2014-12-29 06:36:08 -06:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
2015-08-27 06:59:58 -05:00
|
|
|
"github.com/grafana/grafana/pkg/api/dtos"
|
2015-02-05 03:37:13 -06:00
|
|
|
"github.com/grafana/grafana/pkg/bus"
|
2015-06-08 10:56:56 -05:00
|
|
|
"github.com/grafana/grafana/pkg/events"
|
2019-02-23 16:35:26 -06:00
|
|
|
"github.com/grafana/grafana/pkg/infra/metrics"
|
2015-02-05 03:37:13 -06:00
|
|
|
m "github.com/grafana/grafana/pkg/models"
|
|
|
|
"github.com/grafana/grafana/pkg/setting"
|
2015-08-27 06:59:58 -05:00
|
|
|
"github.com/grafana/grafana/pkg/util"
|
2014-12-29 06:36:08 -06:00
|
|
|
)
|
|
|
|
|
2015-08-31 04:35:07 -05:00
|
|
|
// GET /api/user/signup/options
|
2018-03-07 10:54:50 -06:00
|
|
|
func GetSignUpOptions(c *m.ReqContext) Response {
|
2018-03-22 16:13:46 -05:00
|
|
|
return JSON(200, util.DynMap{
|
2015-08-31 04:35:07 -05:00
|
|
|
"verifyEmailEnabled": setting.VerifyEmailEnabled,
|
|
|
|
"autoAssignOrg": setting.AutoAssignOrg,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2015-01-27 08:14:53 -06:00
|
|
|
// POST /api/user/signup
|
2018-03-07 10:54:50 -06:00
|
|
|
func SignUp(c *m.ReqContext, form dtos.SignUpForm) Response {
|
2015-03-11 10:19:29 -05:00
|
|
|
if !setting.AllowUserSignUp {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(401, "User signup is disabled", nil)
|
2015-01-29 08:46:54 -06:00
|
|
|
}
|
2014-12-29 06:36:08 -06:00
|
|
|
|
2015-08-27 06:59:58 -05:00
|
|
|
existing := m.GetUserByLoginQuery{LoginOrEmail: form.Email}
|
|
|
|
if err := bus.Dispatch(&existing); err == nil {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(422, "User with same email address already exists", nil)
|
2015-08-27 06:59:58 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
cmd := m.CreateTempUserCommand{}
|
|
|
|
cmd.OrgId = -1
|
|
|
|
cmd.Email = form.Email
|
|
|
|
cmd.Status = m.TmpUserSignUpStarted
|
|
|
|
cmd.InvitedByUserId = c.UserId
|
2015-08-28 02:24:30 -05:00
|
|
|
cmd.Code = util.GetRandomString(20)
|
2015-08-27 06:59:58 -05:00
|
|
|
cmd.RemoteAddr = c.Req.RemoteAddr
|
2014-12-29 06:36:08 -06:00
|
|
|
|
2015-01-08 02:00:00 -06:00
|
|
|
if err := bus.Dispatch(&cmd); err != nil {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(500, "Failed to create signup", err)
|
2014-12-29 06:36:08 -06:00
|
|
|
}
|
|
|
|
|
2015-08-28 02:24:30 -05:00
|
|
|
bus.Publish(&events.SignUpStarted{
|
|
|
|
Email: form.Email,
|
|
|
|
Code: cmd.Code,
|
|
|
|
})
|
2015-01-21 02:52:40 -06:00
|
|
|
|
2017-09-06 04:23:52 -05:00
|
|
|
metrics.M_Api_User_SignUpStarted.Inc()
|
2015-08-28 02:24:30 -05:00
|
|
|
|
2018-03-22 16:13:46 -05:00
|
|
|
return JSON(200, util.DynMap{"status": "SignUpCreated"})
|
2015-08-28 02:24:30 -05:00
|
|
|
}
|
|
|
|
|
2019-01-15 08:15:52 -06:00
|
|
|
func (hs *HTTPServer) SignUpStep2(c *m.ReqContext, form dtos.SignUpStep2Form) Response {
|
2015-08-28 02:24:30 -05:00
|
|
|
if !setting.AllowUserSignUp {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(401, "User signup is disabled", nil)
|
2015-08-28 02:24:30 -05:00
|
|
|
}
|
|
|
|
|
2015-08-31 04:35:07 -05:00
|
|
|
createUserCmd := m.CreateUserCommand{
|
|
|
|
Email: form.Email,
|
|
|
|
Login: form.Username,
|
|
|
|
Name: form.Name,
|
|
|
|
Password: form.Password,
|
|
|
|
OrgName: form.OrgName,
|
2015-08-28 02:24:30 -05:00
|
|
|
}
|
|
|
|
|
2015-09-01 05:35:06 -05:00
|
|
|
// verify email
|
2015-08-31 04:35:07 -05:00
|
|
|
if setting.VerifyEmailEnabled {
|
|
|
|
if ok, rsp := verifyUserSignUpEmail(form.Email, form.Code); !ok {
|
|
|
|
return rsp
|
|
|
|
}
|
|
|
|
createUserCmd.EmailVerified = true
|
2015-08-28 02:24:30 -05:00
|
|
|
}
|
|
|
|
|
2015-09-01 05:35:06 -05:00
|
|
|
// check if user exists
|
2015-08-31 04:35:07 -05:00
|
|
|
existing := m.GetUserByLoginQuery{LoginOrEmail: form.Email}
|
2015-08-28 02:24:30 -05:00
|
|
|
if err := bus.Dispatch(&existing); err == nil {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(401, "User with same email address already exists", nil)
|
2015-08-28 02:24:30 -05:00
|
|
|
}
|
|
|
|
|
2015-09-01 05:35:06 -05:00
|
|
|
// dispatch create command
|
2015-08-28 08:14:24 -05:00
|
|
|
if err := bus.Dispatch(&createUserCmd); err != nil {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(500, "Failed to create user", err)
|
2015-08-28 08:14:24 -05:00
|
|
|
}
|
|
|
|
|
2015-08-30 11:56:53 -05:00
|
|
|
// publish signup event
|
|
|
|
user := &createUserCmd.Result
|
2015-08-28 08:14:24 -05:00
|
|
|
bus.Publish(&events.SignUpCompleted{
|
|
|
|
Email: user.Email,
|
|
|
|
Name: user.NameOrFallback(),
|
|
|
|
})
|
|
|
|
|
2015-08-31 04:35:07 -05:00
|
|
|
// mark temp user as completed
|
|
|
|
if ok, rsp := updateTempUserStatus(form.Code, m.TmpUserCompleted); !ok {
|
|
|
|
return rsp
|
2015-08-30 11:56:53 -05:00
|
|
|
}
|
|
|
|
|
2015-08-28 08:14:24 -05:00
|
|
|
// check for pending invites
|
2015-08-31 04:35:07 -05:00
|
|
|
invitesQuery := m.GetTempUsersQuery{Email: form.Email, Status: m.TmpUserInvitePending}
|
2015-08-28 08:14:24 -05:00
|
|
|
if err := bus.Dispatch(&invitesQuery); err != nil {
|
2018-03-22 16:13:46 -05:00
|
|
|
return Error(500, "Failed to query database for invites", err)
|
2015-08-28 08:14:24 -05:00
|
|
|
}
|
|
|
|
|
2016-02-12 18:01:03 -06:00
|
|
|
apiResponse := util.DynMap{"message": "User sign up completed successfully", "code": "redirect-to-landing-page"}
|
2015-08-30 11:56:53 -05:00
|
|
|
for _, invite := range invitesQuery.Result {
|
|
|
|
if ok, rsp := applyUserInvite(user, invite, false); !ok {
|
|
|
|
return rsp
|
|
|
|
}
|
|
|
|
apiResponse["code"] = "redirect-to-select-org"
|
|
|
|
}
|
|
|
|
|
2019-01-15 08:15:52 -06:00
|
|
|
hs.loginUserWithUser(user, c)
|
2017-09-06 04:23:52 -05:00
|
|
|
metrics.M_Api_User_SignUpCompleted.Inc()
|
2015-08-30 11:56:53 -05:00
|
|
|
|
2018-03-22 16:13:46 -05:00
|
|
|
return JSON(200, apiResponse)
|
2014-12-29 06:36:08 -06:00
|
|
|
}
|
2015-08-31 04:35:07 -05:00
|
|
|
|
|
|
|
func verifyUserSignUpEmail(email string, code string) (bool, Response) {
|
|
|
|
query := m.GetTempUserByCodeQuery{Code: code}
|
|
|
|
|
|
|
|
if err := bus.Dispatch(&query); err != nil {
|
|
|
|
if err == m.ErrTempUserNotFound {
|
2018-03-22 16:13:46 -05:00
|
|
|
return false, Error(404, "Invalid email verification code", nil)
|
2015-08-31 04:35:07 -05:00
|
|
|
}
|
2018-03-22 16:13:46 -05:00
|
|
|
return false, Error(500, "Failed to read temp user", err)
|
2015-08-31 04:35:07 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
tempUser := query.Result
|
|
|
|
if tempUser.Email != email {
|
2018-03-22 16:13:46 -05:00
|
|
|
return false, Error(404, "Email verification code does not match email", nil)
|
2015-08-31 04:35:07 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return true, nil
|
|
|
|
}
|