2023-01-13 05:40:33 +01:00
|
|
|
import type Koa from "koa";
|
|
|
|
|
import rndstr from "rndstr";
|
|
|
|
|
import { fetchMeta } from "@/misc/fetch-meta.js";
|
|
|
|
|
import { verifyHcaptcha, verifyRecaptcha } from "@/misc/captcha.js";
|
|
|
|
|
import { Users, RegistrationTickets, UserPendings } from "@/models/index.js";
|
|
|
|
|
import { signup } from "../common/signup.js";
|
|
|
|
|
import config from "@/config/index.js";
|
|
|
|
|
import { sendEmail } from "@/services/send-email.js";
|
|
|
|
|
import { genId } from "@/misc/gen-id.js";
|
|
|
|
|
import { validateEmailForAccount } from "@/services/validate-email-for-account.js";
|
2023-04-03 11:23:51 +02:00
|
|
|
import { hashPassword } from "@/misc/password.js";
|
2016-12-28 23:49:51 +01:00
|
|
|
|
2019-11-24 09:09:32 +01:00
|
|
|
export default async (ctx: Koa.Context) => {
|
|
|
|
|
const body = ctx.request.body;
|
2018-07-23 06:56:25 +02:00
|
|
|
|
2019-04-24 01:11:19 +02:00
|
|
|
const instance = await fetchMeta(true);
|
2018-11-06 16:08:21 +01:00
|
|
|
|
2020-04-28 07:29:33 +02:00
|
|
|
// Verify *Captcha
|
2017-01-17 00:26:59 +01:00
|
|
|
// ただしテスト時はこの機構は障害となるため無効にする
|
2023-01-13 05:40:33 +01:00
|
|
|
if (process.env.NODE_ENV !== "test") {
|
2020-05-02 03:31:37 +02:00
|
|
|
if (instance.enableHcaptcha && instance.hcaptchaSecretKey) {
|
2023-01-13 05:40:33 +01:00
|
|
|
await verifyHcaptcha(
|
|
|
|
|
instance.hcaptchaSecretKey,
|
|
|
|
|
body["hcaptcha-response"],
|
|
|
|
|
).catch((e) => {
|
2021-02-06 03:46:47 +01:00
|
|
|
ctx.throw(400, e);
|
|
|
|
|
});
|
2020-04-28 07:29:33 +02:00
|
|
|
}
|
2018-11-06 16:08:21 +01:00
|
|
|
|
2020-05-02 03:28:45 +02:00
|
|
|
if (instance.enableRecaptcha && instance.recaptchaSecretKey) {
|
2023-01-13 05:40:33 +01:00
|
|
|
await verifyRecaptcha(
|
|
|
|
|
instance.recaptchaSecretKey,
|
|
|
|
|
body["g-recaptcha-response"],
|
|
|
|
|
).catch((e) => {
|
2021-02-06 03:46:47 +01:00
|
|
|
ctx.throw(400, e);
|
2020-05-02 03:28:45 +02:00
|
|
|
});
|
2017-01-17 00:26:59 +01:00
|
|
|
}
|
2016-12-28 23:49:51 +01:00
|
|
|
}
|
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
const username = body["username"];
|
|
|
|
|
const password = body["password"];
|
|
|
|
|
const host: string | null =
|
|
|
|
|
process.env.NODE_ENV === "test" ? body["host"] || null : null;
|
|
|
|
|
const invitationCode = body["invitationCode"];
|
|
|
|
|
const emailAddress = body["emailAddress"];
|
2018-08-17 12:17:23 +02:00
|
|
|
|
2023-04-26 22:06:18 +02:00
|
|
|
if (config.reservedUsernames?.includes(username.toLowerCase())) {
|
|
|
|
|
ctx.status = 400;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-08 06:37:02 +02:00
|
|
|
if (instance.emailRequiredForSignup) {
|
2023-01-13 05:40:33 +01:00
|
|
|
if (emailAddress == null || typeof emailAddress !== "string") {
|
2021-10-08 06:37:02 +02:00
|
|
