oneuptime/Identity/API/AuthenticationAPI.ts

import {
    AccountsHostname,
    DashboardHostname,
    DisableSignup,
    HomeHostname,
    HttpProtocol,
    IsSaaSService,
} from 'CommonServer/Config';
import Express, {
    ExpressRequest,
    ExpressResponse,
    ExpressRouter,
} from 'CommonServer/utils/Express';
import BadRequestException from 'Common/Types/Exception/BadRequestException';
import { JSONObject } from 'Common/Types/JSON';
import User from 'Common/Models/User';
import Service from 'CommonServer/Services/Index';
import EmailVerificationTokenServiceType from 'CommonServer/Services/EmailVerificationTokenService';
import UserServiceType from 'CommonServer/Services/UserService';
import ObjectID from 'Common/Types/ObjectID';
import EmailVerificationToken from 'Common/Models/EmailVerificationToken';
import BadDataException from 'Common/Types/Exception/BadDataException';
import MailServiceType from 'CommonServer/Services/MailService';
import EmailTemplateType from 'Common/Types/Email/EmailTemplateType';
import EmailSubjects from 'Common/Types/Email/EmailSubjects';
import URL from 'Common/Types/API/URL';
import Response from 'CommonServer/Utils/Response';
import JSONWebToken from 'CommonServer/Utils/JsonWebToken';
import OneUptimeDate from 'Common/Types/Date';
import PositiveNumber from 'Common/Types/PositiveNumber';

const UserService: UserServiceType = Service.UserService;
const EmailVerificationTokenService: EmailVerificationTokenServiceType =
    Service.EmailVerificationTokenService;
const MailService: MailServiceType = Service.MailService;

const router: ExpressRouter = Express.getRouter();

router.post(
    '/signup',
    async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {
        if (DisableSignup) {
            throw new BadRequestException('Sign up is disabled.');
        }

        const data: JSONObject = req.body;
        const user: User = User.asPublicCreateable<User>(
            data['user'] as JSONObject
        );

        if (IsSaaSService) {
            //ALERT: Delete data.role so user don't accidently sign up as master-admin from the API.
            user.isMasterAdmin = false;
            user.isEmailVerified = false;
        }

        let verificationToken: ObjectID | null = null;
        let emailVerificationToken: EmailVerificationToken | null = null;
        if (req.query['token']) {
            verificationToken = new ObjectID(req.query['token'] as string);
            emailVerificationToken =
                await EmailVerificationTokenService.findOneBy({
                    query: {
                        token: verificationToken,
                    },
                });
        }

        const alreadySavedUser: User | null = await UserService.findOneBy({
            query: { email: user.email },
            select: {
                _id: true,
                password: true,
            },
        });

        if (
            emailVerificationToken &&
            user &&
            user.id.toString() === emailVerificationToken.userId.toString()
        ) {
            user.isEmailVerified = true;
        }

        if (alreadySavedUser && alreadySavedUser.password) {
            throw new BadDataException(
                `User with email ${user.email} already exists.`
            );
        }

        let savedUser: User | null = null;
        if (alreadySavedUser) {
            savedUser = await UserService.updateOneByIdAndFetch({
                id: alreadySavedUser.id,
                data: user,
            });
        } else {
            savedUser = await UserService.create({ data: user });
        }

        if (alreadySavedUser) {
            // Send Welcome Mail
            MailService.sendMail(
                user.email,
                EmailSubjects.getSubjectByType(
                    EmailTemplateType.SIGNUP_WELCOME_EMAIL
                ),
                EmailTemplateType.SIGNUP_WELCOME_EMAIL,
                {
                    name: user.name.toString(),
                    dashboardUrl: new URL(
                        HttpProtocol,
                        DashboardHostname
                    ).toString(),
                    homeUrl: new URL(HttpProtocol, HomeHostname).toString(),
                }
            );
        } else {
            // Send EmailVerification Link because this is a new user.
            MailService.sendMail(
                user.email,
                EmailSubjects.getSubjectByType(
                    EmailTemplateType.SIGNUP_WELCOME_EMAIL
                ),
                EmailTemplateType.SIGNUP_WELCOME_EMAIL,
                {
                    name: user.name.toString(),
                    emailVerificationUrl: new URL(
                        HttpProtocol,
                        AccountsHostname
                    ).toString(),
                    homeUrl: new URL(HttpProtocol, HomeHostname).toString(),
                }
            );
        }

        if (savedUser) {
            const token: string = JSONWebToken.sign(
                {
                    userId: savedUser?.id,
                    email: savedUser?.email,
                    isMasterAdmin: savedUser?.isMasterAdmin,
                    roles: [],
                },
                OneUptimeDate.getSomeDaysAfter(new PositiveNumber(30))
            );

            return Response.sendItemResponse(req, res, { token: token });
        }

        throw new BadRequestException('Failed to create a user');
    }
);

