token -> invite renaming
This commit is contained in:
parent
be54e40890
commit
47b07cec49
6 changed files with 124 additions and 141 deletions
|
@ -315,19 +315,19 @@ def run(["invite" | rest]) do
|
|||
end
|
||||
|
||||
options = Keyword.put(options, :expire_at, expire_at)
|
||||
|
||||
options = Enum.into(options, %{})
|
||||
Common.start_pleroma()
|
||||
|
||||
with {:ok, token} <- UserInviteToken.create_token(options) do
|
||||
with {:ok, invite} <- UserInviteToken.create_invite(options) do
|
||||
Mix.shell().info(
|
||||
"Generated user invite token " <> String.replace(token.token_type, "_", " ")
|
||||
"Generated user invite token " <> String.replace(invite.invite_type, "_", " ")
|
||||
)
|
||||
|
||||
url =
|
||||
Pleroma.Web.Router.Helpers.redirect_url(
|
||||
Pleroma.Web.Endpoint,
|
||||
:registration_page,
|
||||
token.token
|
||||
invite.token
|
||||
)
|
||||
|
||||
IO.puts(url)
|
||||
|
@ -367,7 +367,9 @@ def run(["invites_list"]) do
|
|||
def run(["invite_revoke", token]) do
|
||||
Common.start_pleroma()
|
||||
|
||||
with {:ok, _} <- UserInviteToken.mark_as_used(token) do
|
||||
invite = UserInviteToken.find_by_token!(token)
|
||||
|
||||
with {:ok, _} <- UserInviteToken.update_invite(invite, %{used: true}) do
|
||||
Mix.shell().info("Invite for token #{token} was revoked.")
|
||||
else
|
||||
_ -> Mix.shell().error("No invite found with token #{token}")
|
||||
|
|
|
@ -17,106 +17,101 @@ defmodule Pleroma.UserInviteToken do
|
|||
field(:used, :boolean, default: false)
|
||||
field(:max_use, :integer)
|
||||
field(:expire_at, :date)
|
||||
field(:uses, :integer)
|
||||
field(:token_type)
|
||||
field(:uses, :integer, default: 0)
|
||||
field(:invite_type, :string)
|
||||
|
||||
timestamps()
|
||||
end
|
||||
|
||||
def create_token(options \\ []) do
|
||||
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
|
||||
|
||||
max_use = options[:max_use]
|
||||
expire_at = options[:expire_at]
|
||||
|
||||
token =
|
||||
%UserInviteToken{
|
||||
used: false,
|
||||
token: token,
|
||||
max_use: max_use,
|
||||
expire_at: expire_at,
|
||||
uses: 0
|
||||
}
|
||||
|> token_type()
|
||||
|
||||
Repo.insert(token)
|
||||
@spec create_invite(map()) :: UserInviteToken.t()
|
||||
def create_invite(params \\ %{}) do
|
||||
%UserInviteToken{}
|
||||
|> cast(params, ~w(max_use expire_at)a)
|
||||
|> add_token()
|
||||
|> assign_type()
|
||||
|> Repo.insert()
|
||||
end
|
||||
|
||||
defp add_token(changeset) do
|
||||
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
|
||||
put_change(changeset, :token, token)
|
||||
end
|
||||
|
||||
defp assign_type(%{changes: %{max_use: _max_use, expire_at: _expire_at}} = changeset) do
|
||||
put_change(changeset, :invite_type, "reusable_date_limited")
|
||||
end
|
||||
|
||||
defp assign_type(%{changes: %{expire_at: _expire_at}} = changeset) do
|
||||
put_change(changeset, :invite_type, "date_limited")
|
||||
end
|
||||
|
||||
defp assign_type(%{changes: %{max_use: _max_use}} = changeset) do
|
||||
put_change(changeset, :invite_type, "reusable")
|
||||
end
|
||||
|
||||
defp assign_type(changeset), do: put_change(changeset, :invite_type, "one_time")
|
||||
|
||||
@spec list_invites() :: [UserInviteToken.t()]
|
||||
def list_invites do
|
||||
query = from(u in UserInviteToken, order_by: u.id)
|
||||
Repo.all(query)
|
||||
end
|
||||
|
||||
def used_changeset(struct) do
|
||||
struct
|
||||
|> cast(%{}, [])
|
||||
|> put_change(:used, true)
|
||||
@spec update_invite!(UserInviteToken.t(), map()) :: UserInviteToken.t() | no_return()
|
||||
def update_invite!(invite, changes) do
|
||||
change(invite, changes) |> Repo.update!()
|
||||
end
|
||||
|
||||
@spec mark_as_used(token()) :: {:ok, UserInviteToken.t()} | {:error, token()}
|
||||
def mark_as_used(token) do
|
||||
with %{used: false} = token <- Repo.get_by(UserInviteToken, %{token: token}),
|
||||
