1 files changed, 7 insertions, 92 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index a8677a1d3..5a5a12e82 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -4,26 +4,21 @@ import { Hooks } from '@server/lib/plugins/hooks'
 import { OAuthTokenModel } from '@server/models/oauth/oauth-token'
 import { MUserAccountDefault } from '@server/types/models'
 import { pick } from '@shared/core-utils'
-import { HttpStatusCode, UserCreate, UserCreateResult, UserRegister, UserRight, UserUpdate } from '@shared/models'
+import { HttpStatusCode, UserCreate, UserCreateResult, UserRight, UserUpdate } from '@shared/models'
 import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
 import { logger } from '../../../helpers/logger'
 import { generateRandomString, getFormattedObjects } from '../../../helpers/utils'
-import { CONFIG } from '../../../initializers/config'
 import { WEBSERVER } from '../../../initializers/constants'
 import { sequelizeTypescript } from '../../../initializers/database'
 import { Emailer } from '../../../lib/emailer'
-import { Notifier } from '../../../lib/notifier'
 import { Redis } from '../../../lib/redis'
-import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user'
+import { buildUser, createUserAccountAndChannelAndPlaylist } from '../../../lib/user'
 import {
  adminUsersSortValidator,
  asyncMiddleware,
  asyncRetryTransactionMiddleware,
  authenticate,
-  buildRateLimiter,
  ensureUserHasRight,
-  ensureUserRegistrationAllowed,
-  ensureUserRegistrationAllowedForIP,
  paginationValidator,
  setDefaultPagination,
  setDefaultSort,
@@ -31,19 +26,17 @@ import {
  usersAddValidator,
  usersGetValidator,
  usersListValidator,
-  usersRegisterValidator,
  usersRemoveValidator,
  usersUpdateValidator
 } from '../../../middlewares'
 import {
  ensureCanModerateUser,
  usersAskResetPasswordValidator,
-  usersAskSendVerifyEmailValidator,
  usersBlockingValidator,
-  usersResetPasswordValidator,
+  usersResetPasswordValidator
-  usersVerifyEmailValidator
 } from '../../../middlewares/validators'
 import { UserModel } from '../../../models/user/user'
+import { emailVerificationRouter } from './email-verification'
 import { meRouter } from './me'
 import { myAbusesRouter } from './my-abuses'
 import { myBlocklistRouter } from './my-blocklist'
@@ -51,22 +44,14 @@ import { myVideosHistoryRouter } from './my-history'
 import { myNotificationsRouter } from './my-notifications'
 import { mySubscriptionsRouter } from './my-subscriptions'
 import { myVideoPlaylistsRouter } from './my-video-playlists'
+import { registrationsRouter } from './registrations'
 import { twoFactorRouter } from './two-factor'
 const auditLogger = auditLoggerFactory('users')
-const signupRateLimiter = buildRateLimiter({
-  windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS,
-  max: CONFIG.RATES_LIMIT.SIGNUP.MAX,
-  skipFailedRequests: true
-})
-const askSendEmailLimiter = buildRateLimiter({
-  windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS,
-  max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX
-})
 const usersRouter = express.Router()
+usersRouter.use('/', emailVerificationRouter)
+usersRouter.use('/', registrationsRouter)
 usersRouter.use('/', twoFactorRouter)
 usersRouter.use('/', tokensRouter)
 usersRouter.use('/', myNotificationsRouter)
@@ -122,14 +107,6 @@ usersRouter.post('/',
  asyncRetryTransactionMiddleware(createUser)
 )
-usersRouter.post('/register',
-  signupRateLimiter,
-  asyncMiddleware(ensureUserRegistrationAllowed),
-  ensureUserRegistrationAllowedForIP,
-  asyncMiddleware(usersRegisterValidator),
-  asyncRetryTransactionMiddleware(registerUser)
-)
 usersRouter.put('/:id',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_USERS),
@@ -156,17 +133,6 @@ usersRouter.post('/:id/reset-password',
