Merge pull request #381 from Dokploy/security/apply-validation-when-creating-admin

refactor(auth): add validation to prevent create another admin when a…
This commit is contained in:
Mauricio Siu
2024-08-26 15:32:29 -06:00
committed by GitHub

View File

@@ -12,6 +12,7 @@ import {
} from "@/server/db/schema"; } from "@/server/db/schema";
import { TRPCError } from "@trpc/server"; import { TRPCError } from "@trpc/server";
import * as bcrypt from "bcrypt"; import * as bcrypt from "bcrypt";
import { db } from "../../db";
import { import {
createAdmin, createAdmin,
createUser, createUser,
@@ -33,6 +34,14 @@ export const authRouter = createTRPCRouter({
.input(apiCreateAdmin) .input(apiCreateAdmin)
.mutation(async ({ ctx, input }) => { .mutation(async ({ ctx, input }) => {
try { try {
const admin = await db.query.admins.findFirst({});
if (admin) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Admin already exists",
});
}
const newAdmin = await createAdmin(input); const newAdmin = await createAdmin(input);
const session = await lucia.createSession(newAdmin.id || "", {}); const session = await lucia.createSession(newAdmin.id || "", {});
ctx.res.appendHeader( ctx.res.appendHeader(