{:ok, token} <- Repo.update(used_changeset(token)) do
|
||||
{:ok, token}
|
||||
else
|
||||
_e -> {:error, token}
|
||||
end
|
||||
@spec update_invite(UserInviteToken.t(), map()) ::
|
||||
{:ok, UserInviteToken.t()} | {:error, Changeset.t()}
|
||||
def update_invite(invite, changes) do
|
||||
change(invite, changes) |> Repo.update()
|
||||
end
|
||||
|
||||
defp token_type(%{expire_at: nil, max_use: nil} = token), do: %{token | token_type: "one_time"}
|
||||
@spec find_by_token!(token()) :: UserInviteToken.t() | no_return()
|
||||
def find_by_token!(token), do: Repo.get_by!(UserInviteToken, token: token)
|
||||
|
||||
defp token_type(%{expire_at: _expire_at, max_use: nil} = token),
|
||||
do: %{token | token_type: "date_limited"}
|
||||
|
||||
defp token_type(%{expire_at: nil, max_use: _max_use} = token),
|
||||
do: %{token | token_type: "reusable"}
|
||||
|
||||
defp token_type(%{expire_at: _expire_at, max_use: _max_use} = token),
|
||||
do: %{token | token_type: "reusable_date_limited"}
|
||||
|
||||
@spec valid_token?(UserInviteToken.t()) :: boolean()
|
||||
def valid_token?(%{token_type: "one_time"} = token) do
|
||||
not token.used
|
||||
@spec valid_invite?(UserInviteToken.t()) :: boolean()
|
||||
def valid_invite?(%{invite_type: "one_time"} = invite) do
|
||||
not invite.used
|
||||
end
|
||||
|
||||
def valid_token?(%{token_type: "date_limited"} = token) do
|
||||
not_overdue_date?(token) and not token.used
|
||||
def valid_invite?(%{invite_type: "date_limited"} = invite) do
|
||||
not_overdue_date?(invite) and not invite.used
|
||||
end
|
||||
|
||||
def valid_token?(%{token_type: "reusable"} = token) do
|
||||
token.uses < token.max_use and not token.used
|
||||
def valid_invite?(%{invite_type: "reusable"} = invite) do
|
||||
invite.uses < invite.max_use and not invite.used
|
||||
end
|
||||
|
||||
def valid_token?(%{token_type: "reusable_date_limited"} = token) do
|
||||
not_overdue_date?(token) and token.uses < token.max_use and not token.used
|
||||
def valid_invite?(%{invite_type: "reusable_date_limited"} = invite) do
|
||||
not_overdue_date?(invite) and invite.uses < invite.max_use and not invite.used
|
||||
end
|
||||
|
||||
defp not_overdue_date?(%{expire_at: expire_at} = token) do
|
||||
defp not_overdue_date?(%{expire_at: expire_at} = invite) do
|
||||
Date.compare(Date.utc_today(), expire_at) in [:lt, :eq] ||
|
||||
(Repo.update!(change(token, used: true)) && false)
|
||||
(update_invite!(invite, %{used: true}) && false)
|
||||
end
|
||||
|
||||
def update_usage(%{token_type: "date_limited"}), do: nil
|
||||
@spec update_usage!(UserInviteToken.t()) :: nil | UserInviteToken.t() | no_return()
|
||||
def update_usage!(%{invite_type: "date_limited"}), do: nil
|
||||
|
||||
def update_usage(%{token_type: "one_time"} = token) do
|
||||
UserInviteToken.mark_as_used(token.token)
|
||||
end
|
||||
|
||||
def update_usage(%{token_type: token_type} = token)
|
||||
when token_type == "reusable" or token_type == "reusable_date_limited" do
|
||||
new_uses = token.uses + 1
|
||||
def update_usage!(%{invite_type: "one_time"} = invite),
|
||||
do: update_invite!(invite, %{used: true})
|
||||
|
||||
def update_usage!(%{invite_type: invite_type} = invite)
|
||||
when invite_type == "reusable" or invite_type == "reusable_date_limited" do
|
||||
changes = %{
|
||||
uses: new_uses
|
||||
uses: invite.uses + 1
|
||||
}
|
||||
|
||||
changes =
|
||||
if new_uses >= token.max_use do
|
||||
if changes.uses >= invite.max_use do
|
||||
Map.put(changes, :used, true)
|
||||
else
|
||||
changes
|
||||
end
|
||||
|
||||
change(token, changes) |> Repo.update!()
|
||||
update_invite!(invite, changes)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -129,7 +129,7 @@ def upload(%Plug.Upload{} = file, %User{} = user, format \\ "xml") do
|
|||
end
|
||||
|
||||
def register_user(params) do
|
||||
token_string = params["token"]
|
||||
token = params["token"]
