diff options
Diffstat (limited to 'server/controllers/api/users/index.ts')
-rw-r--r-- | server/controllers/api/users/index.ts | 37 |
1 files changed, 21 insertions, 16 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 0aafba66e..c1d72087c 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
@@ -6,7 +6,7 @@ import { getFormattedObjects } from '../../../helpers/utils' | |||
6 | import { RATES_LIMIT, WEBSERVER } from '../../../initializers/constants' | 6 | import { RATES_LIMIT, WEBSERVER } from '../../../initializers/constants' |
7 | import { Emailer } from '../../../lib/emailer' | 7 | import { Emailer } from '../../../lib/emailer' |
8 | import { Redis } from '../../../lib/redis' | 8 | import { Redis } from '../../../lib/redis' |
9 | import { createUserAccountAndChannelAndPlaylist } from '../../../lib/user' | 9 | import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' |
10 | import { | 10 | import { |
11 | asyncMiddleware, | 11 | asyncMiddleware, |
12 | asyncRetryTransactionMiddleware, | 12 | asyncRetryTransactionMiddleware, |
@@ -46,14 +46,18 @@ import { mySubscriptionsRouter } from './my-subscriptions' | |||
46 | import { CONFIG } from '../../../initializers/config' | 46 | import { CONFIG } from '../../../initializers/config' |
47 | import { sequelizeTypescript } from '../../../initializers/database' | 47 | import { sequelizeTypescript } from '../../../initializers/database' |
48 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' | 48 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' |
49 | import { UserRegister } from '../../../../shared/models/users/user-register.model' | ||
49 | 50 | ||
50 | const auditLogger = auditLoggerFactory('users') | 51 | const auditLogger = auditLoggerFactory('users') |
51 | 52 | ||
52 | const loginRateLimiter = new RateLimit({ | 53 | // FIXME: https://github.com/nfriedly/express-rate-limit/issues/138 |
54 | // @ts-ignore | ||
55 | const loginRateLimiter = RateLimit({ | ||
53 | windowMs: RATES_LIMIT.LOGIN.WINDOW_MS, | 56 | windowMs: RATES_LIMIT.LOGIN.WINDOW_MS, |
54 | max: RATES_LIMIT.LOGIN.MAX | 57 | max: RATES_LIMIT.LOGIN.MAX |
55 | }) | 58 | }) |
56 | 59 | ||
60 | // @ts-ignore | ||
57 | const askSendEmailLimiter = new RateLimit({ | 61 | const askSendEmailLimiter = new RateLimit({ |
58 | windowMs: RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, | 62 | windowMs: RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS, |
59 | max: RATES_LIMIT.ASK_SEND_EMAIL.MAX | 63 | max: RATES_LIMIT.ASK_SEND_EMAIL.MAX |
@@ -143,7 +147,7 @@ usersRouter.post('/:id/reset-password', | |||
143 | usersRouter.post('/ask-send-verify-email', | 147 | usersRouter.post('/ask-send-verify-email', |
144 | askSendEmailLimiter, | 148 | askSendEmailLimiter, |
145 | asyncMiddleware(usersAskSendVerifyEmailValidator), | 149 | asyncMiddleware(usersAskSendVerifyEmailValidator), |
146 | asyncMiddleware(askSendVerifyUserEmail) | 150 | asyncMiddleware(reSendVerifyUserEmail) |
147 | ) | 151 | ) |
148 | 152 | ||
149 | usersRouter.post('/:id/verify-email', | 153 | usersRouter.post('/:id/verify-email', |
@@ -180,7 +184,7 @@ async function createUser (req: express.Request, res: express.Response) { | |||
180 | adminFlags: body.adminFlags || UserAdminFlag.NONE | 184 | adminFlags: body.adminFlags || UserAdminFlag.NONE |
181 | }) | 185 | }) |
182 | 186 | ||
183 | const { user, account } = await createUserAccountAndChannelAndPlaylist(userToCreate) | 187 | const { user, account } = await createUserAccountAndChannelAndPlaylist({ userToCreate: userToCreate }) |
184 | 188 | ||
