From e6f9db2f3aa1c780e9ac465fa685d61db4b08ca4 Mon Sep 17 00:00:00 2001 From: les Date: Sat, 15 Feb 2020 15:42:41 +0100 Subject: [PATCH] fix #73 - add migration to docs --- docs/dev/dev.md | 12 ++++++++++-- locales/it.json | 3 ++- pages/Register.vue | 17 ++++++++++------- server/api/controller/user.js | 15 ++++++++++++--- server/api/models/user.js | 1 - server/cli.js | 2 +- server/firstrun.js | 2 +- 7 files changed, 36 insertions(+), 16 deletions(-) diff --git a/docs/dev/dev.md b/docs/dev/dev.md index eb3e32df..0e1f3222 100644 --- a/docs/dev/dev.md +++ b/docs/dev/dev.md @@ -29,9 +29,17 @@ git clone https://framagit.org/les/gancio yarn ``` -4. Hacking +4. Run db migrations +```bash +./node_modules/.bin/sequelize db:migrate +``` + +5. Hacking ```bash yarn dev ``` -Please use the [issue board](https://framagit.org/les/gancio/-/boards) and the [forum](https://framavox.org/g/hMXTDgtJ/gancio) to discuss any modification. \ No newline at end of file +> warning "Warning" +> You need to register a first user, this will be an active administrator! + +Please use the [issue board](https://framagit.org/les/gancio/-/boards) and the [forum](https://framavox.org/g/hMXTDgtJ/gancio) to discuss any modification. diff --git a/locales/it.json b/locales/it.json index df9307b5..6f5c764a 100644 --- a/locales/it.json +++ b/locales/it.json @@ -101,7 +101,8 @@ "register": { "description": "I movimenti hanno bisogno di organizzarsi e autofinanziarsi.
Questo รจ un dono per voi, usatelo solo per eventi non commerciali e ovviamente antifascisti, antisessisti, antirazzisti. \n
Prima di poter pubblicare dobbiamo approvare l'account, considera che dietro questo sito ci sono delle persone di\n carne e sangue, scrivici quindi due righe per farci capire che eventi vorresti pubblicare.", "error": "Errore: ", - "complete": "Confermeremo la registrazione quanto prima." + "complete": "Confermeremo la registrazione quanto prima.", + "first_user": "Amministratore creato e attivo" }, "event": { "anon": "Anonimo", diff --git a/pages/Register.vue b/pages/Register.vue index 6daf0bdb..50a2177d 100644 --- a/pages/Register.vue +++ b/pages/Register.vue @@ -21,6 +21,7 @@ import { mapState } from 'vuex' import { Message } from 'element-ui' import get from 'lodash/get' +import linkify from 'linkifyjs' export default { name: 'Register', @@ -46,19 +47,21 @@ export default { this.$refs.email.focus() }, methods: { - close () { - this.$router.replace('/') - }, async register () { - this.loading = true try { - await this.$axios.$post('/user/register', this.user) + if (!linkify.test(this.user.email, 'email')) { + throw new Error('Invalid email') + } + this.loading = true + const user = await this.$axios.$post('/user/register', this.user) + // this is the first user registered + const first_user = user && user.is_admin && user.is_active Message({ showClose: true, - message: this.$t('register.complete'), + message: first_user ? this.$t('register.first_user') : this.$t('register.complete'), type: 'success' }) - this.close() + this.$router.replace('/') } catch (e) { const error = get(e, 'response.data.errors[0].message', String(e)) Message({ diff --git a/server/api/controller/user.js b/server/api/controller/user.js index 517e14a9..d67dcd66 100644 --- a/server/api/controller/user.js +++ b/server/api/controller/user.js @@ -5,6 +5,7 @@ const mail = require('../mail') const { user: User } = require('../models') const settingsController = require('./settings') const debug = require('debug')('user:controller') +const linkify = require('linkifyjs') const userController = { @@ -79,14 +80,22 @@ const userController = { if (!settingsController.settings.allow_registration) { return res.sendStatus(404) } const n_users = await User.count() try { + req.body.recover_code = crypto.randomBytes(16).toString('hex') + // the first registered user will be an active admin if (n_users === 0) { req.body.is_active = req.body.is_admin = true - } else { - req.body.is_active = false + const user = await User.create(req.body) + return res.json(user) + } + + req.body.is_active = false + + // check email + if (!linkify.test(req.body.email, 'email')) { + return res.status(404).json('Invalid email') } - req.body.recover_code = crypto.randomBytes(16).toString('hex') debug('Register user ', req.body.email) const user = await User.create(req.body) debug(`Sending registration email to ${user.email}`) diff --git a/server/api/models/user.js b/server/api/models/user.js index 3d2fc470..46f125f1 100644 --- a/server/api/models/user.js +++ b/server/api/models/user.js @@ -10,7 +10,6 @@ module.exports = (sequelize, DataTypes) => { type: DataTypes.STRING, unique: { msg: 'error.email_taken' }, validate: { - isEmail: true, notEmpty: true }, index: true, diff --git a/server/cli.js b/server/cli.js index bbc280f1..41005ca2 100755 --- a/server/cli.js +++ b/server/cli.js @@ -145,7 +145,7 @@ async function setupQuestionnaire (is_docker, db) { } questions.push({ name: 'admin.email', - message: 'Admin email (a first user with this username will be created, also used as sender address)', + message: 'Admin email', default: options => { const baseurl = new url.URL(options.baseurl) return ( diff --git a/server/firstrun.js b/server/firstrun.js index 23b00561..31bfa59b 100644 --- a/server/firstrun.js +++ b/server/firstrun.js @@ -43,7 +43,7 @@ module.exports = { } // create admin user - consola.info('Create admin user', admin) + consola.info(`Create admin with email: ${admin.email}`) await db.user.create({ email: admin.email, password: admin.password,