Initial invites support + tests.

author: Henry Jameson <me@hjkos.com> 2018-06-12 14:52:54 +0300
committer: Henry Jameson <me@hjkos.com> 2018-06-12 14:55:16 +0300
commit: f42ffbe9a855494c182c97f5eb641e800e562aa4 (patch)
tree: 1f0989d15892ac3226ed043592d81954a9e471bd /lib
parent: 3f42806b1b8f0a2c27dda4821ab61c92b9a4652f (diff)
download: pleroma-f42ffbe9a855494c182c97f5eb641e800e562aa4.tar.gz
3 files changed, 67 insertions, 13 deletions
diff --git a/lib/pleroma/UserInviteToken.ex b/lib/pleroma/UserInviteToken.ex
new file mode 100644
index 000000000..48ee1019a
--- /dev/null
+++ b/lib/pleroma/UserInviteToken.ex
@@ -0,0 +1,40 @@
+defmodule Pleroma.UserInviteToken do
+  use Ecto.Schema
+
+  import Ecto.Changeset
+
+  alias Pleroma.{User, UserInviteToken, Repo}
+
+  schema "user_invite_tokens" do
+    field(:token, :string)
+    field(:used, :boolean, default: false)
+
+    timestamps()
+  end
+
+  def create_token do
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
+
+    token = %UserInviteToken{
+      used: false,
+      token: token
+    }
+
+    Repo.insert(token)
+  end
+
+  def used_changeset(struct) do
+    struct
+    |> cast(%{}, [])
+    |> put_change(:used, true)
+  end
+
+  def mark_as_used(token) do
+    with %{used: false} = token <- Repo.get_by(UserInviteToken, %{token: token}),
+         {:ok, token} <- Repo.update(used_changeset(token)) do
+      {:ok, token}
+    else
+      _e -> {:error, token}
+    end
+  end
+end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index ee6a373d3..127bf4d9e 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -194,9 +194,7 @@ defmodule Pleroma.Web.Router do
     get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status)
     get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation)
 
-    if @registrations_open do
-      post("/account/register", TwitterAPI.Controller, :register)
-    end
+    post("/account/register", TwitterAPI.Controller, :register)
 
     get("/search", TwitterAPI.Controller, :search)
     get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline)
diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex
index ccc6fe8e7..8608ee9ac 100644
--- a/lib/pleroma/web/twitter_api/twitter_api.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api.ex
@@ -1,11 +1,13 @@
 defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
-  alias Pleroma.{User, Activity, Repo, Object}
+  alias Pleroma.{UserInviteToken, User, Activity, Repo, Object}
   alias Pleroma.Web.ActivityPub.ActivityPub
   alias Pleroma.Web.TwitterAPI.UserView
   alias Pleroma.Web.{OStatus, CommonAPI}
   import Ecto.Query
 
+  @instance Application.get_env(:pleroma, :instance)
   @httpoison Application.get_env(:pleroma, :httpoison)
+  @registrations_open Keyword.get(@instance, :registrations_open)
 
   def create_status(%User{} = user, %{"status" => _} = data) do
     CommonAPI.post(user, data)
@@ -124,6 +126,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
   end
 
   def register_user(params) do
+    tokenString = params["token"]
+
     params = %{
       nickname: params["nickname"],
       name: params["fullname"],
@@ -133,17 +137,29 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
       password_confirmation: params["confirm"]
     }
 
-    changeset = User.register_changeset(%User{}, params)
+    # no need to query DB if registration is open
+    unless @registrations_open || is_nil(tokenString) do
+      token = Repo.get_by(UserInviteToken, %{token: tokenString})
+    end
+
+    cond do
+      @registrations_open || !is_nil(token) && !token.used ->
+        changeset = User.register_changeset(%User{}, params)
 
-    with {:ok, user} <- Repo.insert(changeset) do
-      {:ok, user}
-    else
-      {:error, changeset} ->
-        errors =
-          Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
-          |> Jason.encode!()
+        with {:ok, user} <- Repo.insert(changeset) do
+          !@registrations_open && UserInviteToken.mark_as_used(token.token)
+          {:ok, user}
+        else
+          {:error, changeset} ->
+            errors =
+              Ecto.Changeset.traverse_errors(changeset, fn {msg, _opts} -> msg end)
+              |> Jason.encode!()
+
+          {:error, %{error: errors}}
+        end
 
-        {:error, %{error: errors}}
+      !@registrations_open && is_nil(token) -> {:error, "Invalid token"}
+      !@registrations_open && token.used -> {:error, "Expired token"}
     end
   end
author	Henry Jameson <me@hjkos.com>	2018-06-12 14:52:54 +0300
committer	Henry Jameson <me@hjkos.com>	2018-06-12 14:55:16 +0300
commit	f42ffbe9a855494c182c97f5eb641e800e562aa4 (patch)
tree	1f0989d15892ac3226ed043592d81954a9e471bd /lib
parent	3f42806b1b8f0a2c27dda4821ab61c92b9a4652f (diff)
download	pleroma-f42ffbe9a855494c182c97f5eb641e800e562aa4.tar.gz