use crate::PerformCrud;
+use activitypub_federation::http_signatures::generate_actor_keypair;
use actix_web::web::Data;
-use lemmy_api_common::{blocking, password_length_check, person::*};
-use lemmy_apub::{
- generate_apub_endpoint,
- generate_followers_url,
- generate_inbox_url,
- generate_shared_inbox_url,
- EndpointType,
-};
-use lemmy_db_queries::{
- source::{local_user::LocalUser_, site::Site_},
- Crud,
- Followable,
- Joinable,
- ListingType,
- SortType,
+use chrono::NaiveDateTime;
+use lemmy_api_common::{
+ context::LemmyContext,
+ person::{LoginResponse, Register},
+ utils::{
+ generate_inbox_url,
+ generate_local_apub_endpoint,
+ generate_shared_inbox_url,
+ honeypot_check,
+ local_site_to_slur_regex,
+ password_length_check,
+ send_new_applicant_email_to_admins,
+ send_verification_email,
+ EndpointType,
+ },
};
use lemmy_db_schema::{
+ aggregates::structs::PersonAggregates,
source::{
- community::*,
- local_user::{LocalUser, LocalUserForm},
- person::*,
- site::*,
+ captcha_answer::CaptchaAnswer,
+ local_user::{LocalUser, LocalUserInsertForm},
+ person::{Person, PersonInsertForm},
+ registration_application::{RegistrationApplication, RegistrationApplicationInsertForm},
},
- CommunityId,
+ traits::Crud,
+ RegistrationMode,
};
-use lemmy_db_views_actor::person_view::PersonViewSafe;
+use lemmy_db_views::structs::{LocalUserView, SiteView};
use lemmy_utils::{
- apub::generate_actor_keypair,
claims::Claims,
- settings::structs::Settings,
- utils::{check_slurs, is_valid_username},
- ApiError,
- ConnectionId,
- LemmyError,
+ error::LemmyError,
+ utils::{
+ slurs::{check_slurs, check_slurs_opt},
+ validation::is_valid_actor_name,
+ },
};
-use lemmy_websocket::{messages::CheckCaptcha, LemmyContext};
#[async_trait::async_trait(?Send)]
impl PerformCrud for Register {
type Response = LoginResponse;
- async fn perform(
- &self,
- context: &Data<LemmyContext>,
- _websocket_id: Option<ConnectionId>,
- ) -> Result<LoginResponse, LemmyError> {
- let data: &Register = &self;
-
- // Make sure site has open registration
- if let Ok(site) = blocking(context.pool(), move |conn| Site::read_simple(conn)).await? {
- if !site.open_registration {
- return Err(ApiError::err("registration_closed").into());
- }
+ #[tracing::instrument(skip(self, context))]
+ async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
+ let data: &Register = self;
+
+ let site_view = SiteView::read_local(context.pool()).await?;
+ let local_site = site_view.local_site;
+ let require_registration_application =
+ local_site.registration_mode == RegistrationMode::RequireApplication;
+
+ if local_site.registration_mode == RegistrationMode::Closed {
+ return Err(LemmyError::from_message("registration_closed"));
}
password_length_check(&data.password)?;
+ honeypot_check(&data.honeypot)?;
+
+ if local_site.require_email_verification && data.email.is_none() {
+ return Err(LemmyError::from_message("email_required"));
+ }
+
+ if local_site.site_setup && require_registration_application && data.answer.is_none() {
+ return Err(LemmyError::from_message(
+ "registration_application_answer_required",
+ ));
+ }
// Make sure passwords match
if data.password != data.password_verify {
- return Err(ApiError::err("passwords_dont_match").into());
+ return Err(LemmyError::from_message("passwords_dont_match"));
}
- // Check if there are admins. False if admins exist
- let no_admins = blocking(context.pool(), move |conn| {
- PersonViewSafe::admins(conn).map(|a| a.is_empty())
- })
- .await??;
-
- // If its not the admin, check the captcha
- if !no_admins && Settings::get().captcha().enabled {
- let check = context
- .chat_server()
- .send(CheckCaptcha {
- uuid: data
- .captcha_uuid
- .to_owned()
- .unwrap_or_else(|| "".to_string()),
- answer: data
- .captcha_answer
- .to_owned()
- .unwrap_or_else(|| "".to_string()),
- })
- .await?;
+ if local_site.site_setup && local_site.captcha_enabled {
+ let check = CaptchaAnswer::check_captcha(
+ context.pool(),
+ CaptchaAnswer {
+ uuid: data.captcha_uuid.clone().unwrap_or_default(),
