feature: require invites

2025-10-08 14:42:01 -07:00 · 2025-10-08 14:42:01 -07:00 · a3302d2eff
commit a3302d2eff
parent 8b70172493
22 changed files with 385 additions and 482 deletions
--- a/public/api/users/:user_id/index.ts
+++ b/public/api/users/:user_id/index.ts
@ -143,6 +143,8 @@ export async function DELETE(_req: Request, meta: Record<string, any>): Promise<

 	await USERS.delete(user);

+	// TODO: delete any uploads?
+
 	return Response.json({
 		deleted: true
 	}, {
--- a/public/api/users/index.ts
+++ b/public/api/users/index.ts
@ -8,12 +8,13 @@ import { create_new_session, SESSION_RESULT } from '../auth/index.ts';
 import { get_session, get_user, PRECHECK_TABLE, require_user } from '../../../utils/prechecks.ts';
 import * as CANNED_RESPONSES from '../../../utils/canned_responses.ts';
 import * as bcrypt from '@da/bcrypt';
-import { WALK_ENTRY } from '@andyburke/fsdb';
 import { INVITE_CODE, INVITE_CODES } from '../../../models/invites.ts';

 // TODO: figure out a better solution for doling out permissions
 const DEFAULT_USER_PERMISSIONS: string[] = [
 	'files.write.own',
+	'invites.create',
+	'invites.read.own',
 	'self.read',
 	'self.write',
 	'topics.read',
@ -112,22 +113,52 @@ export async function POST(req: Request, meta: Record<string, any>): Promise<Res
 			});
 		}

-		const invite_code: INVITE_CODE | undefined = typeof submitted_invite_code === 'string' && submitted_invite_code.length
-			? (await INVITE_CODES.find({
-				code: submitted_invite_code
-			})).shift()?.load()
-			: undefined;
+		const at_least_one_existing_user = (await USERS.all({
+			limit: 1,
+			offset: 0
+		})).shift()?.load();

-		const is_expired = invite_code?.timestamps.expires ? now <= invite_code.timestamps.expires : true;
-		const is_limited = invite_code?.limit
-			? (await SIGNUPS.find({
-				referring_invite_code_id: invite_code.id
+		let root_invite_code_secret = undefined;
+		if (!at_least_one_existing_user) {
+			root_invite_code_secret = lurid();
+
+			const root_invite_code: INVITE_CODE = {
+				id: lurid(),
+				code: root_invite_code_secret,
+				creator_id: new_user_id,
+				timestamps: {
+					created: now
+				}
+			};
+
+			await INVITE_CODES.create(root_invite_code);
+		}
+
+		const secret_code = submitted_invite_code ?? root_invite_code_secret;
+		if (typeof secret_code !== 'string' || secret_code.length < 3) {
+			return Response.json({
+				error: {
+					cause: 'missing_invite_code',
+					message: 'You need to specify an invite code.'
+				}
 			}, {
-				limit: invite_code.limit
-			})).length >= invite_code.limit
-			: false;
+				status: 400
+			});
+		}

-		if (!invite_code || is_expired || is_limited) {
+		const invite_code: INVITE_CODE | undefined = (await INVITE_CODES.find({
+			code: secret_code
+		})).shift()?.load();
+
+		const is_expired = invite_code?.timestamps.expires ? now <= invite_code.timestamps.expires : false;
+		const is_used = (await SIGNUPS.find({
+			referring_invite_code_id: invite_code?.id
+		}, {
+			limit: 1
+		})).length > 0;
+		const is_cancelled = !!invite_code?.timestamps?.cancelled;
+
+		if (!invite_code || is_expired || is_used || is_cancelled) {
 			return Response.json({
 				error: {
 					cause: 'invalid_signup_code',
@ -135,7 +166,8 @@ export async function POST(req: Request, meta: Record<string, any>): Promise<Res
 					meta: {
 						exists: !!invite_code,
 						is_expired,
-						is_limited
+						is_used,
+						is_cancelled
 					}
 				}
 			}, {
@ -146,8 +178,8 @@ export async function POST(req: Request, meta: Record<string, any>): Promise<Res
 		const signup: SIGNUP = {
 			id: lurid(),
 			user_id: new_user_id,
-			invite_code_id: invite_code.id,
-			referring_user_id: invite_code.creator_id,
+			invite_code_id: invite_code?.id ?? 'able-able-able-able-able-able-able-able-able-able',
+			referring_user_id: invite_code?.creator_id ?? new_user_id,
 			timestamps: {
 				created: now
 			}
--- a/public/signup_login_wall.html
+++ b/public/signup_login_wall.html
@ -2,6 +2,7 @@
 	<style>
 		#signup-login-wall {
 			display: flex;
+			flex-direction: column;
 			align-items: center;
 			justify-content: center;
 			position: absolute;
@ -16,6 +17,14 @@
 			transition: all 0.33s;
 		}

+		#login-tab .tab-content {
+			min-height: 17rem;
+		}
+
+		#signup-tab .tab-content {
+			min-height: 21rem;
+		}
+
 		body[data-user] #signup-login-wall {
 			visibility: hidden;
 			opacity: 0;
@ -23,24 +32,21 @@

 		#signup-login-wall .limiter {
 			width: 95%;
+			min-height: 24rem;
 			position: relative;
 			background: hsl(from var(--bg) h s 15);
 			max-width: 40em;
-			min-height: 22rem;
 			margin: 0 auto;
 		}

-		#login-tab,
-		#signup-tab {
-			min-height: 22rem;
-		}
-
 		#signup-login-wall form {
 			width: 100%;
 			padding: 1.5rem 1.5rem 0 1.5rem;
 		}
 	</style>

+	<!-- #include file="./signup_pitch.md" -->
+
 	<div class="limiter">
 		<div class="tabs">
 			<div id="login-tab" class="tab">
@ -118,6 +124,15 @@
 							<input id="signup-password" type="password" name="password" required />
 							<label class="placeholder" for="signup-password">password</label>
 						</div>
+						<div>
+							<input
+								id="signup-invite-code"
+								type="text"
+								name="invite_code"
+								required
+							/>
+							<label class="placeholder" for="signup-invite-code">invite code</label>
+						</div>
 						<button id="signup-submit" type="submit" class="primary">Sign Up</button>
 					</form>
 				</div>
--- a/public/tabs/tabs.html
+++ b/public/tabs/tabs.html
@ -35,6 +35,7 @@
 		justify-content: space-between;
 		align-items: flex-start;
 		min-height: inherit;
+		background: inherit;
 	}

 	.tabs::before,
@ -48,6 +49,7 @@
 	}

 	.tab {
+		background: inherit;
 	}

 	.tab-switch {
@ -83,6 +85,9 @@
 		border-top: 1px solid var(--border-subtle);
 		margin-top: 1px;
 		overflow-y: scroll;
+		visibility: hidden;
+		display: none;
+		background: inherit;
 	}

 	.tab-switch,
@ -99,6 +104,8 @@
 	.tab-switch:checked + label + .tab-content {
 		z-index: 2;
 		opacity: 1;
+		visibility: visible;
+		display: block;
 	}

 	@media screen and (max-width: 800px) {