Security: - Add auth + file type/size validation to upload API - Add admin auth to /api/admin/ endpoints - Add SSRF protection to scrape action - Whitelist fields in PUT /api/notes/[id] to prevent mass assignment - Protect /lab, /agents, /chat, /canvas, /notebooks routes in middleware AI provider fixes: - Add deepseek/openrouter to factory ProviderType (was silently falling back to ollama) - Fix title-suggestion.service.ts to use factory instead of hardcoded OpenAI - Fix getAIProvider→getChatProvider in memory-echo, notebook-summary, agent-executor - Fix getAIProvider→getTagsProvider in notebook-suggestion, title-suggestions, transform-markdown Functional bugs: - Fix ALLOW_REGISTRATION AND→OR logic - Fix note-editor.tsx passing stale props to useAutoTagging instead of local state - Fix stale Note.embedding type (migrated to NoteEmbedding table) - Remove hardcoded SQLite path from prisma.ts Frontend: - Add AbortController to useAutoTagging and useTitleSuggestions hooks - Add error rollback to optimistic UI in note-inline-editor - Remove stale closure over notebookId/language in useAutoTagging Cleanup: - Rename docker-compose from keepnotes→memento - Remove unused unstable_cache import from config.ts - Remove dead useUndoRedo hook - Fix TagSuggestion type (add isNewLabel, reasoning) - Remove dead AIConfig/AIProviderType types - Fix ghost-tags unused isEmpty var and as any cast - Fix note-editor titleSuggestions typed as any[] Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
64 lines
1.9 KiB
TypeScript
64 lines
1.9 KiB
TypeScript
'use server';
|
|
|
|
import bcrypt from 'bcryptjs';
|
|
import prisma from '@/lib/prisma';
|
|
import { z } from 'zod';
|
|
import { redirect } from 'next/navigation';
|
|
import { getSystemConfig } from '@/lib/config';
|
|
|
|
const RegisterSchema = z.object({
|
|
email: z.string().email(),
|
|
password: z.string().min(6),
|
|
name: z.string().min(2),
|
|
});
|
|
|
|
export async function register(prevState: string | undefined, formData: FormData) {
|
|
// Check if registration is allowed
|
|
const config = await getSystemConfig();
|
|
const allowRegister = config.ALLOW_REGISTRATION !== 'false' || process.env.ALLOW_REGISTRATION !== 'false';
|
|
|
|
if (!allowRegister) {
|
|
return 'Registration is currently disabled by the administrator.';
|
|
}
|
|
|
|
const validatedFields = RegisterSchema.safeParse({
|
|
email: formData.get('email'),
|
|
password: formData.get('password'),
|
|
name: formData.get('name'),
|
|
});
|
|
|
|
if (!validatedFields.success) {
|
|
return 'Invalid fields. Failed to register.';
|
|
}
|
|
|
|
const { email, password, name } = validatedFields.data;
|
|
|
|
try {
|
|
const existingUser = await prisma.user.findUnique({ where: { email: email.toLowerCase() } });
|
|
if (existingUser) {
|
|
return 'User already exists.';
|
|
}
|
|
|
|
const hashedPassword = await bcrypt.hash(password, 10);
|
|
|
|
await prisma.user.create({
|
|
data: {
|
|
email: email.toLowerCase(),
|
|
password: hashedPassword,
|
|
name,
|
|
},
|
|
});
|
|
|
|
// Attempt to sign in immediately after registration
|
|
// We cannot import signIn here directly if it causes circular deps or issues,
|
|
// but usually it works. If not, redirecting to login is fine.
|
|
// Let's stick to redirecting to login but with a clear success message?
|
|
// Or better: lowercase the email to fix the potential bug.
|
|
} catch (error) {
|
|
console.error('Registration Error:', error);
|
|
return 'Database Error: Failed to create user.';
|
|
}
|
|
|
|
redirect('/login');
|
|
}
|