|
|
@@ -75,123 +75,132 @@ router.post('/save_account', auth, express.json(), async (req, res, next)=>{
|
|
|
return res.status(429).send('Too many requests.');
|
|
|
}
|
|
|
|
|
|
- // duplicate username check, do this only if user has supplied a new username
|
|
|
- if(req.body.username !== req.user.username && await username_exists(req.body.username))
|
|
|
- return res.status(400).send('This username already exists in our database. Please use another one.');
|
|
|
- // duplicate email check (pseudo-users don't count)
|
|
|
- let rows2 = await db.read(`SELECT EXISTS(SELECT 1 FROM user WHERE email=? AND password IS NOT NULL) AS email_exists`, [req.body.email]);
|
|
|
- if(rows2[0].email_exists)
|
|
|
- return res.status(400).send('This email already exists in our database. Please use another one.');
|
|
|
- // get pseudo user, if exists
|
|
|
- let pseudo_user = await db.read(`SELECT * FROM user WHERE email = ? AND password IS NULL`, [req.body.email]);
|
|
|
- pseudo_user = pseudo_user[0];
|
|
|
-
|
|
|
- // send_confirmation_code
|
|
|
- req.body.send_confirmation_code = req.body.send_confirmation_code ?? true;
|
|
|
-
|
|
|
- // todo email confirmation is required by default unless:
|
|
|
- // Pseudo user converting and matching uuid is provided
|
|
|
- let email_confirmation_required = 0;
|
|
|
-
|
|
|
- // -----------------------------------
|
|
|
- // Get referral user
|
|
|
- // -----------------------------------
|
|
|
- let referred_by_user = undefined;
|
|
|
- if ( req.body.referral_code ) {
|
|
|
- referred_by_user = await get_user({ referral_code: req.body.referral_code });
|
|
|
- if ( ! referred_by_user ) {
|
|
|
- return res.status(400).send('Referral code not found');
|
|
|
+ const svc_lock = req.services.get('lock');
|
|
|
+ return svc_lock.lock([
|
|
|
+ `save-account:username:${req.body.username}`,
|
|
|
+ `save-account:email:${req.body.email}`
|
|
|
+ ], async () => {
|
|
|
+ await new Promise((rslv) => {
|
|
|
+ setTimeout(rslv, 5000);
|
|
|
+ });
|
|
|
+ // duplicate username check, do this only if user has supplied a new username
|
|
|
+ if(req.body.username !== req.user.username && await username_exists(req.body.username))
|
|
|
+ return res.status(400).send('This username already exists in our database. Please use another one.');
|
|
|
+ // duplicate email check (pseudo-users don't count)
|
|
|
+ let rows2 = await db.read(`SELECT EXISTS(SELECT 1 FROM user WHERE email=? AND password IS NOT NULL) AS email_exists`, [req.body.email]);
|
|
|
+ if(rows2[0].email_exists)
|
|
|
+ return res.status(400).send('This email already exists in our database. Please use another one.');
|
|
|
+ // get pseudo user, if exists
|
|
|
+ let pseudo_user = await db.read(`SELECT * FROM user WHERE email = ? AND password IS NULL`, [req.body.email]);
|
|
|
+ pseudo_user = pseudo_user[0];
|
|
|
+
|
|
|
+ // send_confirmation_code
|
|
|
+ req.body.send_confirmation_code = req.body.send_confirmation_code ?? true;
|
|
|
+
|
|
|
+ // todo email confirmation is required by default unless:
|
|
|
+ // Pseudo user converting and matching uuid is provided
|
|
|
+ let email_confirmation_required = 0;
