mirror of
https://github.com/fosrl/pangolin.git
synced 2025-08-05 02:24:59 +02:00
basic invite user functional
This commit is contained in:
parent
a6bb8f5bb1
commit
a6baebb216
15 changed files with 684 additions and 137 deletions
|
@ -210,13 +210,13 @@ export const userInvites = sqliteTable("userInvites", {
|
|||
inviteId: text("inviteId").primaryKey(),
|
||||
orgId: text("orgId")
|
||||
.notNull()
|
||||
.references(() => orgs.orgId),
|
||||
.references(() => orgs.orgId, { onDelete: "cascade" }),
|
||||
email: text("email").notNull(),
|
||||
expiresAt: integer("expiresAt").notNull(),
|
||||
tokenHash: text("token").notNull(),
|
||||
roleId: integer("roleId")
|
||||
.notNull()
|
||||
.references(() => roles.roleId),
|
||||
.references(() => roles.roleId, { onDelete: "cascade" }),
|
||||
});
|
||||
|
||||
export type Org = InferSelectModel<typeof orgs>;
|
||||
|
|
|
@ -72,8 +72,8 @@ authenticated.post(
|
|||
"/org/:orgId/create-invite",
|
||||
verifyOrgAccess,
|
||||
user.inviteUser
|
||||
);
|
||||
authenticated.post("/org/:orgId/accept-invite", user.acceptInvite);
|
||||
); // maybe make this /invite/create instead
|
||||
authenticated.post("/invite/accept", user.acceptInvite);
|
||||
|
||||
authenticated.get(
|
||||
"/resource/:resourceId/roles",
|
||||
|
|
|
@ -9,13 +9,17 @@ import HttpCode from "@server/types/HttpCode";
|
|||
import createHttpError from "http-errors";
|
||||
import logger from "@server/logger";
|
||||
import { fromError } from "zod-validation-error";
|
||||
import { isWithinExpirationDate } from "oslo";
|
||||
|
||||
const acceptInviteBodySchema = z.object({
|
||||
token: z.string(),
|
||||
inviteId: z.string(),
|
||||
});
|
||||
|
||||
export type AcceptInviteResponse = {};
|
||||
export type AcceptInviteResponse = {
|
||||
accepted: boolean;
|
||||
orgId: string;
|
||||
};
|
||||
|
||||
export async function acceptInvite(
|
||||
req: Request,
|
||||
|
@ -50,6 +54,12 @@ export async function acceptInvite(
|
|||
);
|
||||
}
|
||||
|
||||
if (!isWithinExpirationDate(new Date(existingInvite[0].expiresAt))) {
|
||||
return next(
|
||||
createHttpError(HttpCode.BAD_REQUEST, "Invite has expired")
|
||||
);
|
||||
}
|
||||
|
||||
const validToken = await verify(existingInvite[0].tokenHash, token, {
|
||||
memoryCost: 19456,
|
||||
timeCost: 2,
|
||||
|
@ -79,6 +89,15 @@ export async function acceptInvite(
|
|||
);
|
||||
}
|
||||
|
||||
if (existingUser[0].email !== existingInvite[0].email) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.BAD_REQUEST,
|
||||
"Invite is not for this user"
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
let roleId: number;
|
||||
// get the role to make sure it exists
|
||||
const existingRole = await db
|
||||
|
@ -109,7 +128,7 @@ export async function acceptInvite(
|
|||
await db.delete(userInvites).where(eq(userInvites.inviteId, inviteId));
|
||||
|
||||
return response<AcceptInviteResponse>(res, {
|
||||
data: {},
|
||||
data: { accepted: true, orgId: existingInvite[0].orgId },
|
||||
success: true,
|
||||
error: false,
|
||||
message: "Invite accepted",
|
||||
|
|
|
@ -24,6 +24,8 @@ const inviteUserBodySchema = z.object({
|
|||
validHours: z.number().gt(0).lte(168),
|
||||
});
|
||||
|
||||
export type InviteUserBody = z.infer<typeof inviteUserBodySchema>;
|
||||
|
||||
export type InviteUserResponse = {
|
||||
inviteLink: string;
|
||||
expiresAt: number;
|
||||
|
@ -112,7 +114,7 @@ export async function inviteUser(
|
|||
roleId,
|
||||
});
|
||||
|
||||
const inviteLink = `${config.app.base_url}/invite/${inviteId}-${token}`;
|
||||
const inviteLink = `${config.app.base_url}/invite?token=${inviteId}-${token}`;
|
||||
|
||||
return response<InviteUserResponse>(res, {
|
||||
data: {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue