diff --git a/pages/admin/users/auth/simple/index.vue b/pages/admin/users/auth/simple/index.vue index e58189f..841cac9 100644 --- a/pages/admin/users/auth/simple/index.vue +++ b/pages/admin/users/auth/simple/index.vue @@ -360,9 +360,7 @@ :loading="loading" type="submit" class="w-full sm:w-fit" - :disabled=" - !(validUsername && validEmail && username && email) - " + :disabled="!(validUsername && validEmail)" > {{ $t("users.admin.simple.inviteButton") }} diff --git a/server/api/v1/admin/auth/invitation/index.post.ts b/server/api/v1/admin/auth/invitation/index.post.ts index d1e97ff..9c0ea51 100644 --- a/server/api/v1/admin/auth/invitation/index.post.ts +++ b/server/api/v1/admin/auth/invitation/index.post.ts @@ -1,12 +1,14 @@ import { readDropValidatedBody, throwingArktype } from "~/server/arktype"; import aclManager from "~/server/internal/acls"; import prisma from "~/server/internal/db/database"; -import { CreateUserValidator } from "../../../auth/signup/simple.post"; +import { SharedRegisterValidator } from "../../../auth/signup/simple.post"; -const CreateInvite = CreateUserValidator.and({ - expires: "Date", - isAdmin: "boolean = false", -}).configure(throwingArktype); +const CreateInvite = SharedRegisterValidator.partial() + .and({ + expires: "string", + isAdmin: "boolean = false", + }) + .configure(throwingArktype); export default defineEventHandler(async (h3) => { const allowed = await aclManager.allowSystemACL(h3, [ @@ -16,8 +18,6 @@ export default defineEventHandler(async (h3) => { const body = await readDropValidatedBody(h3, CreateInvite); - console.log(body); - const invitation = await prisma.invitation.create({ data: body, }); diff --git a/server/api/v1/auth/signup/simple.post.ts b/server/api/v1/auth/signup/simple.post.ts index fb7f5b8..938e16f 100644 --- a/server/api/v1/auth/signup/simple.post.ts +++ b/server/api/v1/auth/signup/simple.post.ts @@ -7,10 +7,13 @@ import { type } from "arktype"; import { randomUUID } from "node:crypto"; import { throwingArktype } from "~/server/arktype"; -export const CreateUserValidator = type({ - invitation: "string?", // Optional because we re-use this validator +export const SharedRegisterValidator = type({ username: "string >= 5", email: "string.email", +}); + +const CreateUserValidator = SharedRegisterValidator.and({ + invitation: "string", password: "string >= 14", "displayName?": "string | undefined", }).configure(throwingArktype); @@ -28,15 +31,8 @@ export default defineEventHandler<{ const user = await readValidatedBody(h3, CreateUserValidator); - const invitationId = user.invitation; - if (!invitationId) - throw createError({ - statusCode: 401, - statusMessage: t("errors.auth.invalidInvite"), - }); - const invitation = await prisma.invitation.findUnique({ - where: { id: invitationId }, + where: { id: user.invitation }, }); if (!invitation) throw createError({ @@ -87,7 +83,7 @@ export default defineEventHandler<{ user: true, }, }), - prisma.invitation.delete({ where: { id: invitationId } }), + prisma.invitation.delete({ where: { id: user.invitation } }), ]); return linkMec.user;