params.id, res)) return

    const user = res.locals.user as UserModel
    const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id)

    if (redisVerificationString !== req.body.verificationString) {
      return res
        .status(403)
        .send({ error: 'Invalid verification string.' })
        .end()
    }

    return next()
  }
]

const userAutocompleteValidator = [
  param('search').isString().not().isEmpty().withMessage('Should have a search parameter')
]

// ---------------------------------------------------------------------------

export {
  usersAddValidator,
  deleteMeValidator,
  usersRegisterValidator,
  usersBlockingValidator,
  usersRemoveValidator,
  usersUpdateValidator,
  usersUpdateMeValidator,
  usersVideoRatingValidator,
  ensureUserRegistrationAllowed,
  ensureUserRegistrationAllowedForIP,
  usersGetValidator,
  usersAskResetPasswordValidator,
  usersResetPasswordValidator,
  usersAskSendVerifyEmailValidator,
  usersVerifyEmailValidator,
  userAutocompleteValidator
}

// ---------------------------------------------------------------------------

function checkUserIdExist (id: number, res: express.Response) {
  return checkUserExist(() => UserModel.loadById(id), res)
}

function checkUserEmailExist (email: string, res: express.Response, abortResponse = true) {
  return checkUserExist(() => UserModel.loadByEmail(email), res, abortResponse)
}

async function checkUserNameOrEmailDoesNotAlreadyExist (username: string, email: string, res: express.Response) {
  const user = await UserModel.loadByUsernameOrEmail(username, email)

  if (user) {
    res.status(409)
              .send({ error: 'User with this username or email already exists.' })
              .end()
    return false
  }

  const actor = await ActorModel.loadLocalByName(username)
  if (actor) {
    res.status(409)
       .send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' })
       .end()
    return false
  }

  return true
}

async function checkUserExist (finder: () => Bluebird<UserModel>, res: express.Response, abortResponse = true) {
  const user = await finder()

  if (!user) {
    if (abortResponse === true) {
      res.status(404)
        .send({ error: 'User not found' })
        .end()
    }

