New registration system.

3 years ago · aa5e196481
parent 78c7a18bb7
commit aa5e196481
4 changed files with 159 additions and 27 deletions
--- a/Web/lib/MJB/Web.pm
+++ b/Web/lib/MJB/Web.pm
@ -157,11 +157,14 @@ sub startup ($self) {
    $r->get   ( '/contact' )->to( 'Root#contact'  )->name('show_contact'  );

    # User registration, login, and logout.
-    $r->get   ( '/register' )->to( 'Auth#register'    )->name('show_register' );
-    $r->post  ( '/register' )->to( 'Auth#do_register' )->name('do_register'   );
-    $r->get   ( '/login'    )->to( 'Auth#login'       )->name('show_login'    );
-    $r->post  ( '/login'    )->to( 'Auth#do_login'    )->name('do_login'      );
-    $auth->get( '/logout'   )->to( 'Auth#do_logout'   )->name('do_logout'     );
+    $r->get   ( '/register'        )->to( 'Auth#register'           )->name('show_register' );
+    $r->get   ( '/register/open'   )->to( 'Auth#register_open'      )->name('show_register_open' );
+    $r->post  ( '/register/open'   )->to( 'Auth#do_register_open'   )->name('do_register_open'   );
+    $r->get   ( '/register/invite' )->to( 'Auth#register_invite'    )->name('show_register_invite' );
+    $r->post  ( '/register/invite' )->to( 'Auth#do_register_invite' )->name('do_register_invite'   );
+    $r->get   ( '/login'           )->to( 'Auth#login'              )->name('show_login'    );
+    $r->post  ( '/login'           )->to( 'Auth#do_login'           )->name('do_login'      );
+    $auth->get( '/logout'          )->to( 'Auth#do_logout'          )->name('do_logout'     );

    # User Forgot Password Workflow.
    $r->get ( '/forgot'       )->to('Auth#forgot'    )->name('show_forgot' );
--- a/Web/lib/MJB/Web/Controller/Auth.pm
+++ b/Web/lib/MJB/Web/Controller/Auth.pm
@ -12,38 +12,138 @@ use DateTime;

 #==
 # GET /register | show_register | templates/auth/register.html.ep
+#
+# Send the user to whatever the default registration system is.
 #==
 sub register ( $c ) {
+    return $c->redirect_to( $c->url_for( 'show_register_stripe' ) )
+        if $c->config->{register}{default} eq 'stripe';
+    
+    return $c->redirect_to( $c->url_for( 'show_register_invite' ) )
+        if $c->config->{register}{default} eq 'invite';
+
+    return $c->redirect_to( $c->url_for( 'show_register_open' ) )
+        if $c->config->{register}{default} eq 'open';
+    
+    # No default registration system.
+    return $c->redirect_to( $c->url_for( 'show_homepage' ) );
+}

+#==
+# GET /register/open | show_register_open | templates/auth/register_open.html.ep
+#==
+sub register_open ( $c ) {
+    # Don't allow this user registration method unless register.enable_open is true.
+    return $c->redirect_to( $c->url_for( 'show_register' ) )
+        unless $c->config->{register}{enable_open};
 }