  asyncMiddleware(resetUserPassword)
 )
-usersRouter.post('/ask-send-verify-email',
-  askSendEmailLimiter,
-  asyncMiddleware(usersAskSendVerifyEmailValidator),
-  asyncMiddleware(reSendVerifyUserEmail)
-)
-usersRouter.post('/:id/verify-email',
-  asyncMiddleware(usersVerifyEmailValidator),
-  asyncMiddleware(verifyUserEmail)
-)
 // ---------------------------------------------------------------------------
 export {
@@ -218,35 +184,6 @@ async function createUser (req: express.Request, res: express.Response) {
  })
 }
-async function registerUser (req: express.Request, res: express.Response) {
-  const body: UserRegister = req.body
-  const userToCreate = buildUser({
-    ...pick(body, [ 'username', 'password', 'email' ]),
-    emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null
-  })
-  const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({
-    userToCreate,
-    userDisplayName: body.displayName || undefined,
-    channelNames: body.channel
-  })
-  auditLogger.create(body.username, new UserAuditView(user.toFormattedJSON()))
-  logger.info('User %s with its channel and account registered.', body.username)
-  if (CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION) {
-    await sendVerifyUserEmail(user)
-  }
-  Notifier.Instance.notifyOnNewUserRegistration(user)
-  Hooks.runAction('action:api.user.registered', { body, user, account, videoChannel, req, res })
-  return res.type('json').status(HttpStatusCode.NO_CONTENT_204).end()
-}
 async function unblockUser (req: express.Request, res: express.Response) {
  const user = res.locals.user
@@ -360,28 +297,6 @@ async function resetUserPassword (req: express.Request, res: express.Response) {
  return res.status(HttpStatusCode.NO_CONTENT_204).end()
 }
-async function reSendVerifyUserEmail (req: express.Request, res: express.Response) {
-  const user = res.locals.user
-  await sendVerifyUserEmail(user)
-  return res.status(HttpStatusCode.NO_CONTENT_204).end()
-}
-async function verifyUserEmail (req: express.Request, res: express.Response) {
-  const user = res.locals.user
-  user.emailVerified = true
-  if (req.body.isPendingEmail === true) {
-    user.email = user.pendingEmail
-    user.pendingEmail = null
-  }
-  await user.save()
-  return res.status(HttpStatusCode.NO_CONTENT_204).end()
-}
 async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) {
  const oldUserAuditView = new UserAuditView(user.toFormattedJSON())

diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index a8677a1d3..5a5a12e82 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts
@@ -4,26 +4,21 @@ import { Hooks } from '@server/lib/plugins/hooks'
4	import { OAuthTokenModel } from '@server/models/oauth/oauth-token'	4	import { OAuthTokenModel } from '@server/models/oauth/oauth-token'
5	import { MUserAccountDefault } from '@server/types/models'	5	import { MUserAccountDefault } from '@server/types/models'
6	import { pick } from '@shared/core-utils'	6	import { pick } from '@shared/core-utils'
7	import { HttpStatusCode, UserCreate, UserCreateResult, UserRegister, UserRight, UserUpdate } from '@shared/models'	7	import { HttpStatusCode, UserCreate, UserCreateResult, UserRight, UserUpdate } from '@shared/models'
8	import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'	8	import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
9	import { logger } from '../../../helpers/logger'	9	import { logger } from '../../../helpers/logger'
10	import { generateRandomString, getFormattedObjects } from '../../../helpers/utils'	10	import { generateRandomString, getFormattedObjects } from '../../../helpers/utils'
11	import { CONFIG } from '../../../initializers/config'
12	import { WEBSERVER } from '../../../initializers/constants'	11	import { WEBSERVER } from '../../../initializers/constants'
