summaryrefslogtreecommitdiff
path: root/internal/processing/user/create.go
blob: 0d848583e0e60da33a1257bc37e6710bb1a4f824 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package user

import (
	"context"
	"fmt"
	"time"

	"github.com/superseriousbusiness/gotosocial/internal/ap"
	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
	"github.com/superseriousbusiness/gotosocial/internal/config"
	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
	"github.com/superseriousbusiness/gotosocial/internal/messages"
	"github.com/superseriousbusiness/gotosocial/internal/text"
	"github.com/superseriousbusiness/oauth2/v4"
)

// Create processes the given form for creating a new user+account.
//
// App should be the app used to create the user+account.
// If nil, the instance app will be used.
//
// Precondition: the form's fields should have already been
// validated and normalized by the caller.
func (p *Processor) Create(
	ctx context.Context,
	app *gtsmodel.Application,
	form *apimodel.AccountCreateRequest,
) (*gtsmodel.User, gtserror.WithCode) {
	const (
		usersPerDay = 10
		regBacklog  = 20
	)

	// Ensure no more than usersPerDay
	// have registered in the last 24h.
	newUsersCount, err := p.state.DB.CountApprovedSignupsSince(ctx, time.Now().Add(-24*time.Hour))
	if err != nil {
		err := fmt.Errorf("db error counting new users: %w", err)
		return nil, gtserror.NewErrorInternalError(err)
	}

	if newUsersCount >= usersPerDay {
		err := fmt.Errorf("this instance has hit its limit of new sign-ups for today; you can try again tomorrow")
		return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())
	}

	// Ensure the new users backlog isn't full.
	backlogLen, err := p.state.DB.CountUnhandledSignups(ctx)
	if err != nil {
		err := fmt.Errorf("db error counting registration backlog length: %w", err)
		return nil, gtserror.NewErrorInternalError(err)
	}

	if backlogLen >= regBacklog {
		err := fmt.Errorf("this instance's sign-up backlog is currently full; you must wait until pending sign-ups are handled by the admin(s)")
		return nil, gtserror.NewErrorUnprocessableEntity(err, err.Error())
	}

	emailAvailable, err := p.state.DB.IsEmailAvailable(ctx, form.Email)
	if err != nil {
		err := fmt.Errorf("db error checking email availability: %w", err)
		return nil, gtserror.NewErrorInternalError(err)
	}
	if !emailAvailable {
		err := fmt.Errorf("email address %s is not available", form.Email)
		return nil, gtserror.NewErrorConflict(err, err.Error())
	}

	usernameAvailable, err := p.state.DB.IsUsernameAvailable(ctx, form.Username)
	if err != nil {
		err := fmt.Errorf("db error checking username availability: %w", err)
		return nil, gtserror.NewErrorInternalError(err)
	}
	if !usernameAvailable {
		err := fmt.Errorf("username %s is not available", form.Username)
		return nil, gtserror.NewErrorConflict(err, err.Error())
	}

	// Only store reason if one is required.
	var reason string
	if config.GetAccountsReasonRequired() {
		reason = form.Reason
	}

	// Use instance app if no app provided.
	if app == nil {
		app, err = p.state.DB.GetInstanceApplication(ctx)
		if err != nil {
			err := fmt.Errorf("db error getting instance app: %w", err)
			return nil, gtserror.NewErrorInternalError(err)
		}
	}

	user, err := p.state.DB.NewSignup(ctx, gtsmodel.NewSignup{
		Username: form.Username,
		Email:    form.Email,
		Password: form.Password,
		Reason:   text.SanitizeToPlaintext(reason),
		SignUpIP: form.IP,
		Locale:   form.Locale,
		AppID:    app.ID,
	})
	if err != nil {
		err := fmt.Errorf("db error creating new signup: %w", err)
		return nil, gtserror.NewErrorInternalError(err)
	}

	// There are side effects for creating a new user+account
	// (confirmation emails etc), perform these async.
	p.state.Workers.Client.Queue.Push(&messages.FromClientAPI{
		// Use ap.ObjectProfile here to
		// distinguish this message (user model)
		// from ap.ActorPerson (account model).
		APObjectType:   ap.ObjectProfile,
		APActivityType: ap.ActivityCreate,
		GTSModel:       user,
		Origin:         user.Account,
	})

	return user, nil
}

// TokenForNewUser generates an OAuth Bearer token
// for a new user (with account) created by Create().
func (p *Processor) TokenForNewUser(
	ctx context.Context,
	appToken oauth2.TokenInfo,
	app *gtsmodel.Application,
	user *gtsmodel.User,
) (*apimodel.Token, gtserror.WithCode) {
	// Generate access token.
	accessToken, err := p.oauthServer.GenerateUserAccessToken(
		ctx,
		appToken,
		app.ClientSecret,
		user.ID,
	)
	if err != nil {
		err := fmt.Errorf("error creating new access token for user %s: %w", user.ID, err)
		return nil, gtserror.NewErrorInternalError(err)
	}

	return &apimodel.Token{
		AccessToken: accessToken.GetAccess(),
		TokenType:   "Bearer",
		Scope:       accessToken.GetScope(),
		CreatedAt:   accessToken.GetAccessCreateAt().Unix(),
	}, nil
}