el.xwx.moe/lib/api/controllers/users/postUser.ts

import { prisma } from "@/lib/api/db";
import type { NextApiRequest, NextApiResponse } from "next";
import bcrypt from "bcrypt";
import verifyUser from "../../verifyUser";

const emailEnabled =
  process.env.EMAIL_FROM && process.env.EMAIL_SERVER ? true : false;
const stripeEnabled = process.env.STRIPE_SECRET_KEY ? true : false;

interface Data {
  response: string | object;
}

interface User {
  name: string;
  username?: string;
  email?: string;
  password: string;
}

export default async function postUser(
  req: NextApiRequest,
  res: NextApiResponse<Data>
) {
  let isServerAdmin = false;

  const user = await verifyUser({ req, res });
  if (process.env.ADMINISTRATOR === user?.username) isServerAdmin = true;

  if (
    process.env.NEXT_PUBLIC_DISABLE_REGISTRATION === "true" &&
    !isServerAdmin
  ) {
    return res.status(400).json({ response: "Registration is disabled." });
  }

  const body: User = req.body;

  const checkHasEmptyFields = emailEnabled
    ? !body.password || !body.name || !body.email
    : !body.username || !body.password || !body.name;

  if (!body.password || body.password.length < 8)
    return res
      .status(400)
      .json({ response: "Password must be at least 8 characters." });

  if (checkHasEmptyFields)
    return res
      .status(400)
      .json({ response: "Please fill out all the fields." });

  // Check email (if enabled)
  const checkEmail =
    /^(([^<>()[\]\.,;:\s@\"]+(\.[^<>()[\]\.,;:\s@\"]+)*)|(\".+\"))@(([^<>()[\]\.,;:\s@\"]+\.)+[^<>()[\]\.,;:\s@\"]{2,})$/i;
  if (emailEnabled && !checkEmail.test(body.email?.toLowerCase() || ""))
    return res.status(400).json({
      response: "Please enter a valid email.",
    });

  // Check username (if email was disabled)
  const checkUsername = RegExp("^[a-z0-9_-]{3,31}$");
  if (!emailEnabled && !checkUsername.test(body.username?.toLowerCase() || ""))
    return res.status(400).json({
      response:
        "Username has to be between 3-30 characters, no spaces and special characters are allowed.",
    });

  const checkIfUserExists = await prisma.user.findFirst({
    where: {
      OR: [
        {
          email: body.email?.toLowerCase().trim(),
        },
        {
          username: (body.username as string).toLowerCase().trim(),
        },
      ],
    },
  });

  if (!checkIfUserExists) {
    const saltRounds = 10;

    const hashedPassword = bcrypt.hashSync(body.password, saltRounds);

    // Subscription dates
    const currentPeriodStart = new Date();
    const currentPeriodEnd = new Date();
    currentPeriodEnd.setFullYear(currentPeriodEnd.getFullYear() + 1000); // end date is in 1000 years...

    if (isServerAdmin) {
      const user = await prisma.user.create({
        data: {
          name: body.name,
          username: (body.username as string).toLowerCase().trim(),
          email: emailEnabled ? body.email?.toLowerCase().trim() : undefined,
          password: hashedPassword,
          emailVerified: new Date(),
          subscriptions: stripeEnabled
            ? {
                create: {
                  stripeSubscriptionId:
                    "fake_sub_" + Math.round(Math.random() * 10000000000000),
                  active: true,
                  currentPeriodStart,
                  currentPeriodEnd,
                },
              }
            : undefined,
        },
        select: {
          id: true,
          username: true,
          email: true,
          emailVerified: true,
          subscriptions: {
            select: {
              active: true,
            },
          },
          createdAt: true,
        },
      });

      return res.status(201).json({ response: user });
    } else {
      await prisma.user.create({
        data: {
          name: body.name,
          username: emailEnabled
            ? undefined
            : (body.username as string).toLowerCase().trim(),
          email: emailEnabled ? body.email?.toLowerCase().trim() : undefined,
          password: hashedPassword,
        },
      });