13	import { sequelizeTypescript } from '../../../initializers/database'	12	import { sequelizeTypescript } from '../../../initializers/database'
14	import { Emailer } from '../../../lib/emailer'	13	import { Emailer } from '../../../lib/emailer'
15	import { Notifier } from '../../../lib/notifier'
16	import { Redis } from '../../../lib/redis'	14	import { Redis } from '../../../lib/redis'
17	import { buildUser, createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user'	15	import { buildUser, createUserAccountAndChannelAndPlaylist } from '../../../lib/user'
18	import {	16	import {
19	adminUsersSortValidator,	17	adminUsersSortValidator,
20	asyncMiddleware,	18	asyncMiddleware,
21	asyncRetryTransactionMiddleware,	19	asyncRetryTransactionMiddleware,
22	authenticate,	20	authenticate,
23	buildRateLimiter,
24	ensureUserHasRight,	21	ensureUserHasRight,
25	ensureUserRegistrationAllowed,
26	ensureUserRegistrationAllowedForIP,
27	paginationValidator,	22	paginationValidator,
28	setDefaultPagination,	23	setDefaultPagination,
29	setDefaultSort,	24	setDefaultSort,
@@ -31,19 +26,17 @@ import {
31	usersAddValidator,	26	usersAddValidator,
32	usersGetValidator,	27	usersGetValidator,
33	usersListValidator,	28	usersListValidator,
34	usersRegisterValidator,
35	usersRemoveValidator,	29	usersRemoveValidator,
36	usersUpdateValidator	30	usersUpdateValidator
37	} from '../../../middlewares'	31	} from '../../../middlewares'
38	import {	32	import {
39	ensureCanModerateUser,	33	ensureCanModerateUser,
40	usersAskResetPasswordValidator,	34	usersAskResetPasswordValidator,
41	usersAskSendVerifyEmailValidator,
42	usersBlockingValidator,	35	usersBlockingValidator,
43	usersResetPasswordValidator,	36	usersResetPasswordValidator
44	usersVerifyEmailValidator
45	} from '../../../middlewares/validators'	37	} from '../../../middlewares/validators'
46	import { UserModel } from '../../../models/user/user'	38	import { UserModel } from '../../../models/user/user'
		39	import { emailVerificationRouter } from './email-verification'
47	import { meRouter } from './me'	40	import { meRouter } from './me'
48	import { myAbusesRouter } from './my-abuses'	41	import { myAbusesRouter } from './my-abuses'
49	import { myBlocklistRouter } from './my-blocklist'	42	import { myBlocklistRouter } from './my-blocklist'
@@ -51,22 +44,14 @@ import { myVideosHistoryRouter } from './my-history'
51	import { myNotificationsRouter } from './my-notifications'	44	import { myNotificationsRouter } from './my-notifications'
52	import { mySubscriptionsRouter } from './my-subscriptions'	45	import { mySubscriptionsRouter } from './my-subscriptions'
53	import { myVideoPlaylistsRouter } from './my-video-playlists'	46	import { myVideoPlaylistsRouter } from './my-video-playlists'
		47	import { registrationsRouter } from './registrations'
54	import { twoFactorRouter } from './two-factor'	48	import { twoFactorRouter } from './two-factor'
55		49
56	const auditLogger = auditLoggerFactory('users')	50	const auditLogger = auditLoggerFactory('users')
57		51
58	const signupRateLimiter = buildRateLimiter({
59	windowMs: CONFIG.RATES_LIMIT.SIGNUP.WINDOW_MS,
60	max: CONFIG.RATES_LIMIT.SIGNUP.MAX,
61	skipFailedRequests: true
62	})
63
64	const askSendEmailLimiter = buildRateLimiter({
65	windowMs: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.WINDOW_MS,
66	max: CONFIG.RATES_LIMIT.ASK_SEND_EMAIL.MAX
67	})
68
69	const usersRouter = express.Router()	52	const usersRouter = express.Router()
		53	usersRouter.use('/', emailVerificationRouter)
		54	usersRouter.use('/', registrationsRouter)
70	usersRouter.use('/', twoFactorRouter)	55	usersRouter.use('/', twoFactorRouter)
71	usersRouter.use('/', tokensRouter)	56	usersRouter.use('/', tokensRouter)
72	usersRouter.use('/', myNotificationsRouter)	57	usersRouter.use('/', myNotificationsRouter)
