use crate::PerformCrud;
-use activitypub_federation::core::signatures::generate_actor_keypair;
+use activitypub_federation::http_signatures::generate_actor_keypair;
use actix_web::web::Data;
use lemmy_api_common::{
context::LemmyContext,
honeypot_check,
local_site_to_slur_regex,
password_length_check,
+ sanitize_html,
send_new_applicant_email_to_admins,
send_verification_email,
EndpointType,
},
- websocket::messages::CheckCaptcha,
};
use lemmy_db_schema::{
aggregates::structs::PersonAggregates,
source::{
+ captcha_answer::{CaptchaAnswer, CheckCaptchaAnswer},
local_user::{LocalUser, LocalUserInsertForm},
person::{Person, PersonInsertForm},
registration_application::{RegistrationApplication, RegistrationApplicationInsertForm},
},
traits::Crud,
+ RegistrationMode,
};
use lemmy_db_views::structs::{LocalUserView, SiteView};
use lemmy_utils::{
claims::Claims,
- error::LemmyError,
- utils::{check_slurs, check_slurs_opt, is_valid_actor_name},
- ConnectionId,
+ error::{LemmyError, LemmyErrorExt, LemmyErrorType},
+ utils::{
+ slurs::{check_slurs, check_slurs_opt},
+ validation::is_valid_actor_name,
+ },
};
#[async_trait::async_trait(?Send)]
impl PerformCrud for Register {
type Response = LoginResponse;
- #[tracing::instrument(skip(self, context, _websocket_id))]
- async fn perform(
- &self,
- context: &Data<LemmyContext>,
- _websocket_id: Option<ConnectionId>,
- ) -> Result<LoginResponse, LemmyError> {
+ #[tracing::instrument(skip(self, context))]
+ async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
let data: &Register = self;
- let site_view = SiteView::read_local(context.pool()).await?;
+ let site_view = SiteView::read_local(&mut context.pool()).await?;
let local_site = site_view.local_site;
+ let require_registration_application =
+ local_site.registration_mode == RegistrationMode::RequireApplication;
- if !local_site.open_registration {
- return Err(LemmyError::from_message("registration_closed"));
+ if local_site.registration_mode == RegistrationMode::Closed {
+ return Err(LemmyErrorType::RegistrationClosed)?;
}
password_length_check(&data.password)?;
honeypot_check(&data.honeypot)?;
if local_site.require_email_verification && data.email.is_none() {
- return Err(LemmyError::from_message("email_required"));
+ return Err(LemmyErrorType::EmailRequired)?;
}
- if local_site.site_setup && local_site.require_application && data.answer.is_none() {
- return Err(LemmyError::from_message(
- "registration_application_answer_required",
- ));
+ if local_site.site_setup && require_registration_application && data.answer.is_none() {
+ return Err(LemmyErrorType::RegistrationApplicationAnswerRequired)?;
}
// Make sure passwords match
if data.password != data.password_verify {
- return Err(LemmyError::from_message("passwords_dont_match"));
+ return Err(LemmyErrorType::PasswordsDoNotMatch)?;
}
- // If the site is set up, check the captcha
if local_site.site_setup && local_site.captcha_enabled {
- let check = context
- .chat_server()
- .send(CheckCaptcha {
- uuid: data.captcha_uuid.clone().unwrap_or_default(),
- answer: data.captcha_answer.clone().unwrap_or_default(),
- })
+ if let Some(captcha_uuid) = &data.captcha_uuid {
+ let uuid = uuid::Uuid::parse_str(captcha_uuid)?;
+ let check = CaptchaAnswer::check_captcha(
+ &mut context.pool(),
+ CheckCaptchaAnswer {
+ uuid,
+ answer: data.captcha_answer.clone().unwrap_or_default(),
+ },
+ )
.await?;
- if !check {
- return Err(LemmyError::from_message("captcha_incorrect"));
+ if !check {
+ return Err(LemmyErrorType::CaptchaIncorrect)?;
+ }
+ } else {
+ return Err(LemmyErrorType::CaptchaIncorrect)?;
}
}
let slur_regex = local_site_to_slur_regex(&local_site);
check_slurs(&data.username, &slur_regex)?;
check_slurs_opt(&data.answer, &slur_regex)?;
+ let username = sanitize_html(&data.username);
let actor_keypair = generate_actor_keypair()?;