|
||||
|
||||
params = %{
|
||||
nickname: params["nickname"],
|
||||
|
@ -163,29 +163,29 @@ def register_user(params) do
|
|||
{:error, %{error: Jason.encode!(%{captcha: [error]})}}
|
||||
else
|
||||
registrations_open = Pleroma.Config.get([:instance, :registrations_open])
|
||||
registration_process(registrations_open, params, token_string)
|
||||
registration_process(registrations_open, params, token)
|
||||
end
|
||||
end
|
||||
|
||||
defp registration_process(_registration_open = true, params, _token_string) do
|
||||
defp registration_process(_registration_open = true, params, _token) do
|
||||
create_user(params)
|
||||
end
|
||||
|
||||
defp registration_process(registration_open, params, token_string)
|
||||
defp registration_process(registration_open, params, token)
|
||||
when registration_open == false or is_nil(registration_open) do
|
||||
token =
|
||||
unless is_nil(token_string) do
|
||||
Repo.get_by(UserInviteToken, %{token: token_string})
|
||||
invite =
|
||||
unless is_nil(token) do
|
||||
Repo.get_by(UserInviteToken, %{token: token})
|
||||
end
|
||||
|
||||
valid_token? = token && UserInviteToken.valid_token?(token)
|
||||
valid_invite? = invite && UserInviteToken.valid_invite?(invite)
|
||||
|
||||
case token do
|
||||
case invite do
|
||||
nil ->
|
||||
{:error, "Invalid token"}
|
||||
|
||||
token when valid_token? ->
|
||||
UserInviteToken.update_usage(token)
|
||||
invite when valid_invite? ->
|
||||
UserInviteToken.update_usage!(invite)
|
||||
create_user(params)
|
||||
|
||||
_ ->
|
||||
|
|
|
@ -6,7 +6,7 @@ def change do
|
|||
add(:expire_at, :date)
|
||||
add(:uses, :integer, default: 0)
|
||||
add(:max_use, :integer)
|
||||
add(:token_type, :string, default: "one_time")
|
||||
add(:invite_type, :string, default: "one_time")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -292,10 +292,10 @@ test "token is generated with max use and expire date" do
|
|||
|
||||
describe "running invites_list" do
|
||||
test "invites are listed" do
|
||||
{:ok, invite} = Pleroma.UserInviteToken.create_token()
|
||||
{:ok, invite} = Pleroma.UserInviteToken.create_invite()
|
||||
|
||||
{:ok, invite2} =
|
||||
Pleroma.UserInviteToken.create_token(expire_at: Date.utc_today(), max_use: 15)
|
||||
Pleroma.UserInviteToken.create_invite(%{expire_at: Date.utc_today(), max_use: 15})
|
||||
|
||||
assert capture_io(fn ->
|
||||
Mix.Tasks.Pleroma.User.run([
|
||||
|
@ -314,7 +314,7 @@ test "invites are listed" do
|
|||
|
||||
describe "running invite revoke" do
|
||||
test "invite is revoked" do
|
||||
{:ok, invite} = Pleroma.UserInviteToken.create_token(expire_at: Date.utc_today())
|
||||
{:ok, invite} = Pleroma.UserInviteToken.create_invite(%{expire_at: Date.utc_today()})
|
||||
|
||||
assert capture_io(fn ->
|
||||
Mix.Tasks.Pleroma.User.run([
|
||||
|
|
|
@ -370,7 +370,7 @@ test "it registers a new user and parses mentions in the bio" do
|
|||
end
|
||||
|
||||
test "returns user on success" do
|
||||
{:ok, token} = UserInviteToken.create_token()
|
||||
{:ok, invite} = UserInviteToken.create_invite()
|
||||
|
||||
data = %{
|
||||
"nickname" => "vinny",
|
||||
|
@ -379,15 +379,15 @@ test "returns user on success" do
|
|||
"bio" => "streamer",
|
||||
"password" => "hiptofbees",
|
||||
"confirm" => "hiptofbees",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:ok, user} = TwitterAPI.register_user(data)
|
||||
|
||||
fetched_user = User.get_by_nickname("vinny")
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
|
||||
assert token.used == true
|
||||
assert invite.used == true
|
||||
|
||||
assert UserView.render("show.json", %{user: user}) ==
|
||||
UserView.render("show.json", %{user: fetched_user})
|
||||
|
@ -411,8 +411,8 @@ test "returns error on invalid token" do
|
|||
end
|
||||
|
||||
test "returns error on expired token" do
|
||||
{:ok, token} = UserInviteToken.create_token()
|
||||