+ answer: data.captcha_answer.clone().unwrap_or_default(),
+ // not used when checking
+ expires: NaiveDateTime::MIN,
+ },
+ )
+ .await?;
if !check {
- return Err(ApiError::err("captcha_incorrect").into());
+ return Err(LemmyError::from_message("captcha_incorrect"));
}
}
- check_slurs(&data.username)?;
+ let slur_regex = local_site_to_slur_regex(&local_site);
+ check_slurs(&data.username, &slur_regex)?;
+ check_slurs_opt(&data.answer, &slur_regex)?;
let actor_keypair = generate_actor_keypair()?;
- if !is_valid_username(&data.username) {
- return Err(ApiError::err("invalid_username").into());
+ is_valid_actor_name(&data.username, local_site.actor_name_max_length as usize)?;
+ let actor_id = generate_local_apub_endpoint(
+ EndpointType::Person,
+ &data.username,
+ &context.settings().get_protocol_and_hostname(),
+ )?;
+
+ if let Some(email) = &data.email {
+ if LocalUser::is_email_taken(context.pool(), email).await? {
+ return Err(LemmyError::from_message("email_already_exists"));
+ }
}
- let actor_id = generate_apub_endpoint(EndpointType::Person, &data.username)?;
// We have to create both a person, and local_user
// Register the new person
- let person_form = PersonForm {
- name: data.username.to_owned(),
- actor_id: Some(actor_id.clone()),
- private_key: Some(Some(actor_keypair.private_key)),
- public_key: Some(Some(actor_keypair.public_key)),
- inbox_url: Some(generate_inbox_url(&actor_id)?),
- shared_inbox_url: Some(Some(generate_shared_inbox_url(&actor_id)?)),
- admin: Some(no_admins),
- ..PersonForm::default()
- };
+ let person_form = PersonInsertForm::builder()
+ .name(data.username.clone())
+ .actor_id(Some(actor_id.clone()))
+ .private_key(Some(actor_keypair.private_key))
+ .public_key(actor_keypair.public_key)
+ .inbox_url(Some(generate_inbox_url(&actor_id)?))
+ .shared_inbox_url(Some(generate_shared_inbox_url(&actor_id)?))
+ // If its the initial site setup, they are an admin
+ .admin(Some(!local_site.site_setup))
+ .instance_id(site_view.site.instance_id)
+ .build();
// insert the person
- let inserted_person = match blocking(context.pool(), move |conn| {
- Person::create(conn, &person_form)
- })
- .await?
- {
- Ok(u) => u,
- Err(_) => {
- return Err(ApiError::err("user_already_exists").into());
- }
- };
+ let inserted_person = Person::create(context.pool(), &person_form)
+ .await
+ .map_err(|e| LemmyError::from_error_message(e, "user_already_exists"))?;
+
+ // Automatically set their application as accepted, if they created this with open registration.
+ // Also fixes a bug which allows users to log in when registrations are changed to closed.
+ let accepted_application = Some(!require_registration_application);
// Create the local user
- let local_user_form = LocalUserForm {
- person_id: inserted_person.id,
- email: Some(data.email.to_owned()),
- password_encrypted: data.password.to_owned(),
- show_nsfw: Some(data.show_nsfw),
- theme: Some("browser".into()),
- default_sort_type: Some(SortType::Active as i16),
- default_listing_type: Some(ListingType::Subscribed as i16),
- lang: Some("browser".into()),
- show_avatars: Some(true),
- show_scores: Some(true),
- send_notifications_to_email: Some(false),
- };
+ let local_user_form = LocalUserInsertForm::builder()
+ .person_id(inserted_person.id)
+ .email(data.email.as_deref().map(str::to_lowercase))
+ .password_encrypted(data.password.to_string())
+ .show_nsfw(Some(data.show_nsfw))
+ .accepted_application(accepted_application)
+ .build();
+
+ let inserted_local_user = LocalUser::create(context.pool(), &local_user_form).await?;
+
+ if local_site.site_setup && require_registration_application {
+ // Create the registration application
+ let form = RegistrationApplicationInsertForm {
+ local_user_id: inserted_local_user.id,
+ // We already made sure answer was not null above
+ answer: data.answer.clone().expect("must have an answer"),
+ };
- let inserted_local_user = match blocking(context.pool(), move |conn| {
- LocalUser::register(conn, &local_user_form)
- })
- .await?
