2018-04-13 06:06:18 +09:00
|
|
|
import * as Koa from 'koa';
|
2021-10-08 13:37:02 +09:00
|
|
|
import rndstr from 'rndstr';
|
|
|
|
import * as bcrypt from 'bcryptjs';
|
2021-08-19 21:55:45 +09:00
|
|
|
import { fetchMeta } from '@/misc/fetch-meta';
|
|
|
|
import { verifyHcaptcha, verifyRecaptcha } from '@/misc/captcha';
|
2021-10-08 13:37:02 +09:00
|
|
|
import { Users, RegistrationTickets, UserPendings } from '@/models/index';
|
2021-08-19 21:55:45 +09:00
|
|
|
import { signup } from '../common/signup';
|
2021-10-08 13:37:02 +09:00
|
|
|
import config from '@/config';
|
|
|
|
import { sendEmail } from '@/services/send-email';
|
|
|
|
import { genId } from '@/misc/gen-id';
|
2016-12-29 07:49:51 +09:00
|
|
|
|
2019-11-24 17:09:32 +09:00
|
|
|
export default async (ctx: Koa.Context) => {
|
|
|
|
const body = ctx.request.body;
|
2018-07-23 13:56:25 +09:00
|
|
|
|
2019-04-24 08:11:19 +09:00
|
|
|
const instance = await fetchMeta(true);
|
2018-11-07 00:08:21 +09:00
|
|
|
|
2020-04-28 14:29:33 +09:00
|
|
|
// Verify *Captcha
|
2017-01-17 08:26:59 +09:00
|
|
|
// ただしテスト時はこの機構は障害となるため無効にする
|
2020-05-02 10:28:45 +09:00
|
|
|
if (process.env.NODE_ENV !== 'test') {
|
2020-05-02 10:31:37 +09:00
|
|
|
if (instance.enableHcaptcha && instance.hcaptchaSecretKey) {
|
2021-02-06 11:46:47 +09:00
|
|
|
await verifyHcaptcha(instance.hcaptchaSecretKey, body['hcaptcha-response']).catch(e => {
|
|
|
|
ctx.throw(400, e);
|
|
|
|
});
|
2020-04-28 14:29:33 +09:00
|
|
|
}
|
2018-11-07 00:08:21 +09:00
|
|
|
|
2020-05-02 10:28:45 +09:00
|
|
|
if (instance.enableRecaptcha && instance.recaptchaSecretKey) {
|
2021-02-06 11:46:47 +09:00
|
|
|
await verifyRecaptcha(instance.recaptchaSecretKey, body['g-recaptcha-response']).catch(e => {
|
|
|
|
ctx.throw(400, e);
|
2020-05-02 10:28:45 +09:00
|
|
|
});
|
2017-01-17 08:26:59 +09:00
|
|
|
}
|
2016-12-29 07:49:51 +09:00
|
|
|
}
|
|
|
|
|
2018-07-23 13:56:25 +09:00
|
|
|
const username = body['username'];
|
|
|
|
const password = body['password'];
|
2019-04-13 15:18:12 +09:00
|
|
|
const host: string | null = process.env.NODE_ENV === 'test' ? (body['host'] || null) : null;
|
2018-08-17 19:17:23 +09:00
|
|
|
const invitationCode = body['invitationCode'];
|
2021-10-08 13:37:02 +09:00
|
|
|
const emailAddress = body['emailAddress'];
|
2018-08-17 19:17:23 +09:00
|
|
|
|
2021-10-08 13:37:02 +09:00
|
|
|
if (instance.emailRequiredForSignup) {
|
|
|
|
if (emailAddress == null || typeof emailAddress != 'string') {
|
|
|
|
ctx.status = 400;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (instance.disableRegistration) {
|
2018-08-17 19:17:23 +09:00
|
|
|
if (invitationCode == null || typeof invitationCode != 'string') {
|
|
|
|
ctx.status = 400;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-04-07 21:50:36 +09:00
|
|
|
const ticket = await RegistrationTickets.findOne({
|
2018-08-17 19:17:23 +09:00
|
|
|
code: invitationCode
|
|
|
|
});
|
|
|
|
|
|
|
|
if (ticket == null) {
|
|
|
|
ctx.status = 400;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-04-07 21:50:36 +09:00
|
|
|
RegistrationTickets.delete(ticket.id);
|
2018-08-17 19:17:23 +09:00
|
|
|
}
|
2016-12-29 07:49:51 +09:00
|
|
|
|
2021-10-08 13:37:02 +09:00
|
|
|
if (instance.emailRequiredForSignup) {
|
|
|
|
const code = rndstr('a-z0-9', 16);
|
|
|
|
|
|
|
|
// Generate hash of password
|
|
|
|
const salt = await bcrypt.genSalt(8);
|
|
|
|
const hash = await bcrypt.hash(password, salt);
|
2019-04-12 01:52:25 +09:00
|
|
|
|
2021-10-08 13:37:02 +09:00
|
|
|
await UserPendings.insert({
|
|
|
|
id: genId(),
|
|
|
|
createdAt: new Date(),
|
|
|
|
code,
|
|
|
|
email: emailAddress,
|
|
|
|
username: username,
|
|
|
|
password: hash,
|
2019-07-10 03:47:07 +09:00
|
|
|
});
|
|
|
|
|
2021-10-08 13:37:02 +09:00
|
|
|
const link = `${config.url}/signup-complete/${code}`;
|
|
|
|
|
|
|
|
sendEmail(emailAddress, 'Signup',
|
|
|
|
`To complete signup, please click this link:<br><a href="${link}">${link}</a>`,
|
|
|
|
`To complete signup, please click this link: ${link}`);
|
2018-06-16 10:40:53 +09:00
|
|
|
|
2021-10-08 13:37:02 +09:00
|
|
|
ctx.status = 204;
|
|
|
|
} else {
|
|
|
|
try {
|
|
|
|
const { account, secret } = await signup({
|
|
|
|
username, password, host
|
|
|
|
});
|
|
|
|
|
|
|
|
const res = await Users.pack(account, account, {
|
|
|
|
detail: true,
|
|
|
|
includeSecrets: true
|
|
|
|
});
|
|
|
|
|
|
|
|
(res as any).token = secret;
|
|
|
|
|
|
|
|
ctx.body = res;
|
|
|
|
} catch (e) {
|
|
|
|
ctx.throw(400, e);
|
|
|
|
}
|
2020-01-30 04:37:25 +09:00
|
|
|
}
|
2016-12-29 07:49:51 +09:00
|
|
|
};
|