2020-07-23 11:57:44 +03:00
|
|
|
import * as Environment from "~/node_common/environment";
|
2020-07-17 13:24:20 +03:00
|
|
|
import * as MW from "~/node_common/middleware";
|
|
|
|
import * as Data from "~/node_common/data";
|
2020-07-21 14:36:50 +03:00
|
|
|
import * as Utilities from "~/node_common/utilities";
|
2020-07-24 02:56:50 +03:00
|
|
|
import * as Powergate from "~/node_common/powergate";
|
2020-07-24 06:09:58 +03:00
|
|
|
import * as LibraryManager from "~/node_common/managers/library";
|
|
|
|
import * as Validations from "~/common/validations";
|
2020-07-17 13:24:20 +03:00
|
|
|
|
|
|
|
import JWT from "jsonwebtoken";
|
|
|
|
import BCrypt from "bcrypt";
|
|
|
|
|
|
|
|
import { Libp2pCryptoIdentity } from "@textile/threads-core";
|
|
|
|
|
|
|
|
const initCORS = MW.init(MW.CORS);
|
|
|
|
|
|
|
|
export default async (req, res) => {
|
|
|
|
initCORS(req, res);
|
|
|
|
|
2020-07-22 08:53:29 +03:00
|
|
|
const existing = await Data.getUserByUsername({
|
|
|
|
username: req.body.data.username,
|
|
|
|
});
|
|
|
|
|
|
|
|
if (existing) {
|
2020-07-17 13:24:20 +03:00
|
|
|
return res
|
2020-07-22 08:53:29 +03:00
|
|
|
.status(403)
|
|
|
|
.json({ decorator: "SERVER_EXISTING_USER_ALREADY", error: true });
|
|
|
|
}
|
|
|
|
|
2020-07-23 11:57:44 +03:00
|
|
|
if (!Validations.username(req.body.data.username)) {
|
|
|
|
return res
|
|
|
|
.status(500)
|
|
|
|
.send({ decorator: "SERVER_INVALID_USERNAME", error: true });
|
2020-07-17 13:24:20 +03:00
|
|
|
}
|
|
|
|
|
2020-07-23 11:57:44 +03:00
|
|
|
if (!Validations.password(req.body.data.password)) {
|
|
|
|
return res
|
|
|
|
.status(500)
|
|
|
|
.send({ decorator: "SERVER_INVALID_PASSWORD", error: true });
|
2020-07-17 13:24:20 +03:00
|
|
|
}
|
|
|
|
|
2020-07-17 19:36:59 +03:00
|
|
|
// TODO(jim): Do not expose how many times you are salting
|
|
|
|
// in OSS, add a random value as an environment variable.
|
2020-07-17 13:24:20 +03:00
|
|
|
const salt = await BCrypt.genSalt(13);
|
|
|
|
const hash = await BCrypt.hash(req.body.data.password, salt);
|
|
|
|
const double = await BCrypt.hash(hash, salt);
|
2020-07-21 14:36:50 +03:00
|
|
|
const triple = await BCrypt.hash(double, Environment.LOCAL_PASSWORD_SECRET);
|
2020-07-17 13:24:20 +03:00
|
|
|
|
2020-07-24 02:56:50 +03:00
|
|
|
const pg = await Powergate.createNewToken();
|
2020-07-17 13:24:20 +03:00
|
|
|
|
|
|
|
// API
|
|
|
|
const identity = await Libp2pCryptoIdentity.fromRandom();
|
|
|
|
const api = identity.toString();
|
|
|
|
|
2020-07-21 14:36:50 +03:00
|
|
|
// TODO(jim):
|
|
|
|
// Don't do this once you refactor.
|
|
|
|
const {
|
|
|
|
buckets,
|
|
|
|
bucketKey,
|
|
|
|
bucketName,
|
|
|
|
} = await Utilities.getBucketAPIFromUserToken(api);
|
|
|
|
|
2020-07-17 13:24:20 +03:00
|
|
|
const user = await Data.createUser({
|
|
|
|
password: triple,
|
|
|
|
salt,
|
2020-08-06 23:01:05 +03:00
|
|
|
username: req.body.data.username.toLowerCase(),
|
2020-07-21 14:36:50 +03:00
|
|
|
data: {
|
2020-07-22 14:02:32 +03:00
|
|
|
photo: "https://slate.host/static/a1.jpg",
|
2020-07-22 10:41:29 +03:00
|
|
|
settings_deals_auto_approve: false,
|
2020-07-21 14:36:50 +03:00
|
|
|
tokens: { pg, api },
|
2020-07-24 10:45:21 +03:00
|
|
|
library: LibraryManager.init({ bucketName, readableName: "Data" }),
|
2020-07-21 14:36:50 +03:00
|
|
|
},
|
2020-07-17 13:24:20 +03:00
|
|
|
});
|
|
|
|
|
|
|
|
if (!user) {
|
|
|
|
return res
|
2020-07-27 05:06:45 +03:00
|
|
|
.status(404)
|
|
|
|
.json({ decorator: "SERVER_USER_CREATE_USER_NOT_FOUND", error: true });
|
2020-07-17 13:24:20 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
if (user.error) {
|
|
|
|
return res
|
2020-07-22 08:53:29 +03:00
|
|
|
.status(500)
|
2020-07-27 05:06:45 +03:00
|
|
|
.json({ decorator: "SERVER_USER_CREATE_USER_NOT_FOUND", error: true });
|
2020-07-17 13:24:20 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return res.status(200).json({
|
|
|
|
decorator: "SERVER_USER_CREATE",
|
2020-07-22 13:51:40 +03:00
|
|
|
user: { username: user.username, id: user.id },
|
2020-07-17 13:24:20 +03:00
|
|
|
});
|
|
|
|
};
|