185 | auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) | 189 | auditLogger.create(getAuditIdFromRes(res), new UserAuditView(user.toFormattedJSON())) |
186 | logger.info('User %s with its channel and account created.', body.username) | 190 | logger.info('User %s with its channel and account created.', body.username) |
@@ -189,15 +193,14 @@ async function createUser (req: express.Request, res: express.Response) { | |||
189 | user: { | 193 | user: { |
190 | id: user.id, | 194 | id: user.id, |
191 | account: { | 195 | account: { |
192 | id: account.id, | 196 | id: account.id |
193 | uuid: account.Actor.uuid | ||
194 | } | 197 | } |
195 | } | 198 | } |
196 | }).end() | 199 | }).end() |
197 | } | 200 | } |
198 | 201 | ||
199 | async function registerUser (req: express.Request, res: express.Response) { | 202 | async function registerUser (req: express.Request, res: express.Response) { |
200 | const body: UserCreate = req.body | 203 | const body: UserRegister = req.body |
201 | 204 | ||
202 | const userToCreate = new UserModel({ | 205 | const userToCreate = new UserModel({ |
203 | username: body.username, | 206 | username: body.username, |
@@ -211,7 +214,11 @@ async function registerUser (req: express.Request, res: express.Response) { | |||
211 | emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null | 214 | emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null |
212 | }) | 215 | }) |
213 | 216 | ||
214 | const { user } = await createUserAccountAndChannelAndPlaylist(userToCreate) | 217 | const { user } = await createUserAccountAndChannelAndPlaylist({ |
218 | userToCreate: userToCreate, | ||
219 | userDisplayName: body.displayName || undefined, | ||
220 | channelNames: body.channel | ||
221 | }) | ||
215 | 222 | ||
216 | auditLogger.create(body.username, new UserAuditView(user.toFormattedJSON())) | 223 | auditLogger.create(body.username, new UserAuditView(user.toFormattedJSON())) |
217 | logger.info('User %s with its channel and account registered.', body.username) | 224 | logger.info('User %s with its channel and account registered.', body.username) |
@@ -313,14 +320,7 @@ async function resetUserPassword (req: express.Request, res: express.Response) { | |||
313 | return res.status(204).end() | 320 | return res.status(204).end() |
314 | } | 321 | } |
315 | 322 | ||
316 | async function sendVerifyUserEmail (user: UserModel) { | 323 | async function reSendVerifyUserEmail (req: express.Request, res: express.Response) { |
317 | const verificationString = await Redis.Instance.setVerifyEmailVerificationString(user.id) | ||
318 | const url = WEBSERVER.URL + '/verify-account/email?userId=' + user.id + '&verificationString=' + verificationString | ||
319 | await Emailer.Instance.addVerifyEmailJob(user.email, url) | ||
320 | return | ||
321 | } | ||
322 | |||
323 | async function askSendVerifyUserEmail (req: express.Request, res: express.Response) { | ||
324 | const user = res.locals.user | 324 | const user = res.locals.user |
325 | 325 | ||
326 | await sendVerifyUserEmail(user) | 326 | await sendVerifyUserEmail(user) |
@@ -332,6 +332,11 @@ async function verifyUserEmail (req: express.Request, res: express.Response) { | |||
332 | const user = res.locals.user | 332 | const user = res.locals.user |
333 | user.emailVerified = true | 333 | user.emailVerified = true |
334 | 334 | ||
335 | if (req.body.isPendingEmail === true) { | ||
336 | user.email = user.pendingEmail | ||
337 | user.pendingEmail = null | ||
338 | } | ||
339 | |||
335 | await user.save() | 340 | await user.save() |
336 | 341 | ||
337 | return res.status(204).end() | 342 | return res.status(204).end() |