export default router;
fix lint. 2022-05-10 20:40:45 +00:00			`import {`
			`AccountsHostname,`
			`DashboardHostname,`
			`DisableSignup,`
			`HomeHostname,`
			`HttpProtocol,`
			`IsSaaSService,`
			`} from 'CommonServer/Config';`
fix accounts 2022-05-09 20:30:55 +00:00			`import Express, {`
			`ExpressRequest,`
			`ExpressResponse,`
			`ExpressRouter,`
			`} from 'CommonServer/utils/Express';`
fix user signup. 2022-05-09 20:49:16 +00:00			`import BadRequestException from 'Common/Types/Exception/BadRequestException';`
			`import { JSONObject } from 'Common/Types/JSON';`
			`import User from 'Common/Models/User';`
			`import Service from 'CommonServer/Services/Index';`
add sccess control decorators. 2022-05-10 19:26:44 +00:00			`import EmailVerificationTokenServiceType from 'CommonServer/Services/EmailVerificationTokenService';`
			`import UserServiceType from 'CommonServer/Services/UserService';`
			`import ObjectID from 'Common/Types/ObjectID';`
			`import EmailVerificationToken from 'Common/Models/EmailVerificationToken';`
			`import BadDataException from 'Common/Types/Exception/BadDataException';`
			`import MailServiceType from 'CommonServer/Services/MailService';`
			`import EmailTemplateType from 'Common/Types/Email/EmailTemplateType';`
			`import EmailSubjects from 'Common/Types/Email/EmailSubjects';`
			`import URL from 'Common/Types/API/URL';`
			`import Response from 'CommonServer/Utils/Response';`
			`import JSONWebToken from 'CommonServer/Utils/JsonWebToken';`
			`import OneUptimeDate from 'Common/Types/Date';`
			`import PositiveNumber from 'Common/Types/PositiveNumber';`

			`const UserService: UserServiceType = Service.UserService;`
fix lint. 2022-05-10 20:40:45 +00:00			`const EmailVerificationTokenService: EmailVerificationTokenServiceType =`
			`Service.EmailVerificationTokenService;`
add sccess control decorators. 2022-05-10 19:26:44 +00:00			`const MailService: MailServiceType = Service.MailService;`
fix accounts 2022-05-09 20:30:55 +00:00
			`const router: ExpressRouter = Express.getRouter();`

fix lint. 2022-05-10 20:40:45 +00:00			`router.post(`
			`'/signup',`
			`async (req: ExpressRequest, res: ExpressResponse): Promise<void> => {`
			`if (DisableSignup) {`
			`throw new BadRequestException('Sign up is disabled.');`
			`}`

			`const data: JSONObject = req.body;`
fix lint. 2022-05-12 20:08:19 +00:00			`const user: User = User.asPublicCreateable<User>(`
			`data['user'] as JSONObject`
			`);`
fix lint. 2022-05-10 20:40:45 +00:00
			`if (IsSaaSService) {`
			`//ALERT: Delete data.role so user don't accidently sign up as master-admin from the API.`
			`user.isMasterAdmin = false;`
			`user.isEmailVerified = false;`
			`}`

			`let verificationToken: ObjectID \| null = null;`
			`let emailVerificationToken: EmailVerificationToken \| null = null;`
			`if (req.query['token']) {`
			`verificationToken = new ObjectID(req.query['token'] as string);`
			`emailVerificationToken =`
			`await EmailVerificationTokenService.findOneBy({`
			`query: {`
			`token: verificationToken,`
			`},`
			`});`
			`}`

			`const alreadySavedUser: User \| null = await UserService.findOneBy({`
			`query: { email: user.email },`
			`select: {`
			`_id: true,`
			`password: true,`
			`},`
fix accounts 2022-05-09 20:30:55 +00:00			`});`
add sccess control decorators. 2022-05-10 19:26:44 +00:00
fix lint. 2022-05-10 20:40:45 +00:00			`if (`
			`emailVerificationToken &&`
			`user &&`
			`user.id.toString() === emailVerificationToken.userId.toString()`
			`) {`
			`user.isEmailVerified = true;`
			`}`

			`if (alreadySavedUser && alreadySavedUser.password) {`
			`throw new BadDataException(`
			`User with email ${user.email} already exists.`
			`);`
			`}`

			`let savedUser: User \| null = null;`
			`if (alreadySavedUser) {`
			`savedUser = await UserService.updateOneByIdAndFetch({`
			`id: alreadySavedUser.id,`
			`data: user,`
			`});`
			`} else {`
			`savedUser = await UserService.create({ data: user });`
			`}`

			`if (alreadySavedUser) {`
			`// Send Welcome Mail`
			`MailService.sendMail(`
			`user.email,`
			`EmailSubjects.getSubjectByType(`
			`EmailTemplateType.SIGNUP_WELCOME_EMAIL`
			`),`
			`EmailTemplateType.SIGNUP_WELCOME_EMAIL,`
			`{`
			`name: user.name.toString(),`
			`dashboardUrl: new URL(`
			`HttpProtocol,`
			`DashboardHostname`
			`).toString(),`
			`homeUrl: new URL(HttpProtocol, HomeHostname).toString(),`
			`}`
			`);`
			`} else {`
			`// Send EmailVerification Link because this is a new user.`
			`MailService.sendMail(`
			`user.email,`
			`EmailSubjects.getSubjectByType(`
			`EmailTemplateType.SIGNUP_WELCOME_EMAIL`
			`),`
			`EmailTemplateType.SIGNUP_WELCOME_EMAIL,`
			`{`
			`name: user.name.toString(),`
			`emailVerificationUrl: new URL(`
			`HttpProtocol,`
			`AccountsHostname`
			`).toString(),`
			`homeUrl: new URL(HttpProtocol, HomeHostname).toString(),`
			`}`
			`);`
			`}`

			`if (savedUser) {`
			`const token: string = JSONWebToken.sign(`
			`{`
			`userId: savedUser?.id,`
			`email: savedUser?.email,`
			`isMasterAdmin: savedUser?.isMasterAdmin,`
			`roles: [],`
			`},`
			`OneUptimeDate.getSomeDaysAfter(new PositiveNumber(30))`
			`);`

			`return Response.sendItemResponse(req, res, { token: token });`
			`}`

			`throw new BadRequestException('Failed to create a user');`
add sccess control decorators. 2022-05-10 19:26:44 +00:00			`}`
fix lint. 2022-05-10 20:40:45 +00:00			`);`
add sccess control decorators. 2022-05-10 19:26:44 +00:00
fix lint. 2022-05-10 20:40:45 +00:00			`export default router;`