mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-03 00:15:11 +03:00
46706646e3
refs #10060 - Modules extractions done here are meant to make upcoming migration of authentication controller to v2 more manageable and reduce code repetition - There were couple modules extracted for different areas that controller touches: passwordrest, accept (for invitation), setup - The aim was to keep changes to the minimum while making small readability improvements to new functions through async/await syntax - The biggest barrier to make more encapsulated functions was the fact that we mutate options parameter on multiple levels in the controller. e.g mutations of options.data during validation on the password reset ties it up to the implementation of doReset function
31 lines
953 B
JavaScript
31 lines
953 B
JavaScript
const common = require('../../lib/common');
|
|
const models = require('../../models');
|
|
const security = require('../../lib/security');
|
|
|
|
async function accept(invitation) {
|
|
const data = invitation.invitation[0];
|
|
const inviteToken = security.url.decodeBase64(data.token);
|
|
const options = {context: {internal: true}};
|
|
|
|
let invite = await models.Invite.findOne({token: inviteToken, status: 'sent'}, options);
|
|
|
|
if (!invite) {
|
|
throw new common.errors.NotFoundError({message: common.i18n.t('errors.api.invites.inviteNotFound')});
|
|
}
|
|
|
|
if (invite.get('expires') < Date.now()) {
|
|
throw new common.errors.NotFoundError({message: common.i18n.t('errors.api.invites.inviteExpired')});
|
|
}
|
|
|
|
await models.User.add({
|
|
email: data.email,
|
|
name: data.name,
|
|
password: data.password,
|
|
roles: [invite.toJSON().role_id]
|
|
}, options);
|
|
|
|
return invite.destroy(options);
|
|
}
|
|
|
|
module.exports = accept;
|