add: invite codes
This commit is contained in:
parent
d1a074eaeb
commit
626c6711ef
19 changed files with 410 additions and 10 deletions
|
|
@ -168,10 +168,12 @@ version = "1.0.0"
|
|||
"settings:label.export" = "Export"
|
||||
"settings:label.manage_blocks" = "Manage blocks"
|
||||
"settings:label.users" = "Users"
|
||||
"settings:label.generate_invite" = "Generate invite"
|
||||
"settings:tab.security" = "Security"
|
||||
"settings:tab.blocks" = "Blocks"
|
||||
"settings:tab.billing" = "Billing"
|
||||
"settings:tab.uploads" = "Uploads"
|
||||
"settings:tab.invites" = "Invites"
|
||||
|
||||
"mod_panel:label.open_reported_content" = "Open reported content"
|
||||
"mod_panel:label.manage_profile" = "Manage profile"
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
(div
|
||||
("class" "flex flex-col gap-1")
|
||||
(label
|
||||
("for" "username")
|
||||
("for" "password")
|
||||
(b
|
||||
(text "Password")))
|
||||
(input
|
||||
|
|
@ -34,6 +34,20 @@
|
|||
("required" "")
|
||||
("name" "password")
|
||||
("id" "password")))
|
||||
(text "{% if config.security.enable_invite_codes -%}")
|
||||
(div
|
||||
("class" "flex flex-col gap-1")
|
||||
(label
|
||||
("for" "invite_code")
|
||||
(b
|
||||
(text "Invite code")))
|
||||
(input
|
||||
("type" "text")
|
||||
("placeholder" "invite code")
|
||||
("required" "")
|
||||
("name" "invite_code")
|
||||
("id" "invite_code")))
|
||||
(text "{%- endif %}")
|
||||
(hr)
|
||||
(div
|
||||
("class" "card-nest w-full")
|
||||
|
|
@ -89,6 +103,7 @@
|
|||
captcha_response: e.target.querySelector(
|
||||
\"[name=cf-turnstile-response]\",
|
||||
).value,
|
||||
invite_code: (e.target.invite_code || { value: \"\" }).value,
|
||||
}),
|
||||
})
|
||||
.then((res) => res.json())
|
||||
|
|
|
|||
|
|
@ -61,21 +61,35 @@
|
|||
("href" "#/account/blocks")
|
||||
(text "{{ icon \"shield\" }}")
|
||||
(span
|
||||
(text "{{ text \"settings:tab.blocks\" }}")))
|
||||
(text "{{ text \"settings:tab.blocks\" }}"))))
|
||||
|
||||
(text "{% if config.stripe -%}")
|
||||
; stripe menu
|
||||
(div
|
||||
("class" "pillmenu")
|
||||
("ui_ident" "account_settings_tabs")
|
||||
(a
|
||||
("data-tab-button" "account/uploads")
|
||||
("href" "?page=0#/account/uploads")
|
||||
(text "{{ icon \"image-up\" }}")
|
||||
(span
|
||||
(text "{{ text \"settings:tab.uploads\" }}")))
|
||||
(text "{% if config.stripe -%}")
|
||||
(text "{% if config.security.enable_invite_codes -%}")
|
||||
(a
|
||||
("data-tab-button" "account/invites")
|
||||
("href" "#/account/invites")
|
||||
(text "{{ icon \"ticket\" }}")
|
||||
(span
|
||||
(text "{{ text \"settings:tab.invites\" }}")))
|
||||
(text "{%- endif %}")
|
||||
(a
|
||||
("data-tab-button" "account/billing")
|
||||
("href" "#/account/billing")
|
||||
(text "{{ icon \"credit-card\" }}")
|
||||
(span
|
||||
(text "{{ text \"settings:tab.billing\" }}")))
|
||||
(text "{%- endif %}"))
|
||||
(text "{{ text \"settings:tab.billing\" }}"))))
|
||||
(text "{%- endif %}")
|
||||
|
||||
(div
|
||||
("class" "card-nest")
|
||||
("ui_ident" "home_timeline")
|
||||
|
|
@ -495,6 +509,72 @@
|
|||
]);
|
||||
});
|
||||
};"))))))
|
||||
|
||||
(text "{% if config.security.enable_invite_codes -%}")
|
||||
(div
|
||||
("class" "w-full flex flex-col gap-2 hidden")
|
||||
("data-tab" "account/invites")
|
||||
(div
|
||||
("class" "card lowered flex flex-col gap-2")
|
||||
(a
|
||||
("href" "#/account")
|
||||
("class" "button secondary")
|
||||
(text "{{ icon \"arrow-left\" }}")
|
||||
(span
|
||||
(text "{{ text \"general:action.back\" }}")))
|
||||
(div
|
||||
("class" "card-nest")
|
||||
(div
|
||||
("class" "card flex items-center gap-2 small")
|
||||
(text "{{ icon \"ticket\" }}")
|
||||
(span
|
||||
(text "{{ text \"settings:tab.invites\" }}")))
|
||||
(div
|
||||
("class" "card flex flex-col gap-2 secondary")
|
||||
