Add ticks, crosses and spinners in sign up form

[ndcode_site.git] / api / sign_up.json.jst

let stream_buffers = require('stream-buffers')
let XDate = require('xdate')

return async env => {
  let session_cookie = await _require('/session_cookie.jst')

  if (env.request.method !== 'POST') {
    env.response.setHeader('Allow', 'POST')
    env.mime_type = 'application/problem+json; charset=utf-8'
    env.site.serve(
      env,
      405,
      Buffer.from(
        JSON.stringify(
          {
            title: 'Method not allowed',
            detail: `The endpoint "${env.parsed_url.path}" requires a POST request.`,
            status: 405
          },
          null,
          2
        ) + '\n',
        'utf-8'
      ),
      'sign_up.json.jst'
    )
    return
  }

  let write_stream = new stream_buffers.WritableStreamBuffer()
  let data = new Promise(
    (resolve, reject) => {
      write_stream.
      on('finish', () => {resolve(write_stream.getContents())}).
      on('error', () => {reject()})
    }
  )
  env.request.pipe(write_stream)
  let query = JSON.parse((await data).toString())
  let email = query.email.toLowerCase()
  console.log('sign up', email)

  // initialize env.session_key, set cookie in env.response
  let transaction = await env.site.database.Transaction()
  let session = await session_cookie(env, transaction)

  let captcha = await session.get('captcha')
  if (captcha === undefined || XDate.now() >= captcha.get('expires')) {
    transaction.rollback()

    env.mime_type = 'application/problem+json; charset=utf-8'
    env.site.serve(
      env,
      418,
      Buffer.from(
        JSON.stringify(
          {
            title: 'No verification image in session',
            detail: `Please call the "/api/verification_image.png" endpoint to create a verification image, in same session as the "/api/sign_up.json" call and less than one hour prior.`,
            status: 418
          },
          null,
          2
        ) + '\n',
        'utf-8'
      ),
      'sign_up.json.jst'
    )
    return
  }

  
  let verification_code = query.verification_code.toLowerCase()
  let captcha_text = await captcha.get('text')
  if (verification_code !== captcha_text) {
    console.log(`verification code mismatch, \"${verification_code}\" should be \"${captcha_text}\"`)
    transaction.rollback()

    env.mime_type = 'application/problem+json; charset=utf-8'
    env.site.serve(
      env,
      419,
      Buffer.from(
        JSON.stringify(
          {
            title: 'Verification code mismatch',
            detail: `The provided verification code "${verification_code}" did not match the verification image.`,
            status: 419
          },
          null,
          2
        ) + '\n',
        'utf-8'
      ),
      'sign_up.json.jst'
    )
    return
  }

  let accounts = await (
    await transaction.get({})
  ).get('accounts', {})

  if (accounts.has(email)) {
    transaction.rollback()

    env.mime_type = 'application/problem+json; charset=utf-8'
    env.site.serve(
      env,
      420,
      Buffer.from(
        JSON.stringify(
          {
            title: 'Account already exists',
            detail: `The email "${email}" already has an account registered.`,
            status: 420
          },
          null,
          2
        ) + '\n',
        'utf-8'
      ),
      'sign_up.json.jst'
    )
    return
  }
  accounts.set(
    email,
    transaction.json_to_logjson(
      {
        given_names: query.given_names || '',
        family_name: query.family_name || '',
        password: query.password || '',
        contact_me: query.contact_me || false,
        email_verified: false
      }
    )
  )

  await transaction.commit()

  env.site.serve(
    env,
    200,
    Buffer.from(
      JSON.stringify(
        null,
        null,
        2
      ) + '\n',
      'utf-8'
    ),
    'sign_up.json.jst'
  )
}