github/directus
1
1
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-04-25 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add user accept invite

Browse Source
This commit is contained in:
rijkvanzanten
2020-06-25 15:38:11 -04:00
parent 490b2597fd
commit 9e1a1d532f
2 changed files with 54 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/routes/users.ts
View File

@@ -15,20 +15,6 @@ router.post(
})
);
const inviteSchema = Joi.object({
email: Joi.string().email().required(),
role: Joi.string().uuid({ version: 'uuidv4' }).required(),
});
router.post(
'/invite',
asyncHandler(async (req, res) => {
await inviteSchema.validateAsync(req.body);
await UsersService.inviteUser(req.body.email, req.body.role);
res.end();
})
);
router.get(
'/',
sanitizeQuery,
@@ -65,4 +51,32 @@ router.delete(
})
);
const inviteSchema = Joi.object({
email: Joi.string().email().required(),
role: Joi.string().uuid({ version: 'uuidv4' }).required(),
});
router.post(
'/invite',
asyncHandler(async (req, res) => {
await inviteSchema.validateAsync(req.body);
await UsersService.inviteUser(req.body.email, req.body.role);
res.end();
})
);
const acceptInviteSchema = Joi.object({
token: Joi.string().required(),
password: Joi.string().required(),
});
router.post(
'/invite/accept',
asyncHandler(async (req, res) => {
await acceptInviteSchema.validateAsync(req.body);
await UsersService.acceptInvite(req.body.token, req.body.password);
res.end();
})
);
export default router;

26
src/services/users.ts
View File

@@ -2,6 +2,9 @@ import { Query } from '../types/query';
import * as ItemsService from './items';
import jwt from 'jsonwebtoken';
import { sendInviteMail } from '../mail';
import database from '../database';
import APIError, { ErrorCode } from '../error';
import bcrypt from 'bcrypt';
export const createUser = async (data: Record<string, any>, query?: Query) => {
return await ItemsService.createItem('directus_users', data, query);
@@ -32,3 +35,26 @@ export const inviteUser = async (email: string, role: string) => {
await sendInviteMail(email, acceptURL);
};
export const acceptInvite = async (token: string, password: string) => {
const { email } = jwt.verify(token, process.env.SECRET) as Record<string, any>;
const user = await database
.select('id', 'status')
.from('directus_users')
.where({ email })
.first();
if (!user) {
throw new APIError(ErrorCode.USER_NOT_FOUND, `Email address ${email} hasn't been invited.`);
}
if (user.status !== 'invited') {
throw new APIError(ErrorCode.USER_NOT_FOUND, `Email address ${email} hasn't been invited.`);
}
const passwordHashed = await bcrypt.hash(password, Number(process.env.SALT_ROUNDS));
await database('directus_users')
.update({ password: passwordHashed, status: 'active' })
.where({ id: user.id });
};