Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
} as UserDocument;
// optional data
if (profile.photos && profile.photos.length > 0) {
newUser.thumb = profile.photos[0].value;
}
newUser.providers[provider].profile = profile._json; // save original data to separate field
newUser.emails = uniq(emails);
logger.info(ctx.state, '[AuthenticationApi.createOAuthUser] Creating new user.');
newUser = await UserUtil.createUser(ctx, newUser, false);
/* istanbul ignore if */
if (process.env.SQREEN_ENABLED) {
require('sqreen').signup_track({ email: newUser.email });
}
logger.info(ctx.state, '[AuthenticationApi.createOAuthUser] New user <%s> created.', newUser.email);
await LogUserUtil.success(ctx, newUser, 'registration', {
provider,
email: newUser.email,
});
// new oauth user, clear provider cache since there might gonna be new user matches.
await apiCache.invalidateProviderCache(ctx.state, provider);
this.noAwait(async () => {
await mailer.welcomeOAuth(ctx.state, newUser);
});
return newUser;
}
// TODO make sure newUser.email is sane (comes from user directly)
const existingUser = await state.models.User.findOne({
$or: [
{ emails: sanitize(postedUser.email) },
{ validated_emails: sanitize(postedUser.email) },
],
}).exec();
if (existingUser) {
throw new ApiError('User with email <%s> already exists.', postedUser.email).warn().status(409);
}
const confirmUserEmail = config.vpdb.email.confirmUserEmail && !skipEmailConfirmation;
const createdUser = await UserUtil.createUser(ctx, postedUser, confirmUserEmail);
if (process.env.SQREEN_ENABLED) {
require('sqreen').signup_track({ email: createdUser.email });
}
await LogUserUtil.success(ctx, createdUser, 'registration', {
provider: 'local',
email: createdUser.email,
username: createdUser.username,
});
this.noAwait(async () => {
// user validated and created. time to send the activation email.
if (config.vpdb.email.confirmUserEmail) {
await mailer.registrationConfirmation(ctx.state, createdUser);
}
});
// return result
}).then(user => {
if (config.vpdb.services.sqreen.enabled) {
require('sqreen').signup_track({ email: user.email });
}
LogUser.success(req, user, 'registration', { provider: 'local', email: newUser.email, username: newUser.username });
// user validated and created. time to send the activation email.
if (config.vpdb.email.confirmUserEmail) {
mailer.registrationConfirmation(user);
}
// return result now and send email afterwards
if (testMode && req.body.returnEmailToken) {
api.success(res, _.extend(UserSerializer.detailed(user, req), { email_token: user.email_status.toObject().token }), 201);
} else {
api.success(res, UserSerializer.detailed(user, req), 201);
}
// TODO make sure newUser.email is sane (comes from user directly)
let user = await state.models.User.findOne({
$or: [
{ emails: newUser.email },
{ validated_emails: newUser.email },
],
}).exec();
if (user) {
throw new ApiError('User with email <%s> already exists.', newUser.email).warn().status(409);
}
const confirmUserEmail = config.vpdb.email.confirmUserEmail && !skipEmailConfirmation;
user = await UserUtil.createUser(ctx, newUser, confirmUserEmail);
if (process.env.SQREEN_ENABLED) {
require('sqreen').signup_track({ email: user.email });
}
await LogUserUtil.success(ctx, user, 'registration', {
provider: 'local',
email: newUser.email,
username: newUser.username,
});
// user validated and created. time to send the activation email.
if (config.vpdb.email.confirmUserEmail) {
await mailer.registrationConfirmation(ctx.state, user);
}
// return result now and send email afterwards
if (testMode && ctx.request.body.returnEmailToken) {
return this.success(ctx, assign(state.serializers.User.detailed(ctx, user), { email_token: (user.email_status as any).toObject().token }), 201);
}).then(user => {
if (config.vpdb.services.sqreen.enabled) {
require('sqreen').signup_track({ email: user.email });
}
LogUser.success(req, user, 'registration', { provider: provider, email: newUser.email });
logger.info('[passport|%s] New user <%s> created.', logtag, user.email);
mailer.welcomeOAuth(user);
return user;
});