import express from 'express'
-import RateLimit from 'express-rate-limit'
import { tokensRouter } from '@server/controllers/api/users/token'
import { Hooks } from '@server/lib/plugins/hooks'
import { OAuthTokenModel } from '@server/models/oauth/oauth-token'
-import { MUser, MUserAccountDefault } from '@server/types/models'
-import { HttpStatusCode, UserAdminFlag, UserCreate, UserCreateResult, UserRegister, UserRight, UserRole, UserUpdate } from '@shared/models'
+import { MUserAccountDefault } from '@server/types/models'
+import { pick } from '@shared/core-utils'
+import { HttpStatusCode, UserCreate, UserCreateResult, UserRegister, UserRight, UserUpdate } from '@shared/models'
import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
import { logger } from '../../../helpers/logger'
import { generateRandomString, getFormattedObjects } from '../../../helpers/utils'
import { Emailer } from '../../../lib/emailer'
import { Notifier } from '../../../lib/notifier'
import { Redis } from '../../../lib/redis'
-import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user'
+import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user'
import {
+ adminUsersSortValidator,
asyncMiddleware,
asyncRetryTransactionMiddleware,
authenticate,
+ buildRateLimiter,
ensureUserHasRight,
ensureUserRegistrationAllowed,
ensureUserRegistrationAllowedForIP,
usersListValidator,
usersRegisterValidator,
usersRemoveValidator,
- usersSortValidator,
usersUpdateValidator
} from '../../../middlewares'
import {
- ensureCanManageUser,
+ ensureCanModerateUser,
usersAskResetPasswordValidator,
usersAskSendVerifyEmailValidator,
usersBlockingValidator,
import { myNotificationsRouter } from './my-notifications'
import { mySubscriptionsRouter } from './my-subscriptions'
import { myVideoPlaylistsRouter } from './my-video-playlists'
+import { twoFactorRouter } from './two-factor'
const auditLogger = auditLoggerFactory('users')
-const signupRateLimiter = RateLimit({
+const signupRateLimiter = buildRateLimiter({
windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS,
max: CONFIG.RATES_LIMIT.SIGNUP.MAX,
skipFailedRequests: true
})
-const askSendEmailLimiter = RateLimit({
+const askSendEmailLimiter = buildRateLimiter({
windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS,
max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX
})
const usersRouter = express.Router()
+usersRouter.use('/', twoFactorRouter)
usersRouter.use('/', tokensRouter)
usersRouter.use('/', myNotificationsRouter)
usersRouter.use('/', mySubscriptionsRouter)
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
paginationValidator,
- usersSortValidator,
+ adminUsersSortValidator,
setDefaultSort,
setDefaultPagination,
usersListValidator,
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersBlockingValidator),
- ensureCanManageUser,
+ ensureCanModerateUser,
asyncMiddleware(blockUser)
)
usersRouter.post('/:id/unblock',
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersBlockingValidator),
- ensureCanManageUser,
+ ensureCanModerateUser,
asyncMiddleware(unblockUser)
)
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersUpdateValidator),
- ensureCanManageUser,
+ ensureCanModerateUser,
asyncMiddleware(updateUser)
)
authenticate,
ensureUserHasRight(UserRight.MANAGE_USERS),
asyncMiddleware(usersRemoveValidator),
- ensureCanManageUser,
+ ensureCanModerateUser,
asyncMiddleware(removeUser)
)
async function createUser (req: express.Request, res: express.Response) {
const body: UserCreate = req.body
- const userToCreate = new UserModel({
- username: body.username,
- password: body.password,
- email: body.email,
- nsfwPolicy: CONFIG.INSTANCE.DEFAULT_NSFW_POLICY,
- p2pEnabled: CONFIG.DEFAULTS.P2P.WEBAPP.ENABLED,
- autoPlayVideo: true,
- role: body.role,
- videoQuota: body.videoQuota,
- videoQuotaDaily: body.videoQuotaDaily,
- adminFlags: body.adminFlags || UserAdminFlag.NONE
- }) as MUser
+ const userToCreate = buildUser({
+ ...pick(body, [ 'username', 'password', 'email', 'role', 'videoQuota', 'videoQuotaDaily', 'adminFlags' ]),
+
+ emailVerified: null
+ })
// NB: due to the validator usersAddValidator, password==='' can only be true if we can send the mail.
const createPassword = userToCreate.password === ''
async function registerUser (req: express.Request, res: express.Response) {
const body: UserRegister = req.body
- const userToCreate = new UserModel({
- username: body.username,
- password: body.password,
- email: body.email,
- nsfwPolicy: CONFIG.INSTANCE.DEFAULT_NSFW_POLICY,
- p2pEnabled: CONFIG.DEFAULTS.P2P.WEBAPP.ENABLED,
- autoPlayVideo: true,
- role: UserRole.USER,
- videoQuota: CONFIG.USER.VIDEO_QUOTA,
- videoQuotaDaily: CONFIG.USER.VIDEO_QUOTA_DAILY,
+ const userToCreate = buildUser({
+ ...pick(body, [ 'username', 'password', 'email' ]),
+
emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null
})
const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({
- userToCreate: userToCreate,
+ userToCreate,
userDisplayName: body.displayName || undefined,
channelNames: body.channel
})
}
async function listUsers (req: express.Request, res: express.Response) {
- const resultList = await UserModel.listForApi({
+ const resultList = await UserModel.listForAdminApi({
start: req.query.start,
count: req.query.count,
sort: req.query.sort,
const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id)
const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString
- await Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url)
+ Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url)
return res.status(HttpStatusCode.NO_CONTENT_204).end()
}
projects / github / Chocobozzz / PeerTube.git / blobdiff