diff --git a/src/app/stores/auth.ts b/src/app/stores/auth.ts index c7b09590..403cb542 100644 --- a/src/app/stores/auth.ts +++ b/src/app/stores/auth.ts @@ -5,7 +5,7 @@ export const useAuthStore = defineStore('Auth', () => { * @throws if unsuccessful */ async function signup(username: string, password: string) { - const response = await api.createAccount({ username, password }); + const response = await api.setupAccount({ username, password }); return response.success; } diff --git a/src/app/utils/api.ts b/src/app/utils/api.ts index d29b1096..fcfa99a1 100644 --- a/src/app/utils/api.ts +++ b/src/app/utils/api.ts @@ -128,14 +128,14 @@ class API { }); } - async createAccount({ + async setupAccount({ username, password, }: { username: string; password: string; }) { - return $fetch('/api/account/new', { + return $fetch('/api/account/setup', { method: 'post', body: { username, password }, }); diff --git a/src/server/api/account/create.post.ts b/src/server/api/account/create.post.ts new file mode 100644 index 00000000..4d58e470 --- /dev/null +++ b/src/server/api/account/create.post.ts @@ -0,0 +1,8 @@ +export default defineEventHandler(async (event) => { + const { username, password } = await readValidatedBody( + event, + validateZod(passwordType) + ); + await Database.createUser(username, password); + return { success: true }; +}); diff --git a/src/server/api/account/new.post.ts b/src/server/api/account/new.post.ts deleted file mode 100644 index 7a2cc58c..00000000 --- a/src/server/api/account/new.post.ts +++ /dev/null @@ -1,24 +0,0 @@ -import { DatabaseError } from '~~/services/database/repositories/database'; - -export default defineEventHandler(async (event) => { - setHeader(event, 'Content-Type', 'application/json'); - try { - const { username, password } = await readValidatedBody( - event, - validateZod(passwordType) - ); - await Database.newUserWithPassword(username, password); - return { success: true }; - } catch (error) { - if (error instanceof DatabaseError) { - const t = await useTranslation(event); - throw createError({ - statusCode: 400, - statusMessage: t(error.message), - message: error.message, - }); - } else { - throw createError('Something happened !'); - } - } -}); diff --git a/src/server/api/account/setup.post.ts b/src/server/api/account/setup.post.ts new file mode 100644 index 00000000..ca89a753 --- /dev/null +++ b/src/server/api/account/setup.post.ts @@ -0,0 +1,15 @@ +export default defineEventHandler(async (event) => { + const { username, password } = await readValidatedBody( + event, + validateZod(passwordType) + ); + const users = await Database.getUsers(); + if (users.length !== 0) { + throw createError({ + statusCode: 400, + statusMessage: 'Invalid state', + }); + } + await Database.createUser(username, password); + return { success: true }; +}); diff --git a/src/server/middleware/session.ts b/src/server/middleware/session.ts index 356862ba..8aa90cd9 100644 --- a/src/server/middleware/session.ts +++ b/src/server/middleware/session.ts @@ -2,8 +2,7 @@ export default defineEventHandler(async (event) => { const url = getRequestURL(event); if ( !url.pathname.startsWith('/api/') || - // TODO: only allowed on onboarding! - url.pathname === '/api/account/new' || + url.pathname === '/api/account/setup' || url.pathname === '/api/session' || url.pathname === '/api/lang' || url.pathname === '/api/release' || diff --git a/src/server/middleware/setup.ts b/src/server/middleware/setup.ts index ede7f88e..a4fce170 100644 --- a/src/server/middleware/setup.ts +++ b/src/server/middleware/setup.ts @@ -3,16 +3,21 @@ export default defineEventHandler(async (event) => { const url = getRequestURL(event); if ( - url.pathname.startsWith('/setup') || - url.pathname === '/api/account/new' || + url.pathname === '/setup' || + url.pathname === '/api/account/setup' || url.pathname === '/api/features' ) { return; } const users = await Database.getUsers(); - // TODO: better error messages for api requests if (users.length === 0) { + if (url.pathname.startsWith('/api/')) { + throw createError({ + statusCode: 400, + statusMessage: 'Invalid State', + }); + } return sendRedirect(event, '/setup', 302); } }); diff --git a/src/services/database/lowdb.ts b/src/services/database/lowdb.ts index 71086c2a..85cffeb8 100644 --- a/src/services/database/lowdb.ts +++ b/src/services/database/lowdb.ts @@ -75,8 +75,8 @@ export default class LowDB extends DatabaseProvider { return this.#db.data.users.find((user) => user.id === id); } - async newUserWithPassword(username: string, password: string) { - DEBUG('New User'); + async createUser(username: string, password: string) { + DEBUG('Create User'); // TODO: should be handled by zod. completely remove database error if (username.length < 8) { diff --git a/src/services/database/repositories/database.ts b/src/services/database/repositories/database.ts index 2f90f15f..22dc6ce2 100644 --- a/src/services/database/repositories/database.ts +++ b/src/services/database/repositories/database.ts @@ -46,10 +46,7 @@ export abstract class DatabaseProvider abstract getUsers(): Promise; abstract getUser(id: string): Promise; - abstract newUserWithPassword( - username: string, - password: string - ): Promise; + abstract createUser(username: string, password: string): Promise; abstract updateUser(user: User): Promise; abstract deleteUser(id: string): Promise; diff --git a/src/services/database/repositories/user.ts b/src/services/database/repositories/user.ts index 6a9c1bb5..f7a04b79 100644 --- a/src/services/database/repositories/user.ts +++ b/src/services/database/repositories/user.ts @@ -39,7 +39,7 @@ export interface UserRepository { */ getUser(id: string): Promise; - newUserWithPassword(username: string, password: string): Promise; + createUser(username: string, password: string): Promise; /** * Updates a user in the database.