|
|
@ -62,11 +62,12 @@ struct KeysData {
|
|
|
|
#[post("/accounts/register", data = "<data>")]
|
|
|
|
#[post("/accounts/register", data = "<data>")]
|
|
|
|
fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|
|
|
fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|
|
|
let data: RegisterData = data.into_inner().data;
|
|
|
|
let data: RegisterData = data.into_inner().data;
|
|
|
|
|
|
|
|
let email = data.Email.to_lowercase();
|
|
|
|
|
|
|
|
|
|
|
|
let mut user = match User::find_by_mail(&data.Email, &conn) {
|
|
|
|
let mut user = match User::find_by_mail(&email, &conn) {
|
|
|
|
Some(user) => {
|
|
|
|
Some(user) => {
|
|
|
|
if !user.password_hash.is_empty() {
|
|
|
|
if !user.password_hash.is_empty() {
|
|
|
|
if CONFIG.is_signup_allowed(&data.Email) {
|
|
|
|
if CONFIG.is_signup_allowed(&email) {
|
|
|
|
err!("User already exists")
|
|
|
|
err!("User already exists")
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
err!("Registration not allowed or user already exists")
|
|
|
|
err!("Registration not allowed or user already exists")
|
|
|
@ -75,19 +76,19 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|
|
|
|
|
|
|
|
|
|
|
if let Some(token) = data.Token {
|
|
|
|
if let Some(token) = data.Token {
|
|
|
|
let claims = decode_invite(&token)?;
|
|
|
|
let claims = decode_invite(&token)?;
|
|
|
|
if claims.email == data.Email {
|
|
|
|
if claims.email == email {
|
|
|
|
user
|
|
|
|
user
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
err!("Registration email does not match invite email")
|
|
|
|
err!("Registration email does not match invite email")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else if Invitation::take(&data.Email, &conn) {
|
|
|
|
} else if Invitation::take(&email, &conn) {
|
|
|
|
for mut user_org in UserOrganization::find_invited_by_user(&user.uuid, &conn).iter_mut() {
|
|
|
|
for mut user_org in UserOrganization::find_invited_by_user(&user.uuid, &conn).iter_mut() {
|
|
|
|
user_org.status = UserOrgStatus::Accepted as i32;
|
|
|
|
user_org.status = UserOrgStatus::Accepted as i32;
|
|
|
|
user_org.save(&conn)?;
|
|
|
|
user_org.save(&conn)?;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
user
|
|
|
|
user
|
|
|
|
} else if CONFIG.is_signup_allowed(&data.Email) {
|
|
|
|
} else if CONFIG.is_signup_allowed(&email) {
|
|
|
|
err!("Account with this email already exists")
|
|
|
|
err!("Account with this email already exists")
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
err!("Registration not allowed or user already exists")
|
|
|
|
err!("Registration not allowed or user already exists")
|
|
|
@ -97,8 +98,8 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|
|
|
// Order is important here; the invitation check must come first
|
|
|
|
// Order is important here; the invitation check must come first
|
|
|
|
// because the vaultwarden admin can invite anyone, regardless
|
|
|
|
// because the vaultwarden admin can invite anyone, regardless
|
|
|
|
// of other signup restrictions.
|
|
|
|
// of other signup restrictions.
|
|
|
|
if Invitation::take(&data.Email, &conn) || CONFIG.is_signup_allowed(&data.Email) {
|
|
|
|
if Invitation::take(&email, &conn) || CONFIG.is_signup_allowed(&email) {
|
|
|
|
User::new(data.Email.clone())
|
|
|
|
User::new(email.clone())
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
err!("Registration not allowed or user already exists")
|
|
|
|
err!("Registration not allowed or user already exists")
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -106,7 +107,7 @@ fn register(data: JsonUpcase<RegisterData>, conn: DbConn) -> EmptyResult {
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
// Make sure we don't leave a lingering invitation.
|
|
|
|
// Make sure we don't leave a lingering invitation.
|
|
|
|
Invitation::take(&data.Email, &conn);
|
|
|
|
Invitation::take(&email, &conn);
|
|
|
|
|
|
|
|
|
|
|
|
if let Some(client_kdf_iter) = data.KdfIterations {
|
|
|
|
if let Some(client_kdf_iter) = data.KdfIterations {
|
|
|
|
user.client_kdf_iter = client_kdf_iter;
|
|
|
|
user.client_kdf_iter = client_kdf_iter;
|
|
|
|