- if !is_valid_actor_name(&data.username, local_site.actor_name_max_length as usize) {
- return Err(LemmyError::from_message("invalid_username"));
- }
+ is_valid_actor_name(&data.username, local_site.actor_name_max_length as usize)?;
let actor_id = generate_local_apub_endpoint(
EndpointType::Person,
&data.username,
&context.settings().get_protocol_and_hostname(),
)?;
+ if let Some(email) = &data.email {
+ if LocalUser::is_email_taken(&mut context.pool(), email).await? {
+ return Err(LemmyErrorType::EmailAlreadyExists)?;
+ }
+ }
+
// We have to create both a person, and local_user
// Register the new person
let person_form = PersonInsertForm::builder()
- .name(data.username.clone())
+ .name(username)
.actor_id(Some(actor_id.clone()))
.private_key(Some(actor_keypair.private_key))
.public_key(actor_keypair.public_key)
.build();
// insert the person
- let inserted_person = Person::create(context.pool(), &person_form)
+ let inserted_person = Person::create(&mut context.pool(), &person_form)
.await
- .map_err(|e| LemmyError::from_error_message(e, "user_already_exists"))?;
+ .with_lemmy_type(LemmyErrorType::UserAlreadyExists)?;
+
+ // Automatically set their application as accepted, if they created this with open registration.
+ // Also fixes a bug which allows users to log in when registrations are changed to closed.
+ let accepted_application = Some(!require_registration_application);
// Create the local user
let local_user_form = LocalUserInsertForm::builder()
.email(data.email.as_deref().map(str::to_lowercase))
.password_encrypted(data.password.to_string())
.show_nsfw(Some(data.show_nsfw))
+ .accepted_application(accepted_application)
+ .default_listing_type(Some(local_site.default_post_listing_type))
.build();
- let inserted_local_user = match LocalUser::create(context.pool(), &local_user_form).await {
- Ok(lu) => lu,
- Err(e) => {
- let err_type = if e.to_string()
- == "duplicate key value violates unique constraint \"local_user_email_key\""
- {
- "email_already_exists"
- } else {
- "user_already_exists"
- };
-
- // If the local user creation errored, then delete that person
- Person::delete(context.pool(), inserted_person.id).await?;
-
- return Err(LemmyError::from_error_message(e, err_type));
- }
- };
+ let inserted_local_user = LocalUser::create(&mut context.pool(), &local_user_form).await?;
- if local_site.site_setup && local_site.require_application {
+ if local_site.site_setup && require_registration_application {
// Create the registration application
let form = RegistrationApplicationInsertForm {
local_user_id: inserted_local_user.id,
answer: data.answer.clone().expect("must have an answer"),
};
- RegistrationApplication::create(context.pool(), &form).await?;
+ RegistrationApplication::create(&mut context.pool(), &form).await?;
}
// Email the admins
if local_site.application_email_admins {
- send_new_applicant_email_to_admins(&data.username, context.pool(), context.settings())
+ send_new_applicant_email_to_admins(&data.username, &mut context.pool(), context.settings())
.await?;
}
// Log the user in directly if the site is not setup, or email verification and application aren't required
if !local_site.site_setup
- || (!local_site.require_application && !local_site.require_email_verification)
+ || (!require_registration_application && !local_site.require_email_verification)
{
login_response.jwt = Some(
Claims::jwt(
.clone()
.expect("email was provided");
- send_verification_email(&local_user_view, &email, context.pool(), context.settings())
- .await?;
+ send_verification_email(
+ &local_user_view,
+ &email,
+ &mut context.pool(),
+ context.settings(),
+ )
+ .await?;
login_response.verify_email_sent = true;
}
- if local_site.require_application {
+ if require_registration_application {
login_response.registration_created = true;
}
}