- {
- Ok(lu) => lu,
- Err(e) => {
- let err_type = if e.to_string()
- == "duplicate key value violates unique constraint \"local_user_email_key\""
- {
- "email_already_exists"
- } else {
- "user_already_exists"
- };
+ RegistrationApplication::create(context.pool(), &form).await?;
+ }
- // If the local user creation errored, then delete that person
- blocking(context.pool(), move |conn| {
- Person::delete(&conn, inserted_person.id)
- })
- .await??;
+ // Email the admins
+ if local_site.application_email_admins {
+ send_new_applicant_email_to_admins(&data.username, context.pool(), context.settings())
+ .await?;
+ }
- return Err(ApiError::err(err_type).into());
- }
+ let mut login_response = LoginResponse {
+ jwt: None,
+ registration_created: false,
+ verify_email_sent: false,
};
- let main_community_keypair = generate_actor_keypair()?;
-
- // Create the main community if it doesn't exist
- let main_community = match blocking(context.pool(), move |conn| {
- Community::read(conn, CommunityId(2))
- })
- .await?
+ // Log the user in directly if the site is not setup, or email verification and application aren't required
+ if !local_site.site_setup
+ || (!require_registration_application && !local_site.require_email_verification)
{
- Ok(c) => c,
- Err(_e) => {
- let default_community_name = "main";
- let actor_id = generate_apub_endpoint(EndpointType::Community, default_community_name)?;
- let community_form = CommunityForm {
- name: default_community_name.to_string(),
- title: "The Default Community".to_string(),
- description: Some("The Default Community".to_string()),
- actor_id: Some(actor_id.to_owned()),
- private_key: Some(main_community_keypair.private_key),
- public_key: Some(main_community_keypair.public_key),
- followers_url: Some(generate_followers_url(&actor_id)?),
- inbox_url: Some(generate_inbox_url(&actor_id)?),
- shared_inbox_url: Some(Some(generate_shared_inbox_url(&actor_id)?)),
- ..CommunityForm::default()
+ login_response.jwt = Some(
+ Claims::jwt(
+ inserted_local_user.id.0,
+ &context.secret().jwt_secret,
+ &context.settings().hostname,
+ )?
+ .into(),
+ );
+ } else {
+ if local_site.require_email_verification {
+ let local_user_view = LocalUserView {
+ local_user: inserted_local_user,
+ person: inserted_person,
+ counts: PersonAggregates::default(),
};
- blocking(context.pool(), move |conn| {
- Community::create(conn, &community_form)
- })
- .await??
+ // we check at the beginning of this method that email is set
+ let email = local_user_view
+ .local_user
+ .email
+ .clone()
+ .expect("email was provided");
+
+ send_verification_email(&local_user_view, &email, context.pool(), context.settings())
+ .await?;
+ login_response.verify_email_sent = true;
}
- };
-
- // Sign them up for main community no matter what
- let community_follower_form = CommunityFollowerForm {
- community_id: main_community.id,
- person_id: inserted_person.id,
- pending: false,
- };
-
- let follow = move |conn: &'_ _| CommunityFollower::follow(conn, &community_follower_form);
- if blocking(context.pool(), follow).await?.is_err() {
- return Err(ApiError::err("community_follower_already_exists").into());
- };
-
- // If its an admin, add them as a mod and follower to main
- if no_admins {
- let community_moderator_form = CommunityModeratorForm {
- community_id: main_community.id,
- person_id: inserted_person.id,
- };
- let join = move |conn: &'_ _| CommunityModerator::join(conn, &community_moderator_form);
- if blocking(context.pool(), join).await?.is_err() {
- return Err(ApiError::err("community_moderator_already_exists").into());
+ if require_registration_application {
+ login_response.registration_created = true;
}
}
- // Return the jwt
- Ok(LoginResponse {
- jwt: Claims::jwt(inserted_local_user.id.0)?,
- })
+ Ok(login_response)
}
}