 #==
-# POST /register | do_register
+# POST /register/open | do_register_open
 #       name             | The name of the person who is registering an account
 #       email            | The email address of the person registering the account
 #       password         | The password they would like to use
 #       password_confirm | The same password again, in case they don't know it for sure
-#       invite           | An invite code -- required when config->{register}->{require_invite} is true
+#
+# Create an account for the user and login to that account once it has been created.
+#==
+sub do_register_open ( $c ) {
+    my $name      = $c->stash->{form}->{name}             = $c->param('name');
+    my $email     = $c->stash->{form}->{email}            = $c->param('email');
+    my $password  = $c->stash->{form}->{password}         = $c->param('password');
+    my $p_confirm = $c->stash->{form}->{password_confirm} = $c->param('password_confirm');
+
+    # Don't allow this user registration method unless register.enable_open is true.
+    return $c->redirect_to( $c->url_for( 'show_register' ) )
+        unless $c->config->{register}{enable_open};
+
+    push @{$c->stash->{errors}}, "Name is required"             unless $name;
+    push @{$c->stash->{errors}}, "Email is required"            unless $email;
+    push @{$c->stash->{errors}}, "Password is required"         unless $password;
+    push @{$c->stash->{errors}}, "Confirm Password is required" unless $p_confirm;
+    
+    return $c->redirect_error( 'show_register' )
+        if $c->stash->{errors};
+
+    push @{$c->stash->{errors}}, "Password and confirm password must match"
+        unless $p_confirm eq $password;
+
+    push @{$c->stash->{errors}}, "Password must be at least 8 characters"
+        unless length($password) >= 8;
+    
+    push @{$c->stash->{errors}}, "That email address is already registered."
+        if $c->db->people( { email => $email } )->count;
+    
+    return $c->redirect_error( 'show_register_open' )
+        if $c->stash->{errors};
+
+    my $person = try {
+        $c->db->storage->schema->txn_do( sub {
+            my $person = $c->db->resultset('Person')->create({
+                email     => $c->param('email'),
+                name      => $c->param('name'),
+            });
+            $person->new_related('auth_password', {})->set_password($c->param('password'));
+
+            # Notify the system about the new account.
+            $c->db->system_notes->create({
+                source => 'User Registration (Open)',
+                content => 'An account was created for ' . $person->email,
+            });
+
+            return $person;
+        });
+    } catch {
+        push @{$c->stash->{errors}}, "Account could not be created: $_";
+    };
+    
+    return $c->redirect_error( 'show_register_open' )
+        if $c->stash->{errors};
+
+    # Log the user in and send them to the dashboard.
+    $c->session->{uid} = $person->id;
+    $c->redirect_to( $c->url_for( 'show_dashboard' ) );
+}
+
+#==
+# GET /register/invite | show_register_invite | templates/auth/register_invite.html.ep
+#==
+sub register_invite ( $c ) {
+    $c->stash->{form}->{invite_code} ||= $c->param('code');
+    
+    # Don't allow this user registration method unless register.enable_invite is true.
+    return $c->redirect_to( $c->url_for( 'show_register' ) )
+        unless $c->config->{register}{enable_invite};
+}
+
+#==
+# POST /register/invite | do_register_invite
+#       name             | The name of the person who is registering an account
+#       email            | The email address of the person registering the account
+#       password         | The password they would like to use
+#       password_confirm | The same password again, in case they don't know it for sure
+#       invite           | A valid invite code
 #
 # Create an account for the user and login to that account once it has been created.
 #
 # If an invite code is used and is only valid once, it will be updated so it may no longer be used.
 #==
-sub do_register ( $c ) {
+sub do_register_invite ( $c ) {
    my $name      = $c->stash->{form}->{name}             = $c->param('name');
    my $email     = $c->stash->{form}->{email}            = $c->param('email');
    my $password  = $c->stash->{form}->{password}         = $c->param('password');
    my $p_confirm = $c->stash->{form}->{password_confirm} = $c->param('password_confirm');
    my $invite    = $c->stash->{form}->{invite_code}      = $c->param('invite_code');

+    # Don't allow this user registration method unless register.enable_invite is true.
+    return $c->redirect_to( $c->url_for( 'show_register' ) )
+        unless $c->config->{register}{enable_invite};
+
    push @{$c->stash->{errors}}, "Name is required"             unless $name;
    push @{$c->stash->{errors}}, "Email is required"            unless $email;
    push @{$c->stash->{errors}}, "Password is required"         unless $password;
    push @{$c->stash->{errors}}, "Confirm Password is required" unless $p_confirm;
-    
-    if ( $c->config->{register}->{require_invite} ) {
-        push @{$c->stash->{errors}}, "Invite code is required" unless $invite;
-    }
+    push @{$c->stash->{errors}}, "Invite code is required"      unless $invite;

    return $c->redirect_error( 'show_register' )
        if $c->stash->{errors};
@ -57,12 +157,10 @@ sub do_register ( $c ) {
    push @{$c->stash->{errors}}, "That email address is already registered."
        if $c->db->people( { email => $email } )->count;
    
