mirror of
https://github.com/Dokploy/dokploy
synced 2025-06-26 18:27:59 +00:00
feat(auth): implement user creation validation and IP update logic
- Added validation for user creation to check for existing admin presence and validate x-dokploy-token. - Integrated public IP retrieval for user updates when not in cloud environment. - Enhanced error handling with APIError for better feedback during user creation process.
This commit is contained in:
@@ -8,6 +8,10 @@ import { db } from "../db";
|
|||||||
import * as schema from "../db/schema";
|
import * as schema from "../db/schema";
|
||||||
import { sendEmail } from "../verification/send-verification-email";
|
import { sendEmail } from "../verification/send-verification-email";
|
||||||
import { IS_CLOUD } from "../constants";
|
import { IS_CLOUD } from "../constants";
|
||||||
|
import { getPublicIpWithFallback } from "../wss/utils";
|
||||||
|
import { updateUser } from "../services/user";
|
||||||
|
import { getUserByToken } from "../services/admin";
|
||||||
|
import { APIError } from "better-auth/api";
|
||||||
|
|
||||||
const { handler, api } = betterAuth({
|
const { handler, api } = betterAuth({
|
||||||
database: drizzleAdapter(db, {
|
database: drizzleAdapter(db, {
|
||||||
@@ -88,11 +92,40 @@ const { handler, api } = betterAuth({
|
|||||||
databaseHooks: {
|
databaseHooks: {
|
||||||
user: {
|
user: {
|
||||||
create: {
|
create: {
|
||||||
|
before: async (_user, context) => {
|
||||||
|
if (!IS_CLOUD) {
|
||||||
|
const xDokployToken =
|
||||||
|
context?.request?.headers?.get("x-dokploy-token");
|
||||||
|
if (xDokployToken) {
|
||||||
|
const user = await getUserByToken(xDokployToken);
|
||||||
|
if (!user) {
|
||||||
|
throw new APIError("BAD_REQUEST", {
|
||||||
|
message: "User not found",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
const isAdminPresent = await db.query.member.findFirst({
|
||||||
|
where: eq(schema.member.role, "owner"),
|
||||||
|
});
|
||||||
|
if (isAdminPresent) {
|
||||||
|
throw new APIError("BAD_REQUEST", {
|
||||||
|
message: "Admin is already created",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
after: async (user) => {
|
after: async (user) => {
|
||||||
const isAdminPresent = await db.query.member.findFirst({
|
const isAdminPresent = await db.query.member.findFirst({
|
||||||
where: eq(schema.member.role, "owner"),
|
where: eq(schema.member.role, "owner"),
|
||||||
});
|
});
|
||||||
|
|
||||||
|
if (!IS_CLOUD) {
|
||||||
|
await updateUser(user.id, {
|
||||||
|
serverIp: await getPublicIpWithFallback(),
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
if (IS_CLOUD || !isAdminPresent) {
|
if (IS_CLOUD || !isAdminPresent) {
|
||||||
await db.transaction(async (tx) => {
|
await db.transaction(async (tx) => {
|
||||||
const organization = await tx
|
const organization = await tx
|
||||||
|
|||||||
Reference in New Issue
Block a user