    return false
  }

  res.locals.user = user

  return true
}
Commit	Line	Data
ecb4e35f	1	import * as Bluebird from 'bluebird'
69818c93	2	import * as express from 'express'
a2431b7d C	3	import 'express-validator'
a2431b7d C	4	import { body, param } from 'express-validator/check'
ecb4e35f	5	import { omit } from 'lodash'
3fd3ab2d	6	import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
b60e5f38	7	import {
eacb25c4	8	isUserAutoPlayVideoValid, isUserBlockedReasonValid,
4bbfc6c6 C	9	isUserDescriptionValid,
4bbfc6c6 C	10	isUserDisplayNameValid,
0883b324	11	isUserNSFWPolicyValid,
ecb4e35f C	12	isUserPasswordValid,
	13	isUserRoleValid,
	14	isUserUsernameValid,
bee0abff FA	15	isUserVideoQuotaValid,
bee0abff FA	16	isUserVideoQuotaDailyValid
3fd3ab2d	17	} from '../../helpers/custom-validators/users'
47564bbe	18	import { isVideoExist } from '../../helpers/custom-validators/videos'
da854ddd	19	import { logger } from '../../helpers/logger'
06215f15	20	import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/signup'
ecb4e35f	21	import { Redis } from '../../lib/redis'
3fd3ab2d	22	import { UserModel } from '../../models/account/user'
a2431b7d	23	import { areValidationErrors } from './utils'
2ef6a063	24	import { ActorModel } from '../../models/activitypub/actor'
9bd26629	25
b60e5f38	26	const usersAddValidator = [
563d032e	27	body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'),
b60e5f38 C	28	body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),
	29	body('email').isEmail().withMessage('Should have a valid email'),
	30	body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
bee0abff	31	body('videoQuotaDaily').custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
954605a8	32	body('role').custom(isUserRoleValid).withMessage('Should have a valid role'),
9bd26629	33
a2431b7d	34	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
ce97fe36	35	logger.debug('Checking usersAdd parameters', { parameters: omit(req.body, 'password') })
9bd26629	36
a2431b7d C	37	if (areValidationErrors(req, res)) return
	38	if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return
	39
	40	return next()
b60e5f38 C	41	}
b60e5f38 C	42	]
6fcd19ba	43
b60e5f38 C	44	const usersRegisterValidator = [
	45	body('username').custom(isUserUsernameValid).withMessage('Should have a valid username'),
	46	body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),
	47	body('email').isEmail().withMessage('Should have a valid email'),
77a5501f	48
a2431b7d	49	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
ce97fe36	50	logger.debug('Checking usersRegister parameters', { parameters: omit(req.body, 'password') })
77a5501f	51
a2431b7d C	52	if (areValidationErrors(req, res)) return
	53	if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return
	54
	55	return next()
b60e5f38 C	56	}
b60e5f38 C	57	]
9bd26629	58
b60e5f38 C	59	const usersRemoveValidator = [
b60e5f38 C	60	param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
9bd26629	61
a2431b7d	62	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
b60e5f38	63	logger.debug('Checking usersRemove parameters', { parameters: req.params })
9bd26629	64
a2431b7d C	65	if (areValidationErrors(req, res)) return
	66	if (!await checkUserIdExist(req.params.id, res)) return
	67
	68	const user = res.locals.user
	69	if (user.username === 'root') {
	70	return res.status(400)
	71	.send({ error: 'Cannot remove the root user' })
	72	.end()
	73	}
	74
	75	return next()
b60e5f38 C	76	}
b60e5f38 C	77	]
8094a898	78
e6921918 C	79	const usersBlockingValidator = [
e6921918 C	80	param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
eacb25c4	81	body('reason').optional().custom(isUserBlockedReasonValid).withMessage('Should have a valid blocking reason'),
e6921918 C	82
e6921918 C	83	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
eacb25c4	84	logger.debug('Checking usersBlocking parameters', { parameters: req.params })
e6921918 C	85
	86	if (areValidationErrors(req, res)) return
	87	if (!await checkUserIdExist(req.params.id, res)) return
	88
	89	const user = res.locals.user
	90	if (user.username === 'root') {
	91	return res.status(400)
	92	.send({ error: 'Cannot block the root user' })
	93	.end()
	94	}
	95
	96	return next()
	97	}
	98	]
	99
92b9d60c C	100	const deleteMeValidator = [
	101	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	102	const user: UserModel = res.locals.oauth.token.User
	103	if (user.username === 'root') {
	104	return res.status(400)
	105	.send({ error: 'You cannot delete your root account.' })
	106	.end()
	107	}
	108
	109	return next()
	110	}
	111	]
	112
b60e5f38 C	113	const usersUpdateValidator = [
	114	param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
