UNPKG

studiocms

Version:

Astro Native CMS for AstroDB. Built from the ground up by the Astro community.

studiocms.dev

withstudiocms/studiocms

158 lines (157 loc) 5.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
import { User } from "studiocms:auth/lib"; import { apiResponseLogger } from "studiocms:logger"; import { Mailer } from "studiocms:mailer"; import getTemplate from "studiocms:mailer/templates"; import { Notifications } from "studiocms:notifier"; import { SDKCore } from "studiocms:sdk"; import { z } from "astro/zod"; import { AllResponse, appendSearchParamsToUrl, createEffectAPIRoutes, createJsonResponse, Effect, genLogger, OptionsResponse, pipe, readAPIContextJson } from "../../../effect.js"; const generateResetUrl = ({ locals: { StudioCMS: { routeMap: { mainLinks: { dashboardIndex } } } } }, baseUrl, { id, userId, token }) => { const resetURL = new URL(`${dashboardIndex}/password-reset`, baseUrl); return pipe( resetURL, appendSearchParamsToUrl("userid", userId), appendSearchParamsToUrl("token", token), appendSearchParamsToUrl("id", id) ); }; const noMailerError = (message, resetLink) => `Failed to send email: ${message}. You can provide the following Reset link to your User: ${resetLink}`; const { POST, OPTIONS, ALL } = createEffectAPIRoutes( { POST: (ctx) => genLogger("studiocms/routes/api/dashboard/create-user-invite.POST")(function* () { const [userHelper, mailer, notify, sdk] = yield* Effect.all([ User, Mailer, Notifications, SDKCore ]); const siteConfig = ctx.locals.StudioCMS.siteConfig.data; if (!siteConfig) { return apiResponseLogger(500, "Failed to get site config"); } const userData = ctx.locals.StudioCMS.security?.userSessionData; if (!userData?.isLoggedIn) { return apiResponseLogger(403, "Unauthorized"); } const isAuthorized = ctx.locals.StudioCMS.security?.userPermissionLevel.isAdmin; if (!isAuthorized) { return apiResponseLogger(403, "Unauthorized"); } const { username, email, displayname, rank, originalUrl } = yield* readAPIContextJson(ctx); if (!username) { return apiResponseLogger(400, "Missing field: Username is required"); } if (!email) { return apiResponseLogger(400, "Missing field: Email is required"); } if (!displayname) { return apiResponseLogger(400, "Missing field: Display name is required"); } if (!rank) { return apiResponseLogger(400, "Missing field: Rank is required"); } const userPerms = ctx.locals.StudioCMS.security?.userPermissionLevel; if (rank === "owner" && !userPerms?.isOwner) { return apiResponseLogger(403, "Unauthorized"); } const checkEmail = z.coerce.string().email({ message: "Email address is invalid" }).safeParse(email); if (!checkEmail.success) { return apiResponseLogger(400, `Invalid email: ${checkEmail.error.message}`); } const [verifyUsernameResponse, { usernameSearch, emailSearch }] = yield* Effect.all([ userHelper.verifyUsernameInput(username), sdk.AUTH.user.searchUsersForUsernameOrEmail(username, checkEmail.data) ]); if (verifyUsernameResponse !== true) { return apiResponseLogger(400, verifyUsernameResponse); } if (usernameSearch.length > 0) { return apiResponseLogger(400, "Invalid username: Username is already in use"); } if (emailSearch.length > 0) { return apiResponseLogger(400, "Invalid email: Email is already in use"); } const token = yield* sdk.AUTH.user.create( { username, email: checkEmail.data, name: displayname, createdAt: /* @__PURE__ */ new Date(), id: crypto.randomUUID() }, rank ).pipe(Effect.flatMap((newUser) => sdk.resetTokenBucket.new(newUser.id))); if (!token) { return apiResponseLogger(500, "Failed to create reset token"); } const resetLink = generateResetUrl(ctx, originalUrl, token); yield* notify.sendAdminNotification("new_user", username); if (siteConfig.enableMailer) { const checkMailConnection = yield* mailer.verifyMailConnection; if (!checkMailConnection) { return apiResponseLogger( 500, noMailerError("Failed to connect to mail server", resetLink) ); } if ("error" in checkMailConnection) { return apiResponseLogger( 500, noMailerError("Failed to connect to mail server", resetLink) ); } const htmlTemplate = getTemplate("userInvite"); const mailResponse = yield* mailer.sendMail({ to: checkEmail.data, subject: `You have been invited to join ${siteConfig.title}!`, html: htmlTemplate({ title: siteConfig.title, link: resetLink }) }); if (!mailResponse) { return apiResponseLogger(500, noMailerError("Failed to send email", resetLink)); } if ("error" in mailResponse) { return apiResponseLogger(500, noMailerError(mailResponse.error, resetLink)); } return apiResponseLogger(200, "User invite created and email sent"); } return apiResponseLogger(200, resetLink.toString()); }).pipe(Mailer.Provide, Notifications.Provide), OPTIONS: () => Effect.try(() => OptionsResponse({ allowedMethods: ["POST"] })), ALL: () => Effect.try(() => AllResponse()) }, { cors: { methods: ["POST", "OPTIONS"] }, onError: (error) => { console.error("API Error:", error); return createJsonResponse( { error: "Internal Server Error" }, { status: 500 } ); } } ); export { ALL, OPTIONS, POST };