(button
|
||||
("onclick" "generate_invite_code()")
|
||||
(icon (text "plus"))
|
||||
(str (text "settings:label.generate_invite")))
|
||||
|
||||
(text "{{ components::supporter_ad(body=\"Become a supporter to generate invite codes!\") }} {% for code in invites %}")
|
||||
(div
|
||||
("class" "card flex flex-col gap-2")
|
||||
(text "{% if code[1].is_used -%}")
|
||||
; used
|
||||
(b ("class" "{% if code[1].is_used -%} fade {%- endif %}") (s (text "{{ code[1].code }}")))
|
||||
(text "{{ components::full_username(user=code[0]) }}")
|
||||
(text "{% else %}")
|
||||
; unused
|
||||
(b (text "{{ code[1].code }}"))
|
||||
(text "{%- endif %}"))
|
||||
(text "{% endfor %}")
|
||||
(script
|
||||
(text "globalThis.generate_invite_code = async () => {
|
||||
if (
|
||||
!(await trigger(\"atto::confirm\", [
|
||||
\"Are you sure you would like to do this? This action is permanent.\",
|
||||
]))
|
||||
) {
|
||||
return;
|
||||
}
|
||||
|
||||
fetch(`/api/v1/invite`, {
|
||||
method: \"POST\",
|
||||
})
|
||||
.then((res) => res.json())
|
||||
.then((res) => {
|
||||
trigger(\"atto::toast\", [
|
||||
res.ok ? \"success\" : \"error\",
|
||||
res.message,
|
||||
]);
|
||||
|
||||
if (res.ok) {
|
||||
alert(res.payload);
|
||||
}
|
||||
});
|
||||
};"))))))
|
||||
(text "{%- endif %}")
|
||||
|
||||
(div
|
||||
("class" "w-full flex flex-col gap-2 hidden")
|
||||
("data-tab" "account/billing")
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ use axum::{
|
|||
};
|
||||
use axum_extra::extract::CookieJar;
|
||||
use serde::Deserialize;
|
||||
use tetratto_core::model::addr::RemoteAddr;
|
||||
use tetratto_core::model::{addr::RemoteAddr, permissions::FinePermission};
|
||||
use tetratto_shared::hash::hash;
|
||||
|
||||
use cf_turnstile::{SiteVerifyRequest, TurnstileClient};
|
||||
|
|
@ -86,6 +86,50 @@ pub async fn register_request(
|
|||
let mut user = User::new(props.username.to_lowercase(), props.password);
|
||||
user.settings.policy_consent = true;
|
||||
|
||||
// check invite code
|
||||
if data.0.0.security.enable_invite_codes {
|
||||
if props.invite_code.is_empty() {
|
||||
return (
|
||||
None,
|
||||
Json(Error::MiscError("Missing invite code".to_string()).into()),
|
||||
);
|
||||
}
|
||||
|
||||
let invite_code = match data.get_invite_code_by_code(&props.invite_code).await {
|
||||
Ok(c) => c,
|
||||
Err(e) => return (None, Json(e.into())),
|
||||
};
|
||||
|
||||
if invite_code.is_used {
|
||||
return (
|
||||
None,
|
||||
Json(Error::MiscError("This code has already been used".to_string()).into()),
|
||||
);
|
||||
}
|
||||
|
||||
let owner = match data.get_user_by_id(invite_code.owner).await {
|
||||
Ok(u) => u,
|
||||
Err(e) => return (None, Json(e.into())),
|
||||
};
|
||||
|
||||
if !owner.permissions.check(FinePermission::SUPPORTER) {
|
||||
return (
|
||||
None,
|
||||
Json(
|
||||
Error::MiscError("Invite code owner must be an active supporter".to_string())
|
||||
.into(),
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
user.invite_code = invite_code.id;
|
||||
|
||||
if let Err(e) = data.update_invite_code_is_used(invite_code.id, true).await {
|
||||
return (None, Json(e.into()));
|
||||
}
|
||||
}
|
||||
|
||||
// push initial token
|
||||
let (initial_token, t) = User::create_token(&real_ip);
|
||||
user.tokens.push(t);
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ use futures_util::{sink::SinkExt, stream::StreamExt};
|
|||
use tetratto_core::{
|
||||
cache::Cache,
|
||||
model::{
|
||||
auth::{Token, UserSettings},
|
||||
auth::{InviteCode, Token, UserSettings},
|
||||
oauth,
|
||||
permissions::FinePermission,
|
||||
socket::{PacketType, SocketMessage, SocketMethod},
|
||||
|
|
@ -817,3 +817,33 @@ pub async fn refresh_grant_request(
|
|||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
||||
/// Generate an invite code.
