require invite token to register except for initial registration

Server/controllers/authController.js

@@ -51,6 +51,11 @@ const registerController = async (req, res, next) => {
   }
   // Create a new user
   try {
+    const { inviteToken } = req.body;
+    const superAdminExists = await req.db.checkSuperadmin(req, res);
+    if (superAdminExists) {
+      await req.db.getInviteTokenAndDelete(inviteToken);
+    }
     const newUser = await req.db.insertUser({ ...req.body }, req.file);
     logger.info(successMessages.AUTH_CREATE_USER, {
       service: SERVICE_NAME,

Server/db/mongo/MongoDB.js

@@ -47,6 +47,7 @@ const {
 const {
   requestInviteToken,
   getInviteToken,
+  getInviteTokenAndDelete,
 } = require("./modules/inviteModule");
 
 //****************************************
@@ -128,6 +129,7 @@ module.exports = {
   logoutUser,
   requestInviteToken,
   getInviteToken,
+  getInviteTokenAndDelete,
   requestRecoveryToken,
   validateRecoveryToken,
   resetPassword,

Server/db/mongo/modules/inviteModule.js

@@ -32,7 +32,7 @@ const requestInviteToken = async (userData) => {
 };
 
 /**
- * Retrieves and deletes an invite token.
+ * Retrieves an invite token
  *
  * This function searches for an invite token in the database and deletes it.
  * If the invite token is not found, it throws an error.
@@ -42,6 +42,33 @@ const requestInviteToken = async (userData) => {
  * @throws {Error} If the invite token is not found or there is another error.
  */
 const getInviteToken = async (token) => {
+  console.log(token);
+  try {
+    const invite = await InviteToken.findOne({
+      token,
+    });
+    if (invite === null) {
+      throw new Error(errorMessages.AUTH_INVITE_NOT_FOUND);
+    }
+    return invite;
+  } catch (error) {
+    error.service = SERVICE_NAME;
+    error.method = "getInviteToken";
+    throw error;
+  }
+};
+
+/**
+ * Retrieves and deletes an invite token
+ *
+ * This function searches for an invite token in the database and deletes it.
+ * If the invite token is not found, it throws an error.
+ *
+ * @param {string} token - The invite token to search for.
+ * @returns {Promise<InviteToken>} The invite token data.
+ * @throws {Error} If the invite token is not found or there is another error.
+ */
+const getInviteTokenAndDelete = async (token) => {
   try {
     const invite = await InviteToken.findOneAndDelete({
       token,
@@ -60,4 +87,5 @@ const getInviteToken = async (token) => {
 module.exports = {
   requestInviteToken,
   getInviteToken,
+  getInviteTokenAndDelete,
 };

Server/validation/joi.js

@@ -74,6 +74,7 @@ const registrationBodyValidation = joi.object({
     .min(1)
     .required(),
   teamId: joi.string().allow("").required(),
+  inviteToken: joi.string().allow("").required(),
 });
 
 const editUserParamValidation = joi.object({
@@ -137,6 +138,7 @@ const inviteBodyValidation = joi.object({
     "string.email": "Must be a valid email address",
   }),
   role: joi.array().required(),
+  teamId: joi.string().required(),
 });
 
 const inviteVerifciationBodyValidation = joi.object({