-    if ( $c->config->{register}->{require_invite} ) {
-        push @{$c->stash->{errors}}, "That invite code is not valid."
-            unless $c->db->invites( { code => $invite, is_active => 1 } )->count >= 1;
-    }
+    push @{$c->stash->{errors}}, "That invite code is not valid."
+        unless $c->db->invites( { code => $invite, is_active => 1 } )->count >= 1;
    
-    return $c->redirect_error( 'show_register' )
+    return $c->redirect_error( 'show_register_invite' )
        if $c->stash->{errors};

    my $person = try {
@ -75,17 +173,15 @@ sub do_register ( $c ) {

            # Notify the system about the new account.
            $c->db->system_notes->create({
-                source => 'User Registration',
+                source => 'User Registration (Invite)',
                content => 'An account was created for ' . $person->email,
            });

            # If a one-time use invite code was used, invalidate it.
-            if ( $c->config->{register}->{require_invite} ) {
-                my $invite = $c->db->invites( { code => $invite, is_active => 1 } )->first;
-                if ( $invite->is_one_time_use ) {
-                    $invite->is_active( 0 );
-                    $invite->update;
-                }
+            my $invite_record = $c->db->invites( { code => $invite, is_active => 1 } )->first;
+            if ( $invite_record->is_one_time_use ) {
+                $invite_record->is_active( 0 );
+                $invite_record->update;
            }
            
            return $person;
@ -94,7 +190,7 @@ sub do_register ( $c ) {
        push @{$c->stash->{errors}}, "Account could not be created: $_";
    };
    
-    return $c->redirect_error( 'show_register' )
+    return $c->redirect_error( 'show_register_invite' )
        if $c->stash->{errors};

    # Log the user in and send them to the dashboard.
--- a/Web/templates/auth/register_invite.html.ep
+++ b/Web/templates/auth/register_invite.html.ep
@ -30,13 +30,11 @@
        value => $c->stash->{form}->{password_confirm}
    %>
    
-    % if ( $c->config->{register}->{require_invite} ) {
    <%= include '_base/form/input', type => 'text', name => 'invite_code', 
        title => 'Invitation Code', 
        help  => '',
        value => $c->stash->{form}->{invite_code}
    %>
-    % }

    <button type="submit" class="btn btn-primary float-end">Create Account</button>
 </form>
--- a/Web/templates/auth/register_open.html.ep
+++ b/Web/templates/auth/register_open.html.ep
@ -0,0 +1,35 @@
+% layout 'standard', title => 'Register', sb_active => 'register';
+
+<h2 class="mt-5 display-6 mb-4">Create an account</h2>
+
+%= include '_base/status_window';
+
+<form autocomplete="off" style="margin-top: 1.5em" method="POST" action="<%= $c->url_for( 'do_register_open' ) %>">
+
+    <%= include '_base/form/input', type => 'text', name => 'name', 
+        title => 'Your name', 
+        help  => '',
+        value => $c->stash->{form}->{name}
+    %>
+
+    <%= include '_base/form/input', type => 'email', name => 'email', 
+        title => 'Email Address', 
+        help  => '',
+        value => $c->stash->{form}->{email}
+    %>
+    
+    <%= include '_base/form/input', type => 'password', name => 'password', 
+        title => 'Password', 
+        help  => '',
+        value => $c->stash->{form}->{password}
+    %>
+    
+    <%= include '_base/form/input', type => 'password', name => 'password_confirm', 
+        title => 'Confirm Password', 
+        help  => '',
+        value => $c->stash->{form}->{password_confirm}
+    %>
+
+    <button type="submit" class="btn btn-primary float-end">Create Account</button>
+</form>
+