	115	body('email').optional().isEmail().withMessage('Should have a valid email attribute'),
	116	body('videoQuota').optional().custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
bee0abff	117	body('videoQuotaDaily').optional().custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
954605a8	118	body('role').optional().custom(isUserRoleValid).withMessage('Should have a valid role'),
8094a898	119
a2431b7d	120	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
b60e5f38	121	logger.debug('Checking usersUpdate parameters', { parameters: req.body })
9bd26629	122
a2431b7d C	123	if (areValidationErrors(req, res)) return
	124	if (!await checkUserIdExist(req.params.id, res)) return
	125
f8b8c36b C	126	const user = res.locals.user
	127	if (user.username === 'root' && req.body.role !== undefined && user.role !== req.body.role) {
	128	return res.status(400)
	129	.send({ error: 'Cannot change root role.' })
	130	.end()
	131	}
	132
a2431b7d	133	return next()
b60e5f38 C	134	}
b60e5f38 C	135	]
9bd26629	136
b60e5f38	137	const usersUpdateMeValidator = [
ed56ad11	138	body('displayName').optional().custom(isUserDisplayNameValid).withMessage('Should have a valid display name'),
2422c46b	139	body('description').optional().custom(isUserDescriptionValid).withMessage('Should have a valid description'),
b60e5f38 C	140	body('password').optional().custom(isUserPasswordValid).withMessage('Should have a valid password'),
b60e5f38 C	141	body('email').optional().isEmail().withMessage('Should have a valid email attribute'),
0883b324	142	body('nsfwPolicy').optional().custom(isUserNSFWPolicyValid).withMessage('Should have a valid display Not Safe For Work policy'),
7efe153b	143	body('autoPlayVideo').optional().custom(isUserAutoPlayVideoValid).withMessage('Should have a valid automatically plays video attribute'),
9bd26629	144
b60e5f38 C	145	(req: express.Request, res: express.Response, next: express.NextFunction) => {
b60e5f38 C	146	// TODO: Add old password verification
ce97fe36	147	logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') })
8094a898	148
a2431b7d C	149	if (areValidationErrors(req, res)) return
	150
	151	return next()
b60e5f38 C	152	}
b60e5f38 C	153	]
8094a898	154
b60e5f38 C	155	const usersGetValidator = [
b60e5f38 C	156	param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
d38b8281	157
a2431b7d	158	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
ce97fe36	159	logger.debug('Checking usersGet parameters', { parameters: req.params })
a2431b7d C	160
	161	if (areValidationErrors(req, res)) return
	162	if (!await checkUserIdExist(req.params.id, res)) return
	163
	164	return next()
b60e5f38 C	165	}
b60e5f38 C	166	]
d38b8281	167
b60e5f38	168	const usersVideoRatingValidator = [
72c7248b	169	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),
0a6658fd	170
a2431b7d	171	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
b60e5f38	172	logger.debug('Checking usersVideoRating parameters', { parameters: req.params })
0a6658fd	173
a2431b7d C	174	if (areValidationErrors(req, res)) return
	175	if (!await isVideoExist(req.params.videoId, res)) return
	176
	177	return next()
b60e5f38 C	178	}
	179	]
	180
	181	const ensureUserRegistrationAllowed = [
a2431b7d C	182	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	183	const allowed = await isSignupAllowed()
	184	if (allowed === false) {
	185	return res.status(403)
	186	.send({ error: 'User registration is not enabled or user limit is reached.' })
	187	.end()
	188	}
	189
	190	return next()
b60e5f38 C	191	}
b60e5f38 C	192	]
291e8d3e	193
ff2c1fe8 RK	194	const ensureUserRegistrationAllowedForIP = [
	195	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	196	const allowed = isSignupAllowedForCurrentIP(req.ip)
	197
	198	if (allowed === false) {
	199	return res.status(403)
	200	.send({ error: 'You are not on a network authorized for registration.' })
	201	.end()
	202	}
	203
	204	return next()
	205	}
	206	]
	207
ecb4e35f C	208	const usersAskResetPasswordValidator = [
	209	body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'),
	210
	211	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	212	logger.debug('Checking usersAskResetPassword parameters', { parameters: req.body })
	213
	214	if (areValidationErrors(req, res)) return
	215	const exists = await checkUserEmailExist(req.body.email, res, false)
	216	if (!exists) {
	217	logger.debug('User with email %s does not exist (asking reset password).', req.body.email)
	218	// Do not leak our emails
	219	return res.status(204).end()
	220	}
	221
	222	return next()
	223	}
	224	]
	225
	226	const usersResetPasswordValidator = [
	227	param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