UserInviteToken.mark_as_used(token.token)
|
||||
{:ok, invite} = UserInviteToken.create_invite()
|
||||
UserInviteToken.update_invite!(invite, used: true)
|
||||
|
||||
data = %{
|
||||
"nickname" => "GrimReaper",
|
||||
|
@ -421,7 +421,7 @@ test "returns error on expired token" do
|
|||
"bio" => "Your time has come",
|
||||
"password" => "scythe",
|
||||
"confirm" => "scythe",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:error, msg} = TwitterAPI.register_user(data)
|
||||
|
@ -449,8 +449,8 @@ test "returns error on expired token" do
|
|||
"confirm" => "hiptofbees"
|
||||
}
|
||||
|
||||
check_fn = fn token ->
|
||||
data = Map.put(data, "token", token.token)
|
||||
check_fn = fn invite ->
|
||||
data = Map.put(data, "token", invite.token)
|
||||
{:ok, user} = TwitterAPI.register_user(data)
|
||||
fetched_user = User.get_by_nickname("vinny")
|
||||
|
||||
|
@ -462,37 +462,37 @@ test "returns error on expired token" do
|
|||
end
|
||||
|
||||
test "returns user on success", %{check_fn: check_fn} do
|
||||
{:ok, token} = UserInviteToken.create_token(expire_at: Date.utc_today())
|
||||
{:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.utc_today()})
|
||||
|
||||
check_fn.(token)
|
||||
check_fn.(invite)
|
||||
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
|
||||
refute token.used
|
||||
refute invite.used
|
||||
end
|
||||
|
||||
test "returns user on token which expired tomorrow", %{check_fn: check_fn} do
|
||||
{:ok, token} = UserInviteToken.create_token(expire_at: Date.add(Date.utc_today(), 1))
|
||||
{:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), 1)})
|
||||
|
||||
check_fn.(token)
|
||||
check_fn.(invite)
|
||||
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
|
||||
refute token.used
|
||||
refute invite.used
|
||||
end
|
||||
|
||||
test "returns an error on overdue date", %{data: data} do
|
||||
{:ok, token} = UserInviteToken.create_token(expire_at: Date.add(Date.utc_today(), -1))
|
||||
{:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), -1)})
|
||||
|
||||
data = Map.put(data, "token", token.token)
|
||||
data = Map.put(data, "token", invite.token)
|
||||
|
||||
{:error, msg} = TwitterAPI.register_user(data)
|
||||
|
||||
assert msg == "Expired token"
|
||||
refute User.get_by_nickname("vinny")
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
|
||||
assert token.used == true
|
||||
assert invite.used == true
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -509,9 +509,9 @@ test "returns an error on overdue date", %{data: data} do
|
|||
end
|
||||
|
||||
test "returns user on success, after him registration fails" do
|
||||
{:ok, token} = UserInviteToken.create_token(max_use: 100)
|
||||
{:ok, invite} = UserInviteToken.create_invite(%{max_use: 100})
|
||||
|
||||
Ecto.Changeset.change(token, uses: 99) |> Repo.update!()
|
||||
UserInviteToken.update_invite!(invite, uses: 99)
|
||||
|
||||
data = %{
|
||||
"nickname" => "vinny",
|
||||
|
@ -520,14 +520,14 @@ test "returns user on success, after him registration fails" do
|
|||
"bio" => "streamer",
|
||||
"password" => "hiptofbees",
|
||||
"confirm" => "hiptofbees",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:ok, user} = TwitterAPI.register_user(data)
|
||||
fetched_user = User.get_by_nickname("vinny")
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
|
||||
assert token.used == true
|
||||
assert invite.used == true
|
||||
|
||||
assert UserView.render("show.json", %{user: user}) ==
|
||||
UserView.render("show.json", %{user: fetched_user})
|
||||
|
@ -539,7 +539,7 @@ test "returns user on success, after him registration fails" do
|
|||
"bio" => "Your time has come",
|
||||
"password" => "scythe",
|
||||
"confirm" => "scythe",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:error, msg} = TwitterAPI.register_user(data)
|
||||
|
@ -562,11 +562,7 @@ test "returns user on success, after him registration fails" do
