add tos and pp consent

2026-02-22 04:46:40 +00:00 · 2025-07-21 16:56:47 -07:00
parent f1bba3b958
commit 114ce8997f
5 changed files with 112 additions and 16 deletions
--- a/server/db/pg/schema.ts
+++ b/server/db/pg/schema.ts
@@ -5,7 +5,8 @@ import {
    boolean,
    integer,
    bigint,
-    real
+    real,
+    text
 } from "drizzle-orm/pg-core";
 import { InferSelectModel } from "drizzle-orm";

@@ -135,6 +136,8 @@ export const users = pgTable("user", {
    twoFactorSecret: varchar("twoFactorSecret"),
    emailVerified: boolean("emailVerified").notNull().default(false),
    dateCreated: varchar("dateCreated").notNull(),
+    termsAcceptedTimestamp: varchar("termsAcceptedTimestamp"),
+    termsVersion: varchar("termsVersion"),
    serverAdmin: boolean("serverAdmin").notNull().default(false)
 });

--- a/server/db/sqlite/schema.ts
+++ b/server/db/sqlite/schema.ts
@@ -154,6 +154,8 @@ export const users = sqliteTable("user", {
        .notNull()
        .default(false),
    dateCreated: text("dateCreated").notNull(),
+    termsAcceptedTimestamp: text("termsAcceptedTimestamp"),
+    termsVersion: text("termsVersion"),
    serverAdmin: integer("serverAdmin", { mode: "boolean" })
        .notNull()
        .default(false)
--- a/server/routers/auth/signup.ts
+++ b/server/routers/auth/signup.ts
@@ -21,15 +21,14 @@ import { hashPassword } from "@server/auth/password";
 import { checkValidInvite } from "@server/auth/checkValidInvite";
 import { passwordSchema } from "@server/auth/passwordSchema";
 import { UserType } from "@server/types/UserTypes";
+import { build } from "@server/build";

 export const signupBodySchema = z.object({
-    email: z
-        .string()
-        .toLowerCase()
-        .email(),
+    email: z.string().toLowerCase().email(),
    password: passwordSchema,
    inviteToken: z.string().optional(),
-    inviteId: z.string().optional()
+    inviteId: z.string().optional(),
+    termsAcceptedTimestamp: z.string().nullable().optional()
 });

 export type SignUpBody = z.infer<typeof signupBodySchema>;
@@ -54,7 +53,8 @@ export async function signup(
        );
    }

-    const { email, password, inviteToken, inviteId } = parsedBody.data;
+    const { email, password, inviteToken, inviteId, termsAcceptedTimestamp } =
+        parsedBody.data;

    const passwordHash = await hashPassword(password);
    const userId = generateId(15);
@@ -161,13 +161,24 @@ export async function signup(
            }
        }

+        if (build === "saas" && !termsAcceptedTimestamp) {
+            return next(
+                createHttpError(
+                    HttpCode.BAD_REQUEST,
+                    "You must accept the terms of service and privacy policy"
+                )
+            );
+        }
+
        await db.insert(users).values({
            userId: userId,
            type: UserType.Internal,
            username: email,
            email: email,
            passwordHash,
-            dateCreated: moment().toISOString()
+            dateCreated: moment().toISOString(),
+            termsAcceptedTimestamp: termsAcceptedTimestamp || null,
+            termsVersion: "1"
        });

        // give the user their default permissions: