mirror of
https://github.com/fosrl/pangolin.git
synced 2026-02-23 21:36:37 +00:00
setup server admin
This commit is contained in:
Milo Schwartz
@@ -11,6 +11,7 @@ import logger from "@server/logger";
|
||||
import { fromError } from "zod-validation-error";
|
||||
import { isWithinExpirationDate } from "oslo";
|
||||
import { verifyPassword } from "@server/auth/password";
|
||||
import { checkValidInvite } from "@server/auth/checkValidInvite";
|
||||
|
||||
const acceptInviteBodySchema = z
|
||||
.object({
|
||||
@@ -42,44 +43,25 @@ export async function acceptInvite(
|
||||
|
||||
const { token, inviteId } = parsedBody.data;
|
||||
|
||||
const existingInvite = await db
|
||||
.select()
|
||||
.from(userInvites)
|
||||
.where(eq(userInvites.inviteId, inviteId))
|
||||
.limit(1);
|
||||
|
||||
if (!existingInvite.length) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
"Invite ID or token is invalid"
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
if (!isWithinExpirationDate(new Date(existingInvite[0].expiresAt))) {
|
||||
return next(
|
||||
createHttpError(HttpCode.BAD_REQUEST, "Invite has expired")
|
||||
);
|
||||
}
|
||||
|
||||
const validToken = await verifyPassword(
|
||||
const { error, existingInvite } = await checkValidInvite({
|
||||
token,
|
||||
existingInvite[0].tokenHash
|
||||
);
|
||||
if (!validToken) {
|
||||
inviteId
|
||||
});
|
||||
|
||||
if (error) {
|
||||
return next(createHttpError(HttpCode.BAD_REQUEST, error));
|
||||
}
|
||||
|
||||
if (!existingInvite) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
"Invite ID or token is invalid"
|
||||
)
|
||||
createHttpError(HttpCode.BAD_REQUEST, "Invite does not exist")
|
||||
);
|
||||
}
|
||||
|
||||
const existingUser = await db
|
||||
.select()
|
||||
.from(users)
|
||||
.where(eq(users.email, existingInvite[0].email))
|
||||
.where(eq(users.email, existingInvite.email))
|
||||
.limit(1);
|
||||
if (!existingUser.length) {
|
||||
return next(
|
||||
@@ -90,7 +72,7 @@ export async function acceptInvite(
|
||||
);
|
||||
}
|
||||
|
||||
if (req.user && req.user.email !== existingInvite[0].email) {
|
||||
if (req.user && req.user.email !== existingInvite.email) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
@@ -104,7 +86,7 @@ export async function acceptInvite(
|
||||
const existingRole = await db
|
||||
.select()
|
||||
.from(roles)
|
||||
.where(eq(roles.roleId, existingInvite[0].roleId))
|
||||
.where(eq(roles.roleId, existingInvite.roleId))
|
||||
.limit(1);
|
||||
if (existingRole.length) {
|
||||
roleId = existingRole[0].roleId;
|
||||
@@ -121,15 +103,15 @@ export async function acceptInvite(
|
||||
// add the user to the org
|
||||
await db.insert(userOrgs).values({
|
||||
userId: existingUser[0].userId,
|
||||
orgId: existingInvite[0].orgId,
|
||||
roleId: existingInvite[0].roleId
|
||||
orgId: existingInvite.orgId,
|
||||
roleId: existingInvite.roleId
|
||||
});
|
||||
|
||||
// delete the invite
|
||||
await db.delete(userInvites).where(eq(userInvites.inviteId, inviteId));
|
||||
|
||||
return response<AcceptInviteResponse>(res, {
|
||||
data: { accepted: true, orgId: existingInvite[0].orgId },
|
||||
data: { accepted: true, orgId: existingInvite.orgId },
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Invite accepted",
|
||||
|
||||
@@ -15,6 +15,7 @@ async function queryUser(userId: string) {
|
||||
email: users.email,
|
||||
twoFactorEnabled: users.twoFactorEnabled,
|
||||
emailVerified: users.emailVerified,
|
||||
serverAdmin: users.serverAdmin
|
||||
})
|
||||
.from(users)
|
||||
.where(eq(users.userId, userId))
|
||||
@@ -56,7 +57,7 @@ export async function getUser(
|
||||
success: true,
|
||||
error: false,
|
||||
message: "User retrieved successfully",
|
||||
status: HttpCode.OK,
|
||||
status: HttpCode.OK
|
||||
});
|
||||
} catch (error) {
|
||||
logger.error(error);
|
||||
|
||||
Reference in New Issue
Block a user