adolforeyna/EMI-Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check for invitations which were used already

Browse Source
This commit is contained in:
Adolfo Reyna
2025-02-04 23:21:53 -05:00
parent 62fcf4fe2c
commit 9ad30e102e
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
index.js
View File

@@ -116,6 +116,8 @@ DB.getDB.then((DB) => {
if(!email) return res.json({status: "provide valid email"}); if(!email) return res.json({status: "provide valid email"});
let r = await DB.getInvitation(email); let r = await DB.getInvitation(email);
if(!r) return res.json({status: "no invitation found with that email"}); if(!r) return res.json({status: "no invitation found with that email"});
let isUserAlreadyRegistered = await DB.getUser(email);
if(isUserAlreadyRegistered && isUserAlreadyRegistered._id) return res.json({status: "This user is already registered"});
return res.json({status: "ok", ... r}); return res.json({status: "ok", ... r});
}); });
@@ -131,6 +133,8 @@ DB.getDB.then((DB) => {
// Check if the new user has an invitation. // Check if the new user has an invitation.
// TODO: Alert admin of signup attempts via email. // TODO: Alert admin of signup attempts via email.
if (!await DB.getInvitation(email)) return res.json({ status: "Not invitation found!" }); if (!await DB.getInvitation(email)) return res.json({ status: "Not invitation found!" });
let isUserAlreadyRegistered = await DB.getUser(email);
if(isUserAlreadyRegistered && isUserAlreadyRegistered._id) return res.json({status: "This user is already registered"});
// Hash password to be stored on the DB. // Hash password to be stored on the DB.
// TODO: I think this is missing a Salt factor to improve security // TODO: I think this is missing a Salt factor to improve security
const hashedPassword = await bcrypt.hash(password, 10); const hashedPassword = await bcrypt.hash(password, 10);

2
routes/profile.js
View File

@@ -84,6 +84,8 @@ DB.getDB.then((DB)=>{
if(!email) return res.json({status: "provide valid email"}); if(!email) return res.json({status: "provide valid email"});
let r = await DB.getInvitation(email); let r = await DB.getInvitation(email);
if(!r) return res.json({status: "no invitation found with that email"}); if(!r) return res.json({status: "no invitation found with that email"});
let isUserAlreadyRegistered = await DB.getUser(email);
if(isUserAlreadyRegistered && isUserAlreadyRegistered._id) return res.json({status: "This user is already registered"});
return res.json({status: "ok", ... r}); return res.json({status: "ok", ... r});
}); });