Enable registrations, require proof-of-work

2026-01-06 15:14:23 +01:00 · 2023-09-10 15:07:31 -05:00
parent 35b91812fc
commit 052c00821d
6 changed files with 87 additions and 16 deletions
--- a/src/controllers/api/accounts.ts
+++ b/src/controllers/api/accounts.ts
@@ -1,4 +1,5 @@
 import { type AppController } from '@/app.ts';
+import { Conf } from '@/config.ts';
 import { type Filter, findReplyTag, z } from '@/deps.ts';
 import * as mixer from '@/mixer.ts';
 import { getAuthor, getFollowedPubkeys, getFollows, syncUser } from '@/queries.ts';
@@ -9,9 +10,37 @@ import { isFollowing, lookupAccount, Time } from '@/utils.ts';
 import { paginated, paginationSchema, parseBody } from '@/utils/web.ts';
 import { createEvent } from '@/utils/web.ts';
 import { renderEventAccounts } from '@/views.ts';
+import { insertUser } from '@/db/users.ts';

-const createAccountController: AppController = (c) => {
-  return c.json({ error: 'Please log in with Nostr.' }, 405);
+const usernameSchema = z
+  .string().min(1).max(30)
+  .regex(/^[a-z0-9_]+$/i)
+  .refine((username) => !Conf.forbiddenUsernames.includes(username), 'Username is reserved.');
+
+const createAccountSchema = z.object({
+  username: usernameSchema,
+});
+
+const createAccountController: AppController = async (c) => {
+  const pubkey = c.get('pubkey')!;
+  const result = createAccountSchema.safeParse(await c.req.json());
+
+  if (!result.success) {
+    return c.json({ error: 'Bad request', schema: result.error }, 400);
+  }
+
+  try {
+    await insertUser({
+      pubkey,
+      username: result.data.username,
+      inserted_at: new Date(),
+      admin: 0,
+    });
+
+    return new Response();
+  } catch (_e) {
+    return c.json({ error: 'Username already taken.' }, 422);
+  }
 };

 const verifyCredentialsController: AppController = async (c) => {