Updated the register to only allow to create users if they have a code available

2023-10-03 23:53:54 +01:00
parent 1ccb9555b6
commit 29914d3e89
5 changed files with 119 additions and 26 deletions
--- a/src/pages/api/register.ts
+++ b/src/pages/api/register.ts
@@ -3,8 +3,8 @@ import {createUserWithEmailAndPassword, getAuth, sendPasswordResetEmail} from "f
 import {app} from "@/firebase";
 import {sessionOptions} from "@/lib/session";
 import {withIronSessionApiRoute} from "iron-session/next";
-import {getFirestore, getDoc, doc, setDoc} from "firebase/firestore";
-import {DemographicInformation} from "@/interfaces/user";
+import {getFirestore, getDoc, doc, setDoc, deleteDoc} from "firebase/firestore";
+import {DemographicInformation, Type} from "@/interfaces/user";

 const auth = getAuth(app);
 const db = getFirestore(app);
@@ -26,7 +26,15 @@ const DEFAULT_LEVELS = {
 };

 async function login(req: NextApiRequest, res: NextApiResponse) {
-	const {email, password} = req.body as {email: string; password: string; demographicInformation: DemographicInformation};
+	const {email, password, code} = req.body as {email: string; password: string; code: string; demographicInformation: DemographicInformation};
+
+	const codeRef = await getDoc(doc(db, "codes", code));
+	if (!codeRef.exists()) {
+		res.status(400).json({error: "Invalid Code!"});
+		return;
+	}
+
+	const codeData = codeRef.data() as {code: string; type: Type};

 	createUserWithEmailAndPassword(auth, email, password)
 		.then(async (userCredentials) => {
@@ -38,12 +46,13 @@ async function login(req: NextApiRequest, res: NextApiResponse) {
 				desiredLevels: DEFAULT_DESIRED_LEVELS,
 				levels: DEFAULT_LEVELS,
 				bio: "",
-				isFirstLogin: true,
+				isFirstLogin: codeData.type === "student",
 				focus: "academic",
-				type: "student",
+				type: codeData.type,
 			};

 			await setDoc(doc(db, "users", userId), user);
+			await deleteDoc(codeRef.ref);

 			req.session.user = {...user, id: userId};
 			await req.session.save();