diff options
Diffstat (limited to 'server/controllers/api/users/index.ts')
| -rw-r--r-- | server/controllers/api/users/index.ts | 37 |
1 files changed, 21 insertions, 16 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 0aafba66e..c1d72087c 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
| @@ -6,7 +6,7 @@ import { getFormattedObjects } from '../../../helpers/utils' | |||
| 6 | import { RATES_LIMIT, WEBSERVER } from '../../../initializers/constants' | 6 | import { RATES_LIMIT, WEBSERVER } from '../../../initializers/constants' |
| 7 | import { Emailer } from '../../../lib/emailer' | 7 | import { Emailer } from '../../../lib/emailer' |
| 8 | import { Redis } from '../../../lib/redis' | 8 | import { Redis } from '../../../lib/redis' |
| 9 | import { createUserAccountAndChannelAndPlaylist } from '../../../lib/user' | 9 | import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' |
| 10 | import { | 10 | import { |
| 11 | asyncMiddleware, | 11 | asyncMiddleware, |
| 12 | asyncRetryTransactionMiddleware, | 12 | asyncRetryTransactionMiddleware, |
| @@ -46,14 +46,18 @@ import { mySubscriptionsRouter } from './my-subscriptions' | |||
| 46 | import { CONFIG } from '../../../initializers/config' | 46 | import { CONFIG } from '../../../initializers/config' |
| 47 | import { sequelizeTypescript } from '../../../initializers/database' | 47 | import { sequelizeTypescript } from '../../../initializers/database' |
| 48 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' | 48 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' |
| 49 | import { UserRegister } from '../../../../shared/models/users/user-register.model' | ||
| 49 | 50 | ||
| 50 | const auditLogger = auditLoggerFactory('users') | 51 | const auditLogger = auditLoggerFactory('users') |
| 51 | 52 | ||
| 52 | const loginRateLimiter = new RateLimit({ | 53 | // FIXME: https://github.com/nfriedly/express-rate-limit/issues/138 |
| 54 | // @ts-ignore | ||
| 55 | const loginRateLimiter = RateLimit({ | ||
| 53 | windowMs: RATES_LIMIT.LOGIN.WINDOW_MS, | 56 | windowMs: RATES_LIMIT.LOGIN.WINDOW_MS, |
| 54 | max: RATES_LIMIT.LOGIN.MAX | 57 | max: RATES_LIMIT.LOGIN.MAX |
| 55 | }) | 58 | }) |
| 56 | 59 | ||
| 60 | // @ts-ignore | ||
| 57 | const askSendEmailLimiter = new RateLimit({ | 61 | const askSendEmailLimiter = new RateLimit({ |
| 58 | windowMs: RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, | 62 | windowMs: RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, |
| 59 | max: RATES_LIMIT.ASK_SEND_EMAIL.MAX | 63 | max: RATES_LIMIT.ASK_SEND_EMAIL.MAX |
| @@ -143,7 +147,7 @@ usersRouter.post('/:id/reset-password', | |||
| 143 | usersRouter.post('/ask-send-verify-email', | 147 | usersRouter.post('/ask-send-verify-email', |
| 144 | askSendEmailLimiter, | 148 | askSendEmailLimiter, |
| 145 | asyncMiddleware(usersAskSendVerifyEmailValidator), | 149 | asyncMiddleware(usersAskSendVerifyEmailValidator), |
| 146 | asyncMiddleware(askSendVerifyUserEmail) | 150 | asyncMiddleware(reSendVerifyUserEmail) |
| 147 | ) | 151 | ) |
| 148 | 152 | ||
| 149 | usersRouter.post('/:id/verify-email', | 153 | usersRouter.post('/:id/verify-email', |
| @@ -180,7 +184,7 @@ async function createUser (req: express.Request, res: express.Response) { | |||
| 180 | adminFlags: body.adminFlags || UserAdminFlag.NONE | 184 | adminFlags: body.adminFlags || UserAdminFlag.NONE |
| 181 | }) | 185 | }) |
| 182 | 186 | ||
| 183 | const { user, account } = await createUserAccountAndChannelAndPlaylist(userToCreate) | 187 | const { user, account } = await createUserAccountAndChannelAndPlaylist({ userToCreate: userToCreate }) |
| 184 | 188 | ||
