mirror of
https://github.com/documenso/documenso.git
synced 2026-06-22 04:12:06 +10:00
Ephraim Duncan
44 lines
1.2 KiB
TypeScript
44 lines
1.2 KiB
TypeScript
import { prisma } from '@documenso/prisma';
|
|
import { AppError, AppErrorCode } from '../../errors/app-error';
|
|
|
|
export interface CreateAdminUserOptions {
|
|
name: string;
|
|
email: string;
|
|
}
|
|
|
|
/**
|
|
* Create a user for admin-initiated flows.
|
|
*
|
|
* Unlike normal signup, this function:
|
|
* - Leaves the password unset (`null`); the user must set it later via a password reset/onboarding link
|
|
* - Marks the email as verified immediately because this route is only called by admins
|
|
* - Does NOT create a personal organisation (user will be added to real org)
|
|
* - Returns the user immediately without side effects
|
|
*/
|
|
export const createAdminUser = async ({ name, email }: CreateAdminUserOptions) => {
|
|
const userExists = await prisma.user.findFirst({
|
|
where: {
|
|
email: email.toLowerCase(),
|
|
},
|
|
});
|
|
|
|
if (userExists) {
|
|
throw new AppError(AppErrorCode.ALREADY_EXISTS, {
|
|
message: 'User with this email already exists',
|
|
});
|
|
}
|
|
|
|
const user = await prisma.user.create({
|
|
data: {
|
|
name,
|
|
email: email.toLowerCase(),
|
|
password: null,
|
|
// Verifying the email here instead of the password reset flow to reduce the
|
|
// attack surface. This route is only called by admins.
|
|
emailVerified: new Date(),
|
|
},
|
|
});
|
|
|
|
return user;
|
|
};
|