Initial commit
This commit is contained in:
monoadmin
72
app/api/invites/accept/route.ts
Normal file
72
app/api/invites/accept/route.ts
Normal file
@@ -0,0 +1,72 @@
|
||||
import { db } from '@/lib/db'
|
||||
import { invites, users } from '@/lib/db/schema'
|
||||
import { eq, and, isNull, gt } from 'drizzle-orm'
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import bcrypt from 'bcryptjs'
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
const { token, fullName, password } = await request.json()
|
||||
|
||||
if (!token || !fullName || !password) {
|
||||
return NextResponse.json({ error: 'Missing required fields' }, { status: 400 })
|
||||
}
|
||||
|
||||
if (password.length < 8) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Password must be at least 8 characters' },
|
||||
{ status: 400 }
|
||||
)
|
||||
}
|
||||
|
||||
// Validate invite
|
||||
const inviteResult = await db
|
||||
.select()
|
||||
.from(invites)
|
||||
.where(eq(invites.token, token))
|
||||
.limit(1)
|
||||
|
||||
const invite = inviteResult[0]
|
||||
|
||||
if (!invite) {
|
||||
return NextResponse.json({ error: 'Invalid invite link' }, { status: 400 })
|
||||
}
|
||||
if (invite.usedAt) {
|
||||
return NextResponse.json({ error: 'This invite has already been used' }, { status: 400 })
|
||||
}
|
||||
if (new Date(invite.expiresAt) < new Date()) {
|
||||
return NextResponse.json({ error: 'This invite has expired' }, { status: 400 })
|
||||
}
|
||||
|
||||
// Check if user with this email already exists
|
||||
const existingUser = await db
|
||||
.select({ id: users.id })
|
||||
.from(users)
|
||||
.where(eq(users.email, invite.email))
|
||||
.limit(1)
|
||||
|
||||
if (existingUser.length > 0) {
|
||||
return NextResponse.json(
|
||||
{ error: 'An account with this email already exists' },
|
||||
{ status: 409 }
|
||||
)
|
||||
}
|
||||
|
||||
const passwordHash = await bcrypt.hash(password, 12)
|
||||
|
||||
const newUser = await db
|
||||
.insert(users)
|
||||
.values({
|
||||
email: invite.email,
|
||||
passwordHash,
|
||||
fullName: fullName.trim(),
|
||||
})
|
||||
.returning({ id: users.id })
|
||||
|
||||
// Mark invite as used
|
||||
await db
|
||||
.update(invites)
|
||||
.set({ usedAt: new Date(), usedBy: newUser[0].id })
|
||||
.where(eq(invites.token, token))
|
||||
|
||||
return NextResponse.json({ success: true })
|
||||
}
|
||||
Reference in New Issue
Block a user