Creating a user with an empty password will send an email to let him set his password (#2479)

* Creating a user with an empty password will send an email to let him set his password * Consideration of Chocobozzz's comments * Tips for optional password * API documentation * Fix circular imports * Tests
author: John Livingston <38844060+JohnXLivingston@users.noreply.github.com> 2020-02-17 10:16:52 +0100
committer: GitHub <noreply@github.com> 2020-02-17 10:16:52 +0100
commit: 45f1bd72a08998c60a9dd68ff069cea9de39161c (patch)
tree: 79e484bd7fd38fe97c84fdb00a164534f43941e9 /server/controllers/api/users/index.ts
parent: c5621bd23bce038671cd81149a0aa5e238558b67 (diff)
download: PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.tar.gz
PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.tar.zst
PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.zip
1 files changed, 15 insertions, 1 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index 0b7012537..98eb2beed 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -2,7 +2,7 @@ import * as express from 'express'
 import * as RateLimit from 'express-rate-limit'
 import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared'
 import { logger } from '../../../helpers/logger'
-import { getFormattedObjects } from '../../../helpers/utils'
+import { generateRandomString, getFormattedObjects } from '../../../helpers/utils'
 import { WEBSERVER } from '../../../initializers/constants'
 import { Emailer } from '../../../lib/emailer'
 import { Redis } from '../../../lib/redis'
@@ -197,11 +197,25 @@ async function createUser (req: express.Request, res: express.Response) {
    adminFlags: body.adminFlags || UserAdminFlag.NONE
  }) as MUser
+  // NB: due to the validator usersAddValidator, password==='' can only be true if we can send the mail.
+  const createPassword = userToCreate.password === ''
+  if (createPassword) {
+    userToCreate.password = await generateRandomString(20)
+  }
  const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({ userToCreate: userToCreate })
  auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON()))
  logger.info('User %s with its channel and account created.', body.username)
+  if (createPassword) {
+    // this will send an email for newly created users, so then can set their first password.
+    logger.info('Sending to user %s a create password email', body.username)
+    const verificationString = await Redis.Instance.setCreatePasswordVerificationString(user.id)
+    const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString
+    await Emailer.Instance.addPasswordCreateEmailJob(userToCreate.username, user.email, url)
+  }
  Hooks.runAction('action:api.user.created', { body, user, account, videoChannel })
  return res.json({
author	John Livingston <38844060+JohnXLivingston@users.noreply.github.com>	2020-02-17 10:16:52 +0100
committer	GitHub <noreply@github.com>	2020-02-17 10:16:52 +0100
commit	45f1bd72a08998c60a9dd68ff069cea9de39161c (patch)
tree	79e484bd7fd38fe97c84fdb00a164534f43941e9 /server/controllers/api/users/index.ts
parent	c5621bd23bce038671cd81149a0aa5e238558b67 (diff)
download	PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.tar.gz PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.tar.zst PeerTube-45f1bd72a08998c60a9dd68ff069cea9de39161c.zip