|
||||
///
|
||||
/// Does not support third-party grants.
|
||||
pub async fn generate_invite_code_request(
|
||||
jar: CookieJar,
|
||||
Extension(data): Extension<State>,
|
||||
) -> impl IntoResponse {
|
||||
let data = &(data.read().await).0;
|
||||
let user = match get_user_from_token!(jar, data) {
|
||||
Some(ua) => ua,
|
||||
None => return Json(Error::NotAllowed.into()),
|
||||
};
|
||||
|
||||
if !data.0.0.security.enable_invite_codes {
|
||||
return Json(Error::NotAllowed.into());
|
||||
}
|
||||
|
||||
match data
|
||||
.create_invite_code(InviteCode::new(user.id), &user)
|
||||
.await
|
||||
{
|
||||
Ok(x) => Json(ApiReturn {
|
||||
ok: true,
|
||||
message: "Code generated".to_string(),
|
||||
payload: Some(x.code),
|
||||
}),
|
||||
Err(e) => Json(e.into()),
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ pub fn routes() -> Router {
|
|||
.route("/util/proxy", get(util::proxy_request))
|
||||
.route("/util/lang", get(util::set_langfile_request))
|
||||
.route("/util/ip", get(util::ip_test_request))
|
||||
.route("/invite", post(auth::profile::generate_invite_code_request))
|
||||
// reactions
|
||||
.route("/reactions", post(reactions::create_request))
|
||||
.route("/reactions/{id}", get(reactions::get_request))
|
||||
|
|
@ -605,6 +606,8 @@ pub struct RegisterProps {
|
|||
pub password: String,
|
||||
pub policy_consent: bool,
|
||||
pub captcha_response: String,
|
||||
#[serde(default)]
|
||||
pub invite_code: String,
|
||||
}
|
||||
|
||||
#[derive(Deserialize)]
|
||||
|
|
|
|||
|
|
@ -101,6 +101,18 @@ pub async fn settings_request(
|
|||
}
|
||||
};
|
||||
|
||||
let invites = match data.0.get_invite_codes_by_owner(profile.id).await {
|
||||
Ok(l) => match data.0.fill_invite_codes(l).await {
|
||||
Ok(l) => l,
|
||||
Err(e) => {
|
||||
return Err(Html(render_error(e, &jar, &data, &None).await));
|
||||
}
|
||||
},
|
||||
Err(e) => {
|
||||
return Err(Html(render_error(e, &jar, &data, &None).await));
|
||||
}
|
||||
};
|
||||
|
||||
let tokens = profile.tokens.clone();
|
||||
|
||||
let lang = get_lang!(jar, data.0);
|
||||
|
|
@ -113,6 +125,7 @@ pub async fn settings_request(
|
|||
context.insert("following", &following);
|
||||
context.insert("blocks", &blocks);
|
||||
context.insert("stackblocks", &stackblocks);
|
||||
context.insert("invites", &invites);
|
||||
context.insert(
|
||||
"user_tokens_serde",
|
||||
&serde_json::to_string(&tokens)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue