From 0ad7869249c8594277afc0aa707c05ac2ed633cf Mon Sep 17 00:00:00 2001 From: syuilo Date: Sat, 29 Apr 2023 17:03:14 +0900 Subject: feat: preserved usernames Resolve #10704 --- packages/backend/src/server/api/SignupApiService.ts | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'packages/backend/src/server/api/SignupApiService.ts') diff --git a/packages/backend/src/server/api/SignupApiService.ts b/packages/backend/src/server/api/SignupApiService.ts index fbabf47aff..f44e71771c 100644 --- a/packages/backend/src/server/api/SignupApiService.ts +++ b/packages/backend/src/server/api/SignupApiService.ts @@ -1,6 +1,7 @@ import { Inject, Injectable } from '@nestjs/common'; import rndstr from 'rndstr'; import bcrypt from 'bcryptjs'; +import { IsNull } from 'typeorm'; import { DI } from '@/di-symbols.js'; import type { RegistrationTicketsRepository, UsedUsernamesRepository, UserPendingsRepository, UserProfilesRepository, UsersRepository } from '@/models/index.js'; import type { Config } from '@/config.js'; @@ -15,7 +16,6 @@ import { FastifyReplyError } from '@/misc/fastify-reply-error.js'; import { bindThis } from '@/decorators.js'; import { SigninService } from './SigninService.js'; import type { FastifyRequest, FastifyReply } from 'fastify'; -import { IsNull } from 'typeorm'; @Injectable() export class SignupApiService { @@ -137,6 +137,11 @@ export class SignupApiService { throw new FastifyReplyError(400, 'USED_USERNAME'); } + const isPreserved = instance.preservedUsernames.map(x => x.toLowerCase()).includes(username.toLowerCase()); + if (isPreserved) { + throw new FastifyReplyError(400, 'USED_USERNAME'); + } + const code = rndstr('a-z0-9', 16); // Generate hash of password -- cgit v1.2.3-freya From b3ec47c3f479c842a33074c13323597484d0d0b6 Mon Sep 17 00:00:00 2001 From: tamaina Date: Tue, 2 May 2023 10:18:57 +0000 Subject: 初期ユーザー登録時にはpreservedUsernamesを無視する Fix #10738 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/backend/src/server/api/SignupApiService.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'packages/backend/src/server/api/SignupApiService.ts') diff --git a/packages/backend/src/server/api/SignupApiService.ts b/packages/backend/src/server/api/SignupApiService.ts index f44e71771c..f3a1d406ae 100644 --- a/packages/backend/src/server/api/SignupApiService.ts +++ b/packages/backend/src/server/api/SignupApiService.ts @@ -139,7 +139,7 @@ export class SignupApiService { const isPreserved = instance.preservedUsernames.map(x => x.toLowerCase()).includes(username.toLowerCase()); if (isPreserved) { - throw new FastifyReplyError(400, 'USED_USERNAME'); + throw new FastifyReplyError(400, 'DENIED_USERNAME'); } const code = rndstr('a-z0-9', 16); @@ -169,6 +169,7 @@ export class SignupApiService { try { const { account, secret } = await this.signupService.signup({ username, password, host, + ignorePreservedUsernames: (await this.usersRepository.countBy({ host: IsNull() })) === 0, }); const res = await this.userEntityService.pack(account, account, { -- cgit v1.2.3-freya From f3e43a0fc63d9beee74dfd1f29679ff95ef1e130 Mon Sep 17 00:00:00 2001 From: tamaina Date: Tue, 2 May 2023 10:26:18 +0000 Subject: refactor --- packages/backend/src/core/SignupService.ts | 10 +++++----- packages/backend/src/server/api/SignupApiService.ts | 1 - 2 files changed, 5 insertions(+), 6 deletions(-) (limited to 'packages/backend/src/server/api/SignupApiService.ts') diff --git a/packages/backend/src/core/SignupService.ts b/packages/backend/src/core/SignupService.ts index 2b8387f89c..364bcf0f84 100644 --- a/packages/backend/src/core/SignupService.ts +++ b/packages/backend/src/core/SignupService.ts @@ -80,14 +80,16 @@ export class SignupService { throw new Error('USED_USERNAME'); } - if (!opts.ignorePreservedUsernames) { + const isTheFirstUser = (await this.usersRepository.countBy({ host: IsNull() })) === 0; + + if (!opts.ignorePreservedUsernames || !isTheFirstUser) { const instance = await this.metaService.fetch(true); const isPreserved = instance.preservedUsernames.map(x => x.toLowerCase()).includes(username.toLowerCase()); if (isPreserved) { throw new Error('USED_USERNAME'); } } - + const keyPair = await new Promise((res, rej) => generateKeyPair('rsa', { modulusLength: 4096, @@ -123,9 +125,7 @@ export class SignupService { usernameLower: username.toLowerCase(), host: this.utilityService.toPunyNullable(host), token: secret, - isRoot: (await this.usersRepository.countBy({ - host: IsNull(), - })) === 0, + isRoot: isTheFirstUser, })); await transactionalEntityManager.save(new UserKeypair({ diff --git a/packages/backend/src/server/api/SignupApiService.ts b/packages/backend/src/server/api/SignupApiService.ts index f3a1d406ae..b2bd7d82e7 100644 --- a/packages/backend/src/server/api/SignupApiService.ts +++ b/packages/backend/src/server/api/SignupApiService.ts @@ -169,7 +169,6 @@ export class SignupApiService { try { const { account, secret } = await this.signupService.signup({ username, password, host, - ignorePreservedUsernames: (await this.usersRepository.countBy({ host: IsNull() })) === 0, }); const res = await this.userEntityService.pack(account, account, { -- cgit v1.2.3-freya