crates/api_crud/src/user/create.rs

   1 use crate::PerformCrud;
   2 use activitypub_federation::http_signatures::generate_actor_keypair;
   3 use actix_web::web::Data;
   4 use lemmy_api_common::{
   5   context::LemmyContext,
   6   person::{LoginResponse, Register},
   7   utils::{
   8     generate_inbox_url,
   9     generate_local_apub_endpoint,
  10     generate_shared_inbox_url,
  11     honeypot_check,
  12     local_site_to_slur_regex,
  13     password_length_check,
  14     send_new_applicant_email_to_admins,
  15     send_verification_email,
  16     EndpointType,
  17   },
  18 };
  19 use lemmy_db_schema::{
  20   aggregates::structs::PersonAggregates,
  21   source::{
  22     local_user::{LocalUser, LocalUserInsertForm},
  23     person::{Person, PersonInsertForm},
  24     registration_application::{RegistrationApplication, RegistrationApplicationInsertForm},
  25   },
  26   traits::Crud,
  27   RegistrationMode,
  28 };
  29 use lemmy_db_views::structs::{LocalUserView, SiteView};
  30 use lemmy_utils::{
  31   claims::Claims,
  32   error::LemmyError,
  33   utils::{
  34     slurs::{check_slurs, check_slurs_opt},
  35     validation::is_valid_actor_name,
  36   },
  37 };
  38
  39 #[async_trait::async_trait(?Send)]
  40 impl PerformCrud for Register {
  41   type Response = LoginResponse;
  42
  43   #[tracing::instrument(skip(self, context))]
  44   async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
  45     let data: &Register = self;
  46
  47     let site_view = SiteView::read_local(context.pool()).await?;
  48     let local_site = site_view.local_site;
  49     let require_registration_application =
  50       local_site.registration_mode == RegistrationMode::RequireApplication;
  51
  52     if local_site.registration_mode == RegistrationMode::Closed {
  53       return Err(LemmyError::from_message("registration_closed"));
  54     }
  55
  56     password_length_check(&data.password)?;
  57     honeypot_check(&data.honeypot)?;
  58
  59     if local_site.require_email_verification && data.email.is_none() {
  60       return Err(LemmyError::from_message("email_required"));
  61     }
  62
  63     if local_site.site_setup && require_registration_application && data.answer.is_none() {
  64       return Err(LemmyError::from_message(
  65         "registration_application_answer_required",
  66       ));
  67     }
  68
  69     // Make sure passwords match
  70     if data.password != data.password_verify {
  71       return Err(LemmyError::from_message("passwords_dont_match"));
  72     }
  73
  74     let slur_regex = local_site_to_slur_regex(&local_site);
  75     check_slurs(&data.username, &slur_regex)?;
  76     check_slurs_opt(&data.answer, &slur_regex)?;
  77
  78     let actor_keypair = generate_actor_keypair()?;
  79     is_valid_actor_name(&data.username, local_site.actor_name_max_length as usize)?;
  80     let actor_id = generate_local_apub_endpoint(
  81       EndpointType::Person,
  82       &data.username,
  83       &context.settings().get_protocol_and_hostname(),
  84     )?;
  85
  86     if let Some(email) = &data.email {
  87       if LocalUser::is_email_taken(context.pool(), email).await? {
  88         return Err(LemmyError::from_message("email_already_exists"));
  89       }
  90     }
  91
  92     // We have to create both a person, and local_user
  93
  94     // Register the new person
  95     let person_form = PersonInsertForm::builder()
  96       .name(data.username.clone())
  97       .actor_id(Some(actor_id.clone()))
  98       .private_key(Some(actor_keypair.private_key))
  99       .public_key(actor_keypair.public_key)
 100       .inbox_url(Some(generate_inbox_url(&actor_id)?))
 101       .shared_inbox_url(Some(generate_shared_inbox_url(&actor_id)?))
 102       // If its the initial site setup, they are an admin
 103       .admin(Some(!local_site.site_setup))
 104       .instance_id(site_view.site.instance_id)
 105       .build();
 106
 107     // insert the person
 108     let inserted_person = Person::create(context.pool(), &person_form)
 109       .await
 110       .map_err(|e| LemmyError::from_error_message(e, "user_already_exists"))?;
 111
 112     // Automatically set their application as accepted, if they created this with open registration.
 113     // Also fixes a bug which allows users to log in when registrations are changed to closed.
 114     let accepted_application = Some(!require_registration_application);
 115
 116     // Create the local user
 117     let local_user_form = LocalUserInsertForm::builder()
 118       .person_id(inserted_person.id)
 119       .email(data.email.as_deref().map(str::to_lowercase))
 120       .password_encrypted(data.password.to_string())
 121       .show_nsfw(Some(data.show_nsfw))
 122       .accepted_application(accepted_application)
 123       .build();
 124
 125     let inserted_local_user = LocalUser::create(context.pool(), &local_user_form).await?;
 126
 127     if local_site.site_setup && require_registration_application {
 128       // Create the registration application
 129       let form = RegistrationApplicationInsertForm {
 130         local_user_id: inserted_local_user.id,
 131         // We already made sure answer was not null above
 132         answer: data.answer.clone().expect("must have an answer"),
 133       };
 134
 135       RegistrationApplication::create(context.pool(), &form).await?;
 136     }
 137
 138     // Email the admins
 139     if local_site.application_email_admins {
 140       send_new_applicant_email_to_admins(&data.username, context.pool(), context.settings())
 141         .await?;
 142     }
 143
 144     let mut login_response = LoginResponse {
 145       jwt: None,
 146       registration_created: false,
 147       verify_email_sent: false,
 148     };
 149
 150     // Log the user in directly if the site is not setup, or email verification and application aren't required
 151     if !local_site.site_setup
 152       || (!require_registration_application && !local_site.require_email_verification)
 153     {
 154       login_response.jwt = Some(
 155         Claims::jwt(
 156           inserted_local_user.id.0,
 157           &context.secret().jwt_secret,
 158           &context.settings().hostname,
 159         )?
 160         .into(),
 161       );
 162     } else {
 163       if local_site.require_email_verification {
 164         let local_user_view = LocalUserView {
 165           local_user: inserted_local_user,
 166           person: inserted_person,
 167           counts: PersonAggregates::default(),
 168         };
 169         // we check at the beginning of this method that email is set
 170         let email = local_user_view
 171           .local_user
 172           .email
 173           .clone()
 174           .expect("email was provided");
 175
 176         send_verification_email(&local_user_view, &email, context.pool(), context.settings())
 177           .await?;
 178         login_response.verify_email_sent = true;
 179       }
 180
 181       if require_registration_application {
 182         login_response.registration_created = true;
 183       }
 184     }
 185
 186     Ok(login_response)
 187   }
 188 }