fix: add check if user is already created for /user/add endpoint

GoodDollar · Oct 31, 2019 · 41f1148 · 41f1148
1 parent d661214
commit 41f1148
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 3 deletions.
diff --git a/src/server/db/mongo/models/user-private.js b/src/server/db/mongo/models/user-private.js
@@ -37,6 +37,9 @@ export const UserPrivateSchema = new mongoose.Schema({
   },
   emailVerificationCode: {
     type: String
+  },
+  createdDate: {
+    type: Date
   }
 })
 

diff --git a/src/server/storage/__tests__/storageAPI.js b/src/server/storage/__tests__/storageAPI.js
@@ -38,7 +38,7 @@ describe('storageAPI', () => {
     await UserDBPrivate.updateUser({ identifier: '0x7ac080f6607405705aed79675789701a48c76f55', mauticId: mauticId })
     const user: UserRecord = {
       identifier: '0x7ac080f6607405705aed79675789701a48c76f55',
-      email: 'useraddtest1@gooddollar.org' // required for mautic create contact
+      email: 'useraddtest@gooddollar.org' // required for mautic create contact
     }
     let res = await request(server)
       .post('/user/add')

diff --git a/src/server/storage/storageAPI.js b/src/server/storage/storageAPI.js
@@ -39,13 +39,17 @@ const setup = (app: Router, storage: StorageAPI) => {
       )
         throw new Error('User email or mobile not verified!')
 
+      if (!conf.allowDuplicateUserData && userRecord.createdDate) {
+        throw new Error('You cannot create more than 1 account with the same credentials')
+      }
+
       const { email, mobile, ...bodyUser } = body.user
 
       const user: UserRecord = defaults(bodyUser, {
         identifier: userRecord.loggedInAs,
         createdDate: new Date().toString(),
-        email: get('userRecord', 'otp.email', email), //for development/test use email from body
-        mobile: get('userRecord', 'otp.mobile', mobile) //for development/test use mobile from body
+        email: get(userRecord, 'otp.email', email), //for development/test use email from body
+        mobile: get(userRecord, 'otp.mobile', mobile) //for development/test use mobile from body
       })
 
       if (conf.disableFaceVerification) {