From 6fb569e2cde2a41f7c3913d4a712d18e93eb235c Mon Sep 17 00:00:00 2001 From: Milo Schwartz Date: Mon, 7 Oct 2024 23:31:23 -0400 Subject: [PATCH] check for stale users on signup --- package.json | 3 ++- server/auth/index.ts | 5 +++-- server/db/schema.ts | 15 ++++++++++---- server/routers/auth/signup.ts | 39 +++++++++++++++++++++++++++++++++++ 4 files changed, 55 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index a06f640e..c4e8c65c 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "http-errors": "2.0.0", "lucia": "3.2.0", "lucide-react": "0.447.0", + "moment": "2.30.1", "next": "14.2.13", "node-fetch": "3.3.2", "nodemailer": "6.9.15", @@ -76,4 +77,4 @@ "tsx": "4.19.1", "typescript": "^5" } -} \ No newline at end of file +} diff --git a/server/auth/index.ts b/server/auth/index.ts index 244ebeeb..3fa0c7fe 100644 --- a/server/auth/index.ts +++ b/server/auth/index.ts @@ -5,7 +5,6 @@ import { Lucia, TimeSpan } from "lucia"; import { DrizzleSQLiteAdapter } from "@lucia-auth/adapter-drizzle"; import db from "@server/db"; import { sessions, users } from "@server/db/schema"; -import environment from "@server/environment"; const adapter = new DrizzleSQLiteAdapter(db, sessions, users); @@ -16,6 +15,7 @@ export const lucia = new Lucia(adapter, { twoFactorEnabled: attributes.twoFactorEnabled, twoFactorSecret: attributes.twoFactorSecret, emailVerified: attributes.emailVerified, + dateCreated: attributes.dateCreated, }; }, // getSessionAttributes: (attributes) => { @@ -30,7 +30,7 @@ export const lucia = new Lucia(adapter, { // secure: environment.ENVIRONMENT === "prod", // sameSite: "strict", secure: false, - domain: ".testing123.io" + domain: ".testing123.io", }, }, sessionExpiresIn: new TimeSpan(2, "w"), @@ -52,6 +52,7 @@ interface DatabaseUserAttributes { twoFactorEnabled: boolean; twoFactorSecret?: string; emailVerified: boolean; + dateCreated: string; } interface DatabaseSessionAttributes { diff --git a/server/db/schema.ts b/server/db/schema.ts index 440832ff..c2ca3d8f 100644 --- a/server/db/schema.ts +++ b/server/db/schema.ts @@ -81,6 +81,7 @@ export const users = sqliteTable("user", { emailVerified: integer("emailVerified", { mode: "boolean" }) .notNull() .default(false), + dateCreated: text("dateCreated").notNull(), }); export const twoFactorBackupCodes = sqliteTable("twoFactorBackupCodes", { @@ -107,7 +108,9 @@ export const userOrgs = sqliteTable("userOrgs", { orgId: integer("orgId") .notNull() .references(() => orgs.orgId), - roleId: integer("roleId").notNull().references(() => roles.roleId), + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId), }); export const emailVerificationCodes = sqliteTable("emailVerificationCodes", { @@ -137,7 +140,9 @@ export const actions = sqliteTable("actions", { export const roles = sqliteTable("roles", { roleId: integer("roleId").primaryKey({ autoIncrement: true }), - orgId: integer("orgId").references(() => orgs.orgId, { onDelete: "cascade" }), + orgId: integer("orgId").references(() => orgs.orgId, { + onDelete: "cascade", + }), name: text("name").notNull(), description: text("description"), }); @@ -204,7 +209,9 @@ export const userResources = sqliteTable("userResources", { export const limitsTable = sqliteTable("limits", { limitId: integer("limitId").primaryKey({ autoIncrement: true }), - orgId: integer("orgId").references(() => orgs.orgId, { onDelete: "cascade" }), + orgId: integer("orgId").references(() => orgs.orgId, { + onDelete: "cascade", + }), name: text("name").notNull(), value: integer("value").notNull(), description: text("description"), @@ -232,4 +239,4 @@ export type RoleSite = InferSelectModel; export type UserSite = InferSelectModel; export type RoleResource = InferSelectModel; export type UserResource = InferSelectModel; -export type Limit = InferSelectModel; \ No newline at end of file +export type Limit = InferSelectModel; diff --git a/server/routers/auth/signup.ts b/server/routers/auth/signup.ts index dfd5abfa..4344a160 100644 --- a/server/routers/auth/signup.ts +++ b/server/routers/auth/signup.ts @@ -12,6 +12,8 @@ import response from "@server/utils/response"; import { SqliteError } from "better-sqlite3"; import { sendEmailVerificationCode } from "./sendEmailVerificationCode"; import { passwordSchema } from "@server/auth/passwordSchema"; +import { eq } from "drizzle-orm"; +import moment from "moment"; export const signupBodySchema = z.object({ email: z.string().email(), @@ -51,10 +53,47 @@ export async function signup( const userId = generateId(15); try { + const existing = await db + .select() + .from(users) + .where(eq(users.email, email)); + + if (existing && existing.length > 0) { + const user = existing[0]; + + // If the user is already verified, we don't want to create a new user + if (user.emailVerified) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "A user with that email address already exists", + ), + ); + } + + const dateCreated = moment(user.dateCreated); + const now = moment(); + const diff = now.diff(dateCreated, "hours"); + + if (diff < 2) { + // If the user was created less than 2 hours ago, we don't want to create a new user + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "A verification email was already sent to this email address. Please check your email for the verification code.", + ), + ); + } else { + // If the user was created more than 2 hours ago, we want to delete the old user and create a new one + await db.delete(users).where(eq(users.id, user.id)); + } + } + await db.insert(users).values({ id: userId, email: email, passwordHash, + dateCreated: moment().toISOString(), }); const session = await lucia.createSession(userId, {});