|
|||
end
|
||||
|
||||
test "returns user on success" do
|
||||
{:ok, token} =
|
||||
UserInviteToken.create_token(
|
||||
expire_at: Date.utc_today(),
|
||||
max_use: 100
|
||||
)
|
||||
{:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.utc_today(), max_use: 100})
|
||||
|
||||
data = %{
|
||||
"nickname" => "vinny",
|
||||
|
@ -575,27 +571,23 @@ test "returns user on success" do
|
|||
"bio" => "streamer",
|
||||
"password" => "hiptofbees",
|
||||
"confirm" => "hiptofbees",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:ok, user} = TwitterAPI.register_user(data)
|
||||
fetched_user = User.get_by_nickname("vinny")
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
|
||||
refute token.used
|
||||
refute invite.used
|
||||
|
||||
assert UserView.render("show.json", %{user: user}) ==
|
||||
UserView.render("show.json", %{user: fetched_user})
|
||||
end
|
||||
|
||||
test "error after max uses" do
|
||||
{:ok, token} =
|
||||
UserInviteToken.create_token(
|
||||
expire_at: Date.utc_today(),
|
||||
max_use: 100
|
||||
)
|
||||
{:ok, invite} = UserInviteToken.create_invite(%{expire_at: Date.utc_today(), max_use: 100})
|
||||
|
||||
Ecto.Changeset.change(token, uses: 99) |> Repo.update!()
|
||||
UserInviteToken.update_invite!(invite, uses: 99)
|
||||
|
||||
data = %{
|
||||
"nickname" => "vinny",
|
||||
|
@ -604,13 +596,13 @@ test "error after max uses" do
|
|||
"bio" => "streamer",
|
||||
"password" => "hiptofbees",
|
||||
"confirm" => "hiptofbees",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:ok, user} = TwitterAPI.register_user(data)
|
||||
fetched_user = User.get_by_nickname("vinny")
|
||||
token = Repo.get_by(UserInviteToken, token: token.token)
|
||||
assert token.used == true
|
||||
invite = Repo.get_by(UserInviteToken, token: invite.token)
|
||||
assert invite.used == true
|
||||
|
||||
assert UserView.render("show.json", %{user: user}) ==
|
||||
UserView.render("show.json", %{user: fetched_user})
|
||||
|
@ -622,7 +614,7 @@ test "error after max uses" do
|
|||
"bio" => "Your time has come",
|
||||
"password" => "scythe",
|
||||
"confirm" => "scythe",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:error, msg} = TwitterAPI.register_user(data)
|
||||
|
@ -632,11 +624,8 @@ test "error after max uses" do
|
|||
end
|
||||
|
||||
test "returns error on overdue date" do
|
||||
{:ok, token} =
|
||||
UserInviteToken.create_token(
|
||||
expire_at: Date.add(Date.utc_today(), -1),
|
||||
max_use: 100
|
||||
)
|
||||
{:ok, invite} =
|
||||
UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), -1), max_use: 100})
|
||||
|
||||
data = %{
|
||||
"nickname" => "GrimReaper",
|
||||
|
@ -645,7 +634,7 @@ test "returns error on overdue date" do
|
|||
"bio" => "Your time has come",
|
||||
"password" => "scythe",
|
||||
"confirm" => "scythe",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:error, msg} = TwitterAPI.register_user(data)
|
||||
|
@ -655,13 +644,10 @@ test "returns error on overdue date" do
|
|||
end
|
||||
|
||||
test "returns error on with overdue date and after max" do
|
||||
{:ok, token} =
|
||||
UserInviteToken.create_token(
|
||||
expire_at: Date.add(Date.utc_today(), -1),
|
||||
max_use: 100
|
||||
)
|
||||
{:ok, invite} =
|
||||
UserInviteToken.create_invite(%{expire_at: Date.add(Date.utc_today(), -1), max_use: 100})
|
||||
|
||||
Ecto.Changeset.change(token, uses: 100) |> Repo.update!()
|
||||
UserInviteToken.update_invite!(invite, uses: 100)
|
||||
|
||||
data = %{
|
||||
"nickname" => "GrimReaper",
|
||||
|
@ -670,7 +656,7 @@ test "returns error on with overdue date and after max" do
|
|||
"bio" => "Your time has come",
|
||||
"password" => "scythe",
|
||||
"confirm" => "scythe",
|
||||
"token" => token.token
|
||||
"token" => invite.token
|
||||
}
|
||||
|
||||
{:error, msg} = TwitterAPI.register_user(data)
|
||||
|
|
Loading…
Reference in a new issue