diff options
author | John Livingston <38844060+JohnXLivingston@users.noreply.github.com> | 2020-02-17 10:16:52 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-17 10:16:52 +0100 |
commit | 45f1bd72a08998c60a9dd68ff069cea9de39161c (patch) | |
tree | 79e484bd7fd38fe97c84fdb00a164534f43941e9 /server/controllers/api/users/index.ts | |
parent | c5621bd23bce038671cd81149a0aa5e238558b67 (diff) | |
download | PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.tar.gz PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.tar.zst PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.zip |
Creating a user with an empty password will send an email to let him set his password (#2479)
* Creating a user with an empty password will send an email to let him set his password
* Consideration of Chocobozzz's comments
* Tips for optional password
* API documentation
* Fix circular imports
* Tests
Diffstat (limited to 'server/controllers/api/users/index.ts')
-rw-r--r-- | server/controllers/api/users/index.ts | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 0b7012537..98eb2beed 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
@@ -2,7 +2,7 @@ import * as express from 'express' | |||
2 | import * as RateLimit from 'express-rate-limit' | 2 | import * as RateLimit from 'express-rate-limit' |
3 | import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared' | 3 | import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared' |
4 | import { logger } from '../../../helpers/logger' | 4 | import { logger } from '../../../helpers/logger' |
5 | import { getFormattedObjects } from '../../../helpers/utils' | 5 | import { generateRandomString, getFormattedObjects } from '../../../helpers/utils' |
6 | import { WEBSERVER } from '../../../initializers/constants' | 6 | import { WEBSERVER } from '../../../initializers/constants' |
7 | import { Emailer } from '../../../lib/emailer' | 7 | import { Emailer } from '../../../lib/emailer' |
8 | import { Redis } from '../../../lib/redis' | 8 | import { Redis } from '../../../lib/redis' |
@@ -197,11 +197,25 @@ async function createUser (req: express.Request, res: express.Response) { | |||
197 | adminFlags: body.adminFlags || UserAdminFlag.NONE | 197 | adminFlags: body.adminFlags || UserAdminFlag.NONE |
198 | }) as MUser | 198 | }) as MUser |
199 | 199 | ||
200 | // NB: due to the validator usersAddValidator, password==='' can only be true if we can send the mail. | ||
201 | const createPassword = userToCreate.password === '' | ||
202 | if (createPassword) { | ||
203 | userToCreate.password = await generateRandomString(20) | ||
204 | } | ||
205 | |||
200 | const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({ userToCreate: userToCreate }) | 206 | const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({ userToCreate: userToCreate }) |
201 | 207 | ||
202 | auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) | 208 | auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) |
203 | logger.info('User %s with its channel and account created.', body.username) | 209 | logger.info('User %s with its channel and account created.', body.username) |
204 | 210 | ||
211 | if (createPassword) { | ||
212 | // this will send an email for newly created users, so then can set their first password. | ||
213 | logger.info('Sending to user %s a create password email', body.username) | ||
214 | const verificationString = await Redis.Instance.setCreatePasswordVerificationString(user.id) | ||
215 | const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString | ||
216 | await Emailer.Instance.addPasswordCreateEmailJob(userToCreate.username, user.email, url) | ||
217 | } | ||
218 | |||
205 | Hooks.runAction('action:api.user.created', { body, user, account, videoChannel }) | 219 | Hooks.runAction('action:api.user.created', { body, user, account, videoChannel }) |
206 | 220 | ||
207 | return res.json({ | 221 | return res.json({ |