|
ctx.status = 400;
|
|
|
|
|
return;
|
|
|
|
|
}
|
2021-11-07 12:16:01 +01:00
|
|
|
|
2023-05-01 07:50:43 +02:00
|
|
|
const { available } = await validateEmailForAccount(emailAddress);
|
2021-11-07 12:16:01 +01:00
|
|
|
if (!available) {
|
|
|
|
|
ctx.status = 400;
|
|
|
|
|
return;
|
|
|
|
|
}
|
2021-10-08 06:37:02 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (instance.disableRegistration) {
|
2023-01-13 05:40:33 +01:00
|
|
|
if (invitationCode == null || typeof invitationCode !== "string") {
|
2018-08-17 12:17:23 +02:00
|
|
|
ctx.status = 400;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-26 07:34:00 +01:00
|
|
|
const ticket = await RegistrationTickets.findOneBy({
|
2021-12-09 15:58:30 +01:00
|
|
|
code: invitationCode,
|
2018-08-17 12:17:23 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (ticket == null) {
|
|
|
|
|
ctx.status = 400;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-07 14:50:36 +02:00
|
|
|
RegistrationTickets.delete(ticket.id);
|
2018-08-17 12:17:23 +02:00
|
|
|
}
|
2016-12-28 23:49:51 +01:00
|
|
|
|
2021-10-08 06:37:02 +02:00
|
|
|
if (instance.emailRequiredForSignup) {
|
2023-01-13 05:40:33 +01:00
|
|
|
const code = rndstr("a-z0-9", 16);
|
2021-10-08 06:37:02 +02:00
|
|
|
|
|
|
|
|
// Generate hash of password
|
2023-04-03 11:23:51 +02:00
|
|
|
const hash = await hashPassword(password);
|
2019-04-11 18:52:25 +02:00
|
|
|
|
2021-10-08 06:37:02 +02:00
|
|
|
await UserPendings.insert({
|
|
|
|
|
id: genId(),
|
|
|
|
|
createdAt: new Date(),
|
|
|
|
|
code,
|
|
|
|
|
email: emailAddress,
|
|
|
|
|
username: username,
|
|
|
|
|
password: hash,
|
2019-07-09 20:47:07 +02:00
|
|
|
});
|
|
|
|
|
|
2021-10-08 06:37:02 +02:00
|
|
|
const link = `${config.url}/signup-complete/${code}`;
|
|
|
|
|
|
2023-01-13 05:40:33 +01:00
|
|
|
sendEmail(
|
|
|
|
|
emailAddress,
|
|
|
|
|
"Signup",
|
2021-10-08 06:37:02 +02:00
|
|
|
`To complete signup, please click this link:<br><a href="${link}">${link}</a>`,
|
2023-01-13 05:40:33 +01:00
|
|
|
`To complete signup, please click this link: ${link}`,
|
|
|
|
|
);
|
2018-06-16 03:40:53 +02:00
|
|
|
|
2021-10-08 06:37:02 +02:00
|
|
|
ctx.status = 204;
|
|
|
|
|
} else {
|
|
|
|
|
try {
|
|
|
|
|
const { account, secret } = await signup({
|
2023-01-13 05:40:33 +01:00
|
|
|
username,
|
|
|
|
|
password,
|
|
|
|
|
host,
|
2021-10-08 06:37:02 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
const res = await Users.pack(account, account, {
|
|
|
|
|
detail: true,
|
2021-12-09 15:58:30 +01:00
|
|
|
includeSecrets: true,
|
2021-10-08 06:37:02 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
(res as any).token = secret;
|
|
|
|
|
|
|
|
|
|
ctx.body = res;
|
|
|
|
|
} catch (e) {
|
|
|
|
|
ctx.throw(400, e);
|
|
|
|
|
}
|
2020-01-29 20:37:25 +01:00
|
|
|
}
|
2016-12-28 23:49:51 +01:00
|
|
|
};
|