|
|
|
+
|
|
|
+ // -----------------------------------
|
|
|
+ // Get referral user
|
|
|
+ // -----------------------------------
|
|
|
+ let referred_by_user = undefined;
|
|
|
+ if ( req.body.referral_code ) {
|
|
|
+ referred_by_user = await get_user({ referral_code: req.body.referral_code });
|
|
|
+ if ( ! referred_by_user ) {
|
|
|
+ return res.status(400).send('Referral code not found');
|
|
|
+ }
|
|
|
}
|
|
|
- }
|
|
|
-
|
|
|
- // -----------------------------------
|
|
|
- // New User
|
|
|
- // -----------------------------------
|
|
|
- const user_uuid = req.user.uuid;
|
|
|
- let email_confirm_code = Math.floor(100000 + Math.random() * 900000);
|
|
|
- const email_confirm_token = uuidv4();
|
|
|
-
|
|
|
- if(pseudo_user === undefined){
|
|
|
- await db.write(
|
|
|
- `UPDATE user
|
|
|
- SET
|
|
|
- username = ?, email = ?, password = ?, email_confirm_code = ?, email_confirm_token = ?${
|
|
|
- referred_by_user ? ', referred_by = ?' : '' }
|
|
|
- WHERE
|
|
|
- id = ?`,
|
|
|
- [
|
|
|
- // username
|
|
|
- req.body.username,
|
|
|
- // email
|
|
|
- req.body.email,
|
|
|
- // password
|
|
|
- await bcrypt.hash(req.body.password, 8),
|
|
|
- // email_confirm_code
|
|
|
- email_confirm_code,
|
|
|
- //email_confirm_token
|
|
|
- email_confirm_token,
|
|
|
- // referred_by
|
|
|
- ...(referred_by_user ? [referred_by_user.id] : []),
|
|
|
- // id
|
|
|
- req.user.id
|
|
|
- ]
|
|
|
- );
|
|
|
- invalidate_cached_user(req.user);
|
|
|
-
|
|
|
- // Update root directory name
|
|
|
- await db.write(
|
|
|
- `UPDATE fsentries SET name = ? WHERE user_id = ? and parent_uid IS NULL`,
|
|
|
- [
|
|
|
- // name
|
|
|
- req.body.username,
|
|
|
- // id
|
|
|
- req.user.id,
|
|
|
- ]
|
|
|
- );
|
|
|
- const filesystem = req.services.get('filesystem');
|
|
|
- await filesystem.update_child_paths(`/${req.user.username}`, `/${req.body.username}`, req.user.id);
|
|
|
-
|
|
|
- if(req.body.send_confirmation_code)
|
|
|
- send_email_verification_code(email_confirm_code, req.body.email);
|
|
|
- else
|
|
|
- send_email_verification_token(email_confirm_token, req.body.email, user_uuid);
|
|
|
- }
|
|
|
|
|
|
- // create token for login
|
|
|
- const svc_auth = req.services.get('auth');
|
|
|
- const { token } = await svc_auth.create_session_token(req.user, { req });
|
|
|
+ // -----------------------------------
|
|
|
+ // New User
|
|
|
+ // -----------------------------------
|
|
|
+ const user_uuid = req.user.uuid;
|
|
|
+ let email_confirm_code = Math.floor(100000 + Math.random() * 900000);
|
|
|
+ const email_confirm_token = uuidv4();
|
|
|
+
|
|
|
+ if(pseudo_user === undefined){
|
|
|
+ await db.write(
|
|
|
+ `UPDATE user
|
|
|
+ SET
|
|
|
+ username = ?, email = ?, password = ?, email_confirm_code = ?, email_confirm_token = ?${
|
|
|
+ referred_by_user ? ', referred_by = ?' : '' }
|
|
|
+ WHERE
|
|
|
+ id = ?`,
|
|
|
+ [
|
|
|
+ // username
|
|
|
+ req.body.username,
|
|
|
+ // email
|
|
|
+ req.body.email,
|
|
|
+ // password
|
|
|
+ await bcrypt.hash(req.body.password, 8),
|
|
|
+ // email_confirm_code
|
|
|
+ email_confirm_code,
|
|
|
+ //email_confirm_token
|
|
|
+ email_confirm_token,