| 185 | auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) | 189 | auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) |
| 186 | logger.info('User %s with its channel and account created.', body.username) | 190 | logger.info('User %s with its channel and account created.', body.username) |
| @@ -189,15 +193,14 @@ async function createUser (req: express.Request, res: express.Response) { | |||
| 189 | user: { | 193 | user: { |
| 190 | id: user.id, | 194 | id: user.id, |
| 191 | account: { | 195 | account: { |
| 192 | id: account.id, | 196 | id: account.id |
| 193 | uuid: account.Actor.uuid | ||
| 194 | } | 197 | } |
| 195 | } | 198 | } |
| 196 | }).end() | 199 | }).end() |
| 197 | } | 200 | } |
| 198 | 201 | ||
| 199 | async function registerUser (req: express.Request, res: express.Response) { | 202 | async function registerUser (req: express.Request, res: express.Response) { |
| 200 | const body: UserCreate = req.body | 203 | const body: UserRegister = req.body |
| 201 | 204 | ||
| 202 | const userToCreate = new UserModel({ | 205 | const userToCreate = new UserModel({ |
| 203 | username: body.username, | 206 | username: body.username, |
| @@ -211,7 +214,11 @@ async function registerUser (req: express.Request, res: express.Response) { | |||
| 211 | emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null | 214 | emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null |
| 212 | }) | 215 | }) |
| 213 | 216 | ||
| 214 | const { user } = await createUserAccountAndChannelAndPlaylist(userToCreate) | 217 | const { user } = await createUserAccountAndChannelAndPlaylist({ |
| 218 | userToCreate: userToCreate, | ||
| 219 | userDisplayName: body.displayName || undefined, | ||
| 220 | channelNames: body.channel | ||
| 221 | }) | ||
| 215 | 222 | ||
| 216 | auditLogger.create(body.username, new UserAuditView(user.toFormattedJSON())) | 223 | auditLogger.create(body.username, new UserAuditView(user.toFormattedJSON())) |
| 217 | logger.info('User %s with its channel and account registered.', body.username) | 224 | logger.info('User %s with its channel and account registered.', body.username) |
| @@ -313,14 +320,7 @@ async function resetUserPassword (req: express.Request, res: express.Response) { | |||
| 313 | return res.status(204).end() | 320 | return res.status(204).end() |
| 314 | } | 321 | } |
| 315 | 322 | ||
| 316 | async function sendVerifyUserEmail (user: UserModel) { | 323 | async function reSendVerifyUserEmail (req: express.Request, res: express.Response) { |
| 317 | const verificationString = await Redis.Instance.setVerifyEmailVerificationString(user.id) | ||
| 318 | const url = WEBSERVER.URL + '/verify-account/email?userId=' + user.id + '&verificationString=' + verificationString | ||
| 319 | await Emailer.Instance.addVerifyEmailJob(user.email, url) | ||
| 320 | return | ||
| 321 | } | ||
| 322 | |||
| 323 | async function askSendVerifyUserEmail (req: express.Request, res: express.Response) { | ||
| 324 | const user = res.locals.user | 324 | const user = res.locals.user |
| 325 | 325 | ||
| 326 | await sendVerifyUserEmail(user) | 326 | await sendVerifyUserEmail(user) |
| @@ -332,6 +332,11 @@ async function verifyUserEmail (req: express.Request, res: express.Response) { | |||
| 332 | const user = res.locals.user | 332 | const user = res.locals.user |
| 333 | user.emailVerified = true | 333 | user.emailVerified = true |
| 334 | 334 | ||
| 335 | if (req.body.isPendingEmail === true) { | ||
| 336 | user.email = user.pendingEmail | ||
| 337 | user.pendingEmail = null | ||
| 338 | } | ||
| 339 | |||
| 335 | await user.save() | 340 | await user.save() |
| 336 | 341 | ||
| 337 | return res.status(204).end() | 342 | return res.status(204).end() |