fix: add validation to prevent overwrite user

apps/dokploy/components/layouts/settings-layout.tsx

@@ -95,6 +95,16 @@ export const SettingsLayout = ({ children }: Props) => {
 									},
 								]
 							: []),
+						...(user?.canAccessToGitProviders
+							? [
+									{
+										title: "Git",
+										label: "",
+										icon: GitBranch,
+										href: "/dashboard/settings/git-providers",
+									},
+								]
+							: []),
 					]}
 				/>
 			</div>

apps/dokploy/server/api/routers/admin.ts

@@ -3,30 +3,18 @@ import {
 	apiAssignPermissions,
 	apiCreateUserInvitation,
 	apiFindOneToken,
-	apiGetBranches,
 	apiRemoveUser,
 	users,
 } from "@/server/db/schema";
-import { haveGithubRequirements } from "@/server/utils/providers/github";
-import { createAppAuth } from "@octokit/auth-app";
 import { TRPCError } from "@trpc/server";
 import { eq } from "drizzle-orm";
-import { Octokit } from "octokit";
 import {
 	createInvitation,
 	findAdmin,
 	getUserByToken,
 	removeUserByAuthId,
-	updateAdmin,
 } from "../services/admin";
-import {
-	adminProcedure,
-	createTRPCRouter,
-	protectedProcedure,
-	publicProcedure,
-} from "../trpc";
-import { z } from "zod";
-import { getGithubProvider } from "../services/git-provider";
+import { adminProcedure, createTRPCRouter, publicProcedure } from "../trpc";
 
 export const adminRouter = createTRPCRouter({
 	one: adminProcedure.query(async () => {
@@ -85,10 +73,4 @@ export const adminRouter = createTRPCRouter({
 				});
 			}
 		}),
-
-	// haveGithubConfigured: protectedProcedure.query(async () => {
-	// 	const adminResponse = await findAdmin();
-
-	// 	return haveGithubRequirements(adminResponse);
-	// }),
 });

apps/dokploy/server/api/routers/auth.ts

@@ -28,6 +28,7 @@ import {
 	protectedProcedure,
 	publicProcedure,
 } from "../trpc";
+import { getUserByToken } from "../services/admin";
 
 export const authRouter = createTRPCRouter({
 	createAdmin: publicProcedure
@@ -61,6 +62,13 @@ export const authRouter = createTRPCRouter({
 		.input(apiCreateUser)
 		.mutation(async ({ ctx, input }) => {
 			try {
+				const token = await getUserByToken(input.token);
+				if (token.isExpired) {
+					throw new TRPCError({
+						code: "BAD_REQUEST",
+						message: "Invalid token",
+					});
+				}
 				const newUser = await createUser(input);
 				const session = await lucia.createSession(newUser?.authId || "", {});
 				ctx.res.appendHeader(

apps/dokploy/server/api/services/admin.ts

@@ -129,13 +129,9 @@ export const getUserByToken = async (token: string) => {
 			message: "Invitation not found",
 		});
 	}
-
-	const now = new Date();
-	const isExpired = isAfter(now, new Date(user.expirationDate));
-
 	return {
 		...user,
-		isExpired,
+		isExpired: user.isRegistered,
 	};
 };
 

apps/dokploy/server/api/services/auth.ts

@@ -72,7 +72,7 @@ export const createUser = async (input: typeof apiCreateUser._type) => {
 			.update(users)
 			.set({
 				isRegistered: true,
-				expirationDate: new Date().toISOString(),
+				expirationDate: undefined,
 			})
 			.where(eq(users.token, input.token))
 			.returning()

apps/dokploy/server/db/schema/auth.ts

@@ -70,6 +70,7 @@ export const apiCreateUser = createSchema
 	.pick({
 		password: true,
 		id: true,
+		token: true,
 	})
 	.required()
 	.extend({