mirror of
https://github.com/wassname/talk.git
synced 2026-06-29 20:53:07 +08:00
Wyatt Johnson
98 lines
2.7 KiB
JavaScript
98 lines
2.7 KiB
JavaScript
const express = require('express');
|
|
const router = express.Router();
|
|
const UsersService = require('../../../services/users');
|
|
const errors = require('../../../errors');
|
|
const authorization = require('../../../middleware/authorization');
|
|
const Limit = require('../../../services/limit');
|
|
|
|
// create a local user.
|
|
router.post('/', async (req, res, next) => {
|
|
const { email, password, username } = req.body;
|
|
const redirectUri = req.header('X-Pym-Url') || req.header('Referer');
|
|
|
|
try {
|
|
let user = await UsersService.createLocalUser(email, password, username);
|
|
|
|
// Send an email confirmation. The Front end will know about the
|
|
// requireEmailConfirmation as it's included in the settings get endpoint.
|
|
await UsersService.sendEmailConfirmation(user, email, redirectUri);
|
|
|
|
res.status(201).json(user);
|
|
} catch (e) {
|
|
return next(e);
|
|
}
|
|
});
|
|
|
|
// This will allow 1 try every minute.
|
|
const resendRateLimiter = new Limit('/api/v1/users/resend-verify', 1, '1m');
|
|
|
|
// trigger an email confirmation re-send by a new user
|
|
router.post('/resend-verify', async (req, res, next) => {
|
|
const redirectUri = req.header('X-Pym-Url') || req.header('Referer');
|
|
let { email = '' } = req.body;
|
|
|
|
// Clean up and validate the email.
|
|
email = email.toLowerCase().trim();
|
|
if (email.length < 5) {
|
|
return next(errors.ErrMissingEmail);
|
|
}
|
|
|
|
// Check if we're past the rate limit, if we are, stop now. Otherwise, record
|
|
// this as an attempt to send a verification email.
|
|
try {
|
|
const tries = await resendRateLimiter.get(email);
|
|
if (tries > 0) {
|
|
throw errors.ErrMaxRateLimit;
|
|
}
|
|
|
|
await resendRateLimiter.test(email);
|
|
} catch (err) {
|
|
return next(err);
|
|
}
|
|
|
|
try {
|
|
const user = await UsersService.findLocalUser(email);
|
|
if (!user) {
|
|
throw errors.ErrNotFound;
|
|
}
|
|
|
|
await UsersService.sendEmailConfirmation(user, email, redirectUri);
|
|
|
|
res.status(204).end();
|
|
} catch (e) {
|
|
console.trace(e);
|
|
res.status(204).end();
|
|
}
|
|
});
|
|
|
|
// trigger an email confirmation re-send from the admin panel
|
|
router.post(
|
|
'/:user_id/email/confirm',
|
|
authorization.needed('ADMIN', 'MODERATOR'),
|
|
async (req, res, next) => {
|
|
const { user_id } = req.params;
|
|
|
|
try {
|
|
let user = await UsersService.findById(user_id);
|
|
if (!user) {
|
|
return next(errors.ErrNotFound);
|
|
}
|
|
|
|
// Find the first local profile.
|
|
const email = user.firstEmail;
|
|
if (!email) {
|
|
return next(errors.ErrMissingEmail);
|
|
}
|
|
|
|
// Send the email to the first local profile that was found.
|
|
await UsersService.sendEmailConfirmation(user, email);
|
|
|
|
res.status(204).end();
|
|
} catch (e) {
|
|
return next(e);
|
|
}
|
|
}
|
|
);
|
|
|
|
module.exports = router;
|