fix: Username check for sign-up with invitation in org context (#10375)
parent
5a9ee2047f
commit
6a16366941
|
@ -42,37 +42,6 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
|||
return;
|
||||
}
|
||||
|
||||
// There is an existingUser if the username matches
|
||||
// OR if the email matches AND either the email is verified
|
||||
// or both username and password are set
|
||||
const existingUser = await prisma.user.findFirst({
|
||||
where: {
|
||||
OR: [
|
||||
{ username },
|
||||
{
|
||||
AND: [
|
||||
{ email: userEmail },
|
||||
{
|
||||
OR: [
|
||||
{ emailVerified: { not: null } },
|
||||
{
|
||||
AND: [{ password: { not: null } }, { username: { not: null } }],
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
});
|
||||
|
||||
if (existingUser) {
|
||||
const message: string =
|
||||
existingUser.email !== userEmail ? "Username already taken" : "Email address is already registered";
|
||||
|
||||
return res.status(409).json({ message });
|
||||
}
|
||||
|
||||
let foundToken: { id: number; teamId: number | null; expires: Date } | null = null;
|
||||
if (token) {
|
||||
foundToken = await prisma.verificationToken.findFirst({
|
||||
|
@ -100,6 +69,36 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
|
|||
return res.status(409).json({ message: "Username already taken" });
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// There is an existingUser if the username matches
|
||||
// OR if the email matches AND either the email is verified
|
||||
// or both username and password are set
|
||||
const existingUser = await prisma.user.findFirst({
|
||||
where: {
|
||||
OR: [
|
||||
{ username },
|
||||
{
|
||||
AND: [
|
||||
{ email: userEmail },
|
||||
{
|
||||
OR: [
|
||||
{ emailVerified: { not: null } },
|
||||
{
|
||||
AND: [{ password: { not: null } }, { username: { not: null } }],
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
});
|
||||
if (existingUser) {
|
||||
const message: string =
|
||||
existingUser.email !== userEmail ? "Username already taken" : "Email address is already registered";
|
||||
|
||||
return res.status(409).json({ message });
|
||||
}
|
||||
}
|
||||
|
||||
const hashedPassword = await hashPassword(password);
|
||||
|
|
|
@ -21,6 +21,17 @@ export const validateUsernameInOrg = async (usernameSlug: string, teamId: number
|
|||
},
|
||||
});
|
||||
|
||||
const usersFound = await prisma.user.findMany({
|
||||
where: {
|
||||
organizationId: teamId,
|
||||
},
|
||||
select: {
|
||||
username: true,
|
||||
},
|
||||
});
|
||||
|
||||
takenSlugs = usersFound.map((user) => user.username);
|
||||
|
||||
// If only one team is found and it has a parent, then it's an child team
|
||||
// and we can use the parent id to find all the teams that belong to this org
|
||||
if (teamsFound && teamsFound.length === 1 && teamsFound[0].parentId) {
|
||||
|
@ -34,9 +45,9 @@ export const validateUsernameInOrg = async (usernameSlug: string, teamId: number
|
|||
slug: true,
|
||||
},
|
||||
});
|
||||
takenSlugs = childTeams.map((team) => team.slug);
|
||||
takenSlugs = takenSlugs.concat(childTeams.map((team) => team.slug));
|
||||
} else {
|
||||
takenSlugs = teamsFound.map((team) => team.slug);
|
||||
takenSlugs = takenSlugs.concat(teamsFound.map((team) => team.slug));
|
||||
}
|
||||
|
||||
return !takenSlugs.includes(slugify(usernameSlug));
|
||||
|
|
Loading…
Reference in New Issue