Merge pull request #882 from bluewave-labs/develop

Develop -> Master
2026-01-20 16:49:46 -06:00 · 2024-09-25 00:18:25 -07:00
parent e2df0e7c6c 7454e8812e
commit bfc01de28c
7 changed files with 47 additions and 1854 deletions
--- a/Client/src/Pages/Auth/Register/Register.jsx
+++ b/Client/src/Pages/Auth/Register/Register.jsx
@@ -596,6 +596,7 @@ const Register = ({ isSuperAdmin }) => {
    let registerForm = {
      ...form,
      role: isSuperAdmin ? ["superadmin"] : form.role,
+      inviteToken: token ? token : "", // Add the token to the request for verification
    };
    let error = validateForm(registerForm, {
      context: { password: form.password },
@@ -608,8 +609,8 @@ const Register = ({ isSuperAdmin }) => {
    delete registerForm.confirm;
    const action = await dispatch(register(registerForm));
    if (action.payload.success) {
-      const token = action.payload.data;
-      localStorage.setItem("token", token);
+      const authToken = action.payload.data;
+      localStorage.setItem("token", authToken);
      navigate("/");
      createToast({
        body: "Welcome! Your account was created successfully.",
--- a/Client/src/Validation/validation.js
+++ b/Client/src/Validation/validation.js
@@ -77,6 +77,7 @@ const credentials = joi.object({
    }),
  role: joi.array(),
  teamId: joi.string().allow("").optional(),
+  inviteToken: joi.string().allow(""),
 });

 const monitorValidation = joi.object({
--- a/README.md
+++ b/README.md
--- a/Server/controllers/authController.js
+++ b/Server/controllers/authController.js
@@ -51,6 +51,12 @@ const registerController = async (req, res, next) => {
  }
  // Create a new user
  try {
+    const { inviteToken } = req.body;
+    // If superAdmin exists, a token should be attached to all further register requests
+    const superAdminExists = await req.db.checkSuperadmin(req, res);
+    if (superAdminExists) {
+      await req.db.getInviteTokenAndDelete(inviteToken);
+    }
    const newUser = await req.db.insertUser({ ...req.body }, req.file);
    logger.info(successMessages.AUTH_CREATE_USER, {
      service: SERVICE_NAME,
--- a/Server/db/mongo/MongoDB.js
+++ b/Server/db/mongo/MongoDB.js
@@ -47,6 +47,7 @@ const {
 const {
  requestInviteToken,
  getInviteToken,
+  getInviteTokenAndDelete,
 } = require("./modules/inviteModule");

 //****************************************
@@ -128,6 +129,7 @@ module.exports = {
  logoutUser,
  requestInviteToken,
  getInviteToken,
+  getInviteTokenAndDelete,
  requestRecoveryToken,
  validateRecoveryToken,
  resetPassword,
--- a/Server/db/mongo/modules/inviteModule.js
+++ b/Server/db/mongo/modules/inviteModule.js
@@ -32,7 +32,7 @@ const requestInviteToken = async (userData) => {
 };

 /**
- * Retrieves and deletes an invite token.
+ * Retrieves an invite token
 *
 * This function searches for an invite token in the database and deletes it.
 * If the invite token is not found, it throws an error.
@@ -42,6 +42,32 @@ const requestInviteToken = async (userData) => {
 * @throws {Error} If the invite token is not found or there is another error.
 */
 const getInviteToken = async (token) => {
+  try {
+    const invite = await InviteToken.findOne({
+      token,
+    });
+    if (invite === null) {
+      throw new Error(errorMessages.AUTH_INVITE_NOT_FOUND);
+    }
+    return invite;
+  } catch (error) {
+    error.service = SERVICE_NAME;
+    error.method = "getInviteToken";
+    throw error;
+  }
+};
+
+/**
+ * Retrieves and deletes an invite token
+ *
+ * This function searches for an invite token in the database and deletes it.
+ * If the invite token is not found, it throws an error.
+ *
+ * @param {string} token - The invite token to search for.
+ * @returns {Promise<InviteToken>} The invite token data.
+ * @throws {Error} If the invite token is not found or there is another error.
+ */
+const getInviteTokenAndDelete = async (token) => {
  try {
    const invite = await InviteToken.findOneAndDelete({
      token,
@@ -60,4 +86,5 @@ const getInviteToken = async (token) => {
 module.exports = {
  requestInviteToken,
  getInviteToken,
+  getInviteTokenAndDelete,
 };
--- a/Server/validation/joi.js
+++ b/Server/validation/joi.js
@@ -74,6 +74,7 @@ const registrationBodyValidation = joi.object({
    .min(1)
    .required(),
  teamId: joi.string().allow("").required(),
+  inviteToken: joi.string().allow("").required(),
 });

 const editUserParamValidation = joi.object({
@@ -137,6 +138,7 @@ const inviteBodyValidation = joi.object({
    "string.email": "Must be a valid email address",
  }),
  role: joi.array().required(),
+  teamId: joi.string().required(),
 });

 const inviteVerifciationBodyValidation = joi.object({