update types; disallow disabled accounts to login.

DylanBulmer · DylanBulmer · commit 07e97212e7a8 · 2022-12-24T14:33:55.000-05:00
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@codrjs/core",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "An open-sourced customizable annotation tool",
   "main": "./cjs/index.js",
   "module": "./esm/index.js",
diff --git a/src/models/User.ts b/src/models/User.ts
@@ -28,10 +28,14 @@ interface User {
     isDisabled: boolean;
     isAnonymous: boolean;
   };
+  createdAt: string;
+  updatedAt: string;
 }
 
 export type IUserSchema = User & Document;
-export type IUser = User & { _id: ObjectId }
+export type IUser = User & {
+  _id: ObjectId;
+};
 
 const UserSchema = new Schema<User>(
   {
@@ -70,5 +74,8 @@ const UserSchema = new Schema<User>(
 // exports User model.
 UserSchema.plugin(accessibleFieldsPlugin);
 UserSchema.plugin(accessibleRecordsPlugin);
-const User = model<IUserSchema, AccessibleModel<IUserSchema>>("User", UserSchema);
+const User = model<IUserSchema, AccessibleModel<IUserSchema>>(
+  "User",
+  UserSchema,
+);
 export default User;
diff --git a/src/services/admin.ts b/src/services/admin.ts
@@ -28,7 +28,7 @@ class Administration {
       email: string;
       role: UserRoleType;
       name?: IUser["name"];
-      isAnonymous: boolean;
+      flags?: IUser["flags"];
     },
   ) {
     if (this.app.mongoIsConnected) {
@@ -88,7 +88,12 @@ class Administration {
    */
   async addUsers(
     user: UserToken,
-    newUsers: { email: string; role: UserRoleType; isAnonymous: boolean }[],
+    newUsers: {
+      email: string;
+      role: UserRoleType;
+      name?: IUser["name"];
+      flags?: IUser["flags"];
+    }[],
   ) {
     const users: IUser[] = [];
     const errors: Error<
diff --git a/src/services/auth.ts b/src/services/auth.ts
@@ -55,33 +55,41 @@ class Authentication {
           "It appears you do not have an account using this email, please contact your Codr admin to gain access.",
       });
     } else if (!token) {
-      try {
-        // init access token
-        const uuid = uuidv4();
-        const accessToken = new AccessToken(uuid);
-        await user.updateOne({
-          accessToken: accessToken.encode(),
-        });
-
-        // send email with access code/token
-        const link =
-          `${process.env.HOST}${process.env.API_PATH}` +
-          "/auth/email/verify?token=" +
-          encrypt(JSON.stringify({ email: email, token: uuid }));
-        const template = new SigninTemplate();
-        await Mail.send(await template.html({ link }), {
-          ...template.config,
-          to: email,
-        });
-        return new Response({
-          message: "An email has been sent to your inbox.",
-        });
-      } catch (e: any) {
+      if (user.flags.isDisabled) {
         throw new Error({
           status: 500,
-          message: e?.message || "An unknown error occured",
-          details: e,
+          message:
+            "It appears that your account has been disabled or deleted. Please contact your administrator if you feel like this is a mistake.",
         });
+      } else {
+        try {
+          // init access token
+          const uuid = uuidv4();
+          const accessToken = new AccessToken(uuid);
+          await user.updateOne({
+            accessToken: accessToken.encode(),
+          });
+
+          // send email with access code/token
+          const link =
+            `${process.env.HOST}${process.env.API_PATH}` +
+            "/auth/email/verify?token=" +
+            encrypt(JSON.stringify({ email: email, token: uuid }));
+          const template = new SigninTemplate();
+          await Mail.send(await template.html({ link }), {
+            ...template.config,
+            to: email,
+          });
+          return new Response({
+            message: "An email has been sent to your inbox.",
+          });
+        } catch (e: any) {
+          throw new Error({
+            status: 500,
+            message: e?.message || "An unknown error occured",
+            details: e,
+          });
+        }
       }
     } else if (user.accessToken) {
       // decrypt the stored access code
@@ -116,7 +124,7 @@ class Authentication {
           // send response
           return new Response<{ user: IUser }>({
             message: `Login successful.`,
-            details: { user: {...user.toObject(), ...update} },
+            details: { user: { ...user.toObject(), ...update } },
           });
         } catch (e: any) {
           throw new Error({

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@codrjs/core",`
`3`		`- "version": "1.0.12",`
	`3`	`+ "version": "1.0.13",`
`4`	`4`	`"description": "An open-sourced customizable annotation tool",`
`5`	`5`	`"main": "./cjs/index.js",`
`6`	`6`	`"module": "./esm/index.js",`