|
|
|
+ // referred_by
|
|
|
+ ...(referred_by_user ? [referred_by_user.id] : []),
|
|
|
+ // id
|
|
|
+ req.user.id
|
|
|
+ ]
|
|
|
+ );
|
|
|
+ invalidate_cached_user(req.user);
|
|
|
+
|
|
|
+ // Update root directory name
|
|
|
+ await db.write(
|
|
|
+ `UPDATE fsentries SET name = ? WHERE user_id = ? and parent_uid IS NULL`,
|
|
|
+ [
|
|
|
+ // name
|
|
|
+ req.body.username,
|
|
|
+ // id
|
|
|
+ req.user.id,
|
|
|
+ ]
|
|
|
+ );
|
|
|
+ const filesystem = req.services.get('filesystem');
|
|
|
+ await filesystem.update_child_paths(`/${req.user.username}`, `/${req.body.username}`, req.user.id);
|
|
|
+
|
|
|
+ if(req.body.send_confirmation_code)
|
|
|
+ send_email_verification_code(email_confirm_code, req.body.email);
|
|
|
+ else
|
|
|
+ send_email_verification_token(email_confirm_token, req.body.email, user_uuid);
|
|
|
+ }
|
|
|
|
|
|
- // user id
|
|
|
- // todo if pseudo user, assign directly no need to do another DB lookup
|
|
|
- const user_id = req.user.id;
|
|
|
- const user_res = await db.read('SELECT * FROM `user` WHERE `id` = ? LIMIT 1', [user_id]);
|
|
|
- const user = user_res[0];
|
|
|
+ // create token for login
|
|
|
+ const svc_auth = req.services.get('auth');
|
|
|
+ const { token } = await svc_auth.create_session_token(req.user, { req });
|
|
|
|
|
|
- // todo send LINK-based verification email
|
|
|
+ // user id
|
|
|
+ // todo if pseudo user, assign directly no need to do another DB lookup
|
|
|
+ const user_id = req.user.id;
|
|
|
+ const user_res = await db.read('SELECT * FROM `user` WHERE `id` = ? LIMIT 1', [user_id]);
|
|
|
+ const user = user_res[0];
|
|
|
|
|
|
- //set cookie
|
|
|
- res.cookie(config.cookie_name, token);
|
|
|
+ // todo send LINK-based verification email
|
|
|
|
|
|
- {
|
|
|
- const svc_event = req.services.get('event');
|
|
|
- svc_event.emit('user.save_account', { user });
|
|
|
- }
|
|
|
+ //set cookie
|
|
|
+ res.cookie(config.cookie_name, token);
|
|
|
|
|
|
- // return results
|
|
|
- return res.send({
|
|
|
- token: token,
|
|
|
- user:{
|
|
|
- username: user.username,
|
|
|
- uuid: user.uuid,
|
|
|
- email: user.email,
|
|
|
- is_temp: false,
|
|
|
- requires_email_confirmation: user.requires_email_confirmation,
|
|
|
- email_confirmed: user.email_confirmed,
|
|
|
- email_confirmation_required: email_confirmation_required,
|
|
|
- taskbar_items: await get_taskbar_items(user),
|
|
|
- referral_code: user.referral_code,
|
|
|
+ {
|
|
|
+ const svc_event = req.services.get('event');
|
|
|
+ svc_event.emit('user.save_account', { user });
|
|
|
}
|
|
|
- })
|
|
|
+
|
|
|
+ // return results
|
|
|
+ return res.send({
|
|
|
+ token: token,
|
|
|
+ user:{
|
|
|
+ username: user.username,
|
|
|
+ uuid: user.uuid,
|
|
|
+ email: user.email,
|
|
|
+ is_temp: false,
|
|
|
+ requires_email_confirmation: user.requires_email_confirmation,
|
|
|
+ email_confirmed: user.email_confirmed,
|
|
|
+ email_confirmation_required: email_confirmation_required,
|
|
|
+ taskbar_items: await get_taskbar_items(user),
|
|
|
+ referral_code: user.referral_code,
|
|
|
+ }
|
|
|
+ })
|
|
|
+ });
|
|
|
})
|
|
|
|
|
|
module.exports = router
|
KernelDeimos