      return res.status(201).json({ response: "User successfully created." });
    }
  } else if (checkIfUserExists) {
    return res.status(400).json({
      response: `Email or Username already exists.`,
    });
  }
}
Many changes. 2023-02-18 21:32:02 -06:00			`import { prisma } from "@/lib/api/db";`
Added user authentication. 2023-02-06 11:59:23 -06:00			`import type { NextApiRequest, NextApiResponse } from "next";`
			`import bcrypt from "bcrypt";`
finalized administration panel 2024-05-03 09:22:45 -05:00			`import verifyUser from "../../verifyUser";`
Added user authentication. 2023-02-06 11:59:23 -06:00
implemented stripe for the cloud instance 2023-07-15 21:15:43 -05:00			`const emailEnabled =`
fully implemented email authentication 2023-07-12 13:26:34 -05:00			`process.env.EMAIL_FROM && process.env.EMAIL_SERVER ? true : false;`
finalized administration panel 2024-05-03 09:22:45 -05:00			`const stripeEnabled = process.env.STRIPE_SECRET_KEY ? true : false;`
fully implemented email authentication 2023-07-12 13:26:34 -05:00
Added user authentication. 2023-02-06 11:59:23 -06:00			`interface Data {`
added toasts popups + improved login/signup page + many more changes and improvements 2023-06-26 17:33:40 -05:00			`response: string \| object;`
Added user authentication. 2023-02-06 11:59:23 -06:00			`}`

			`interface User {`
			`name: string;`
many improvements 2023-07-19 15:39:59 -05:00			`username?: string;`
fully implemented email authentication 2023-07-12 13:26:34 -05:00			`email?: string;`
Added user authentication. 2023-02-06 11:59:23 -06:00			`password: string;`
			`}`

refactored/cleaned up API + added support for renaming tags 2023-10-22 23:28:39 -05:00			`export default async function postUser(`
Added user authentication. 2023-02-06 11:59:23 -06:00			`req: NextApiRequest,`
			`res: NextApiResponse<Data>`
			`) {`
finalized administration panel 2024-05-03 09:22:45 -05:00			`let isServerAdmin = false;`

			`const user = await verifyUser({ req, res });`
			`if (process.env.ADMINISTRATOR === user?.username) isServerAdmin = true;`

			`if (`
			`process.env.NEXT_PUBLIC_DISABLE_REGISTRATION === "true" &&`
			`!isServerAdmin`
			`) {`
added the ability to disable registration 2023-09-28 10:37:25 -05:00			`return res.status(400).json({ response: "Registration is disabled." });`
			`}`

Added user authentication. 2023-02-06 11:59:23 -06:00			`const body: User = req.body;`

implemented stripe for the cloud instance 2023-07-15 21:15:43 -05:00			`const checkHasEmptyFields = emailEnabled`
many improvements 2023-07-19 15:39:59 -05:00			`? !body.password \|\| !body.name \|\| !body.email`
fully implemented email authentication 2023-07-12 13:26:34 -05:00			`: !body.username \|\| !body.password \|\| !body.name;`

bug fixed 2023-11-19 21:32:23 -06:00			`if (!body.password \|\| body.password.length < 8)`
bug fixed 2023-11-19 21:28:02 -06:00			`return res`
			`.status(400)`
			`.json({ response: "Password must be at least 8 characters." });`

fully implemented email authentication 2023-07-12 13:26:34 -05:00			`if (checkHasEmptyFields)`
added toasts popups + improved login/signup page + many more changes and improvements 2023-06-26 17:33:40 -05:00			`return res`
			`.status(400)`
			`.json({ response: "Please fill out all the fields." });`
Added clickAwayHandler + POST functionality + Bug fixed. 2023-02-13 15:22:47 -06:00
refactored/cleaned up API + added support for renaming tags 2023-10-22 23:28:39 -05:00			`// Check email (if enabled)`
			`const checkEmail =`
			`/^(([^<>()[\]\.,;:\s@\"]+(\.[^<>()[\]\.,;:\s@\"]+)*)\|(\".+\"))@(([^<>()[\]\.,;:\s@\"]+\.)+[^<>()[\]\.,;:\s@\"]{2,})$/i;`
			`if (emailEnabled && !checkEmail.test(body.email?.toLowerCase() \|\| ""))`
			`return res.status(400).json({`
			`response: "Please enter a valid email.",`
			`});`
added username check 2023-07-19 00:23:53 -05:00
refactored/cleaned up API + added support for renaming tags 2023-10-22 23:28:39 -05:00			`// Check username (if email was disabled)`
			`const checkUsername = RegExp("^[a-z0-9_-]{3,31}$");`
minor fix 2023-07-19 17:38:36 -05:00			`if (!emailEnabled && !checkUsername.test(body.username?.toLowerCase() \|\| ""))`
added username check 2023-07-19 00:23:53 -05:00			`return res.status(400).json({`
			`response:`
			`"Username has to be between 3-30 characters, no spaces and special characters are allowed.",`
			`});`