@@ -122,14 +107,6 @@ usersRouter.post('/',
122	asyncRetryTransactionMiddleware(createUser)	107	asyncRetryTransactionMiddleware(createUser)
123	)	108	)
124		109
125	usersRouter.post('/register',
126	signupRateLimiter,
127	asyncMiddleware(ensureUserRegistrationAllowed),
128	ensureUserRegistrationAllowedForIP,
129	asyncMiddleware(usersRegisterValidator),
130	asyncRetryTransactionMiddleware(registerUser)
131	)
132
133	usersRouter.put('/:id',	110	usersRouter.put('/:id',
134	authenticate,	111	authenticate,
135	ensureUserHasRight(UserRight.MANAGE_USERS),	112	ensureUserHasRight(UserRight.MANAGE_USERS),
@@ -156,17 +133,6 @@ usersRouter.post('/:id/reset-password',
156	asyncMiddleware(resetUserPassword)	133	asyncMiddleware(resetUserPassword)
157	)	134	)
158		135
159	usersRouter.post('/ask-send-verify-email',
160	askSendEmailLimiter,
161	asyncMiddleware(usersAskSendVerifyEmailValidator),
162	asyncMiddleware(reSendVerifyUserEmail)
163	)
164
165	usersRouter.post('/:id/verify-email',
166	asyncMiddleware(usersVerifyEmailValidator),
167	asyncMiddleware(verifyUserEmail)
168	)
169
170	// ---------------------------------------------------------------------------	136	// ---------------------------------------------------------------------------
171		137
172	export {	138	export {
@@ -218,35 +184,6 @@ async function createUser (req: express.Request, res: express.Response) {
218	})	184	})
219	}	185	}
220		186
221	async function registerUser (req: express.Request, res: express.Response) {
222	const body: UserRegister = req.body
223
224	const userToCreate = buildUser({
225	...pick(body, [ 'username', 'password', 'email' ]),
226
227	emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null
228	})
229
230	const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({
231	userToCreate,
232	userDisplayName: body.displayName \|\| undefined,
233	channelNames: body.channel
234	})
235
236	auditLogger.create(body.username, new UserAuditView(user.toFormattedJSON()))
237	logger.info('User %s with its channel and account registered.', body.username)
238
239	if (CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION) {
240	await sendVerifyUserEmail(user)
241	}
242
243	Notifier.Instance.notifyOnNewUserRegistration(user)
244
245	Hooks.runAction('action:api.user.registered', { body, user, account, videoChannel, req, res })
246
247	return res.type('json').status(HttpStatusCode.NO_CONTENT_204).end()
248	}
249
250	async function unblockUser (req: express.Request, res: express.Response) {	187	async function unblockUser (req: express.Request, res: express.Response) {
251	const user = res.locals.user	188	const user = res.locals.user
252		189
@@ -360,28 +297,6 @@ async function resetUserPassword (req: express.Request, res: express.Response) {
360	return res.status(HttpStatusCode.NO_CONTENT_204).end()	297	return res.status(HttpStatusCode.NO_CONTENT_204).end()
361	}	298	}
362		299
363	async function reSendVerifyUserEmail (req: express.Request, res: express.Response) {
364	const user = res.locals.user
365
366	await sendVerifyUserEmail(user)
367
368	return res.status(HttpStatusCode.NO_CONTENT_204).end()
369	}
370
371	async function verifyUserEmail (req: express.Request, res: express.Response) {
372	const user = res.locals.user
373	user.emailVerified = true
374
375	if (req.body.isPendingEmail === true) {
376	user.email = user.pendingEmail
377	user.pendingEmail = null
378	}
379
380	await user.save()
381
382	return res.status(HttpStatusCode.NO_CONTENT_204).end()
383	}
384
385	async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) {	300	async function changeUserBlock (res: express.Response, user: MUserAccountDefault, block: boolean, reason?: string) {
386	const oldUserAuditView = new UserAuditView(user.toFormattedJSON())	301	const oldUserAuditView = new UserAuditView(user.toFormattedJSON())
387		302