2022-11-09 18:38:05 -08:00
|
|
|
import config from "@lib/config"
|
|
|
|
import { NextApiRequest, NextApiResponse } from "next"
|
|
|
|
import prisma from "app/prisma"
|
|
|
|
import bcrypt, { genSalt } from "bcrypt"
|
2022-11-09 19:46:12 -08:00
|
|
|
import { generateAndExpireAccessToken } from "@lib/server/generate-access-token"
|
2022-11-09 18:38:05 -08:00
|
|
|
|
|
|
|
export default async function handler(
|
|
|
|
req: NextApiRequest,
|
|
|
|
res: NextApiResponse
|
|
|
|
) {
|
|
|
|
const { username, password, serverPassword } = req.body
|
|
|
|
if (!username || !password) {
|
|
|
|
return res.status(400).json({ error: "Missing param" })
|
|
|
|
}
|
|
|
|
|
|
|
|
if (
|
|
|
|
config.registration_password &&
|
|
|
|
serverPassword !== config.registration_password
|
|
|
|
) {
|
|
|
|
console.log("Registration password mismatch")
|
|
|
|
return res.status(401).json({ error: "Unauthorized" })
|
|
|
|
}
|
|
|
|
|
|
|
|
const salt = await genSalt(10)
|
|
|
|
|
|
|
|
// the first user is the admin
|
|
|
|
const isUserAdminByDefault = config.enable_admin && (await prisma.user.count()) === 0
|
|
|
|
const userRole = isUserAdminByDefault ? "admin" : "user"
|
|
|
|
|
|
|
|
const user = await prisma.user.create({
|
|
|
|
data: {
|
|
|
|
username,
|
|
|
|
password: await bcrypt.hash(password, salt),
|
|
|
|
role: userRole
|
|
|
|
},
|
|
|
|
})
|
|
|
|
|
2022-11-09 19:46:12 -08:00
|
|
|
const token = await generateAndExpireAccessToken(user.id)
|
2022-11-09 18:38:05 -08:00
|
|
|
|
|
|
|
return res.status(201).json({ token: token, userId: user.id })
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|