	228	body('verificationString').not().isEmpty().withMessage('Should have a valid verification string'),
	229	body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),
	230
	231	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	232	logger.debug('Checking usersResetPassword parameters', { parameters: req.params })
	233
	234	if (areValidationErrors(req, res)) return
	235	if (!await checkUserIdExist(req.params.id, res)) return
	236
	237	const user = res.locals.user as UserModel
	238	const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id)
	239
	240	if (redisVerificationString !== req.body.verificationString) {
	241	return res
	242	.status(403)
	243	.send({ error: 'Invalid verification string.' })
f076daa7	244	.end()
ecb4e35f C	245	}
	246
	247	return next()
	248	}
	249	]
	250
d9eaee39 JM	251	const usersAskSendVerifyEmailValidator = [
	252	body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'),
	253
	254	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	255	logger.debug('Checking askUsersSendVerifyEmail parameters', { parameters: req.body })
	256
	257	if (areValidationErrors(req, res)) return
	258	const exists = await checkUserEmailExist(req.body.email, res, false)
	259	if (!exists) {
	260	logger.debug('User with email %s does not exist (asking verify email).', req.body.email)
	261	// Do not leak our emails
	262	return res.status(204).end()
	263	}
	264
	265	return next()
	266	}
	267	]
	268
	269	const usersVerifyEmailValidator = [
	270	param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
	271	body('verificationString').not().isEmpty().withMessage('Should have a valid verification string'),
	272
	273	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	274	logger.debug('Checking usersVerifyEmail parameters', { parameters: req.params })
	275
	276	if (areValidationErrors(req, res)) return
	277	if (!await checkUserIdExist(req.params.id, res)) return
	278
	279	const user = res.locals.user as UserModel
	280	const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id)
	281
	282	if (redisVerificationString !== req.body.verificationString) {
	283	return res
	284	.status(403)
	285	.send({ error: 'Invalid verification string.' })
	286	.end()
	287	}
	288
	289	return next()
	290	}
	291	]
	292
74d63469 GR	293	const userAutocompleteValidator = [
	294	param('search').isString().not().isEmpty().withMessage('Should have a search parameter')
	295	]
	296
9bd26629 C	297	// ---------------------------------------------------------------------------
9bd26629 C	298
65fcc311 C	299	export {
65fcc311 C	300	usersAddValidator,
92b9d60c	301	deleteMeValidator,
77a5501f	302	usersRegisterValidator,
e6921918	303	usersBlockingValidator,
65fcc311 C	304	usersRemoveValidator,
65fcc311 C	305	usersUpdateValidator,
8094a898	306	usersUpdateMeValidator,
291e8d3e	307	usersVideoRatingValidator,
8094a898	308	ensureUserRegistrationAllowed,
ff2c1fe8	309	ensureUserRegistrationAllowedForIP,
c5911fd3	310	usersGetValidator,
ecb4e35f	311	usersAskResetPasswordValidator,
d9eaee39 JM	312	usersResetPasswordValidator,
d9eaee39 JM	313	usersAskSendVerifyEmailValidator,
74d63469 GR	314	usersVerifyEmailValidator,
74d63469 GR	315	userAutocompleteValidator
8094a898 C	316	}
	317
	318	// ---------------------------------------------------------------------------
	319
ecb4e35f C	320	function checkUserIdExist (id: number, res: express.Response) {
	321	return checkUserExist(() => UserModel.loadById(id), res)
	322	}
a2431b7d	323
ecb4e35f C	324	function checkUserEmailExist (email: string, res: express.Response, abortResponse = true) {
ecb4e35f C	325	return checkUserExist(() => UserModel.loadByEmail(email), res, abortResponse)
65fcc311	326	}
77a5501f	327
a2431b7d	328	async function checkUserNameOrEmailDoesNotAlreadyExist (username: string, email: string, res: express.Response) {
3fd3ab2d	329	const user = await UserModel.loadByUsernameOrEmail(username, email)
a2431b7d C	330
	331	if (user) {
	332	res.status(409)
edf7f40a	333	.send({ error: 'User with this username or email already exists.' })
a2431b7d C	334	.end()
	335	return false
	336	}
	337
2ef6a063 C	338	const actor = await ActorModel.loadLocalByName(username)
	339	if (actor) {
	340	res.status(409)
c907c2fa	341	.send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' })
2ef6a063 C	342	.end()
	343	return false
	344	}
	345
a2431b7d	346	return true
77a5501f	347	}
ecb4e35f C	348
	349	async function checkUserExist (finder: () => Bluebird<UserModel>, res: express.Response, abortResponse = true) {
	350	const user = await finder()
	351
	352	if (!user) {
	353	if (abortResponse === true) {
	354	res.status(404)
	355	.send({ error: 'User not found' })
	356	.end()
	357	}
	358
	359	return false
	360	}
	361
	362	res.locals.user = user
	363
	364	return true
	365	}