fully implemented email authentication 2023-07-12 13:26:34 -05:00			`const checkIfUserExists = await prisma.user.findFirst({`
finalized administration panel 2024-05-03 09:22:45 -05:00			`where: {`
			`OR: [`
			`{`
bug fixed 2023-10-23 00:45:31 -05:00			`email: body.email?.toLowerCase().trim(),`
finalized administration panel 2024-05-03 09:22:45 -05:00			`},`
			`{`
bug fixed 2023-10-23 00:45:31 -05:00			`username: (body.username as string).toLowerCase().trim(),`
fully implemented email authentication 2023-07-12 13:26:34 -05:00			`},`
finalized administration panel 2024-05-03 09:22:45 -05:00			`],`
			`},`
fully implemented email authentication 2023-07-12 13:26:34 -05:00			`});`

Added user authentication. 2023-02-06 11:59:23 -06:00			`if (!checkIfUserExists) {`
			`const saltRounds = 10;`

			`const hashedPassword = bcrypt.hashSync(body.password, saltRounds);`

finalized administration panel 2024-05-03 09:22:45 -05:00			`// Subscription dates`
			`const currentPeriodStart = new Date();`
			`const currentPeriodEnd = new Date();`
			`currentPeriodEnd.setFullYear(currentPeriodEnd.getFullYear() + 1000); // end date is in 1000 years...`

			`if (isServerAdmin) {`
			`const user = await prisma.user.create({`
			`data: {`
			`name: body.name,`
			`username: (body.username as string).toLowerCase().trim(),`
			`email: emailEnabled ? body.email?.toLowerCase().trim() : undefined,`
			`password: hashedPassword,`
			`emailVerified: new Date(),`
			`subscriptions: stripeEnabled`
			`? {`
			`create: {`
			`stripeSubscriptionId:`
			`"fake_sub_" + Math.round(Math.random() * 10000000000000),`
			`active: true,`
			`currentPeriodStart,`
			`currentPeriodEnd,`
			`},`
			`}`
			`: undefined,`
			`},`
			`select: {`
			`id: true,`
			`username: true,`
			`email: true,`
			`emailVerified: true,`
			`subscriptions: {`
			`select: {`
			`active: true,`
			`},`
			`},`
			`createdAt: true,`
			`},`
			`});`

			`return res.status(201).json({ response: user });`
			`} else {`
			`await prisma.user.create({`
			`data: {`
			`name: body.name,`
			`username: emailEnabled`
			`? undefined`
			`: (body.username as string).toLowerCase().trim(),`
			`email: emailEnabled ? body.email?.toLowerCase().trim() : undefined,`
			`password: hashedPassword,`
			`},`
			`});`
Added user authentication. 2023-02-06 11:59:23 -06:00
finalized administration panel 2024-05-03 09:22:45 -05:00			`return res.status(201).json({ response: "User successfully created." });`
			`}`
Added clickAwayHandler + POST functionality + Bug fixed. 2023-02-13 15:22:47 -06:00			`} else if (checkIfUserExists) {`
refactored/cleaned up API + added support for renaming tags 2023-10-22 23:28:39 -05:00			`return res.status(400).json({`
finalized administration panel 2024-05-03 09:22:45 -05:00			response: `Email or Username already exists.`,
refactored/cleaned up API + added support for renaming tags 2023-10-22 23:28:39 -05:00			`});`
Added user authentication. 2023-02-06 11:59:23 -06:00			`}`
			`}`