fix creating collaborator account

primocms · Aug 26, 2023 · 151d73d · 151d73d
1 parent 1373a4d
commit 151d73d
Show file tree

Hide file tree

Showing 5 changed files with 45 additions and 53 deletions.
diff --git a/src/routes/api/invitations/+server.js b/src/routes/api/invitations/+server.js
@@ -1,30 +1,39 @@
-import { json } from '@sveltejs/kit';
+import { json } from '@sveltejs/kit'
 import supabase_admin from '$lib/supabase/admin'
 
 export async function POST({ request }) {
-  const {url, site = null, server_invitation, role, email} = await request.json();
+  const {
+    url,
+    site = null,
+    server_invitation,
+    role,
+    email,
+  } = await request.json()
 
-  const { data, error } = await supabase_admin.auth.admin.inviteUserByEmail(email, { redirectTo: `${url}/auth/set-password?email=${email}` })
+  const { data, error } = await supabase_admin.auth.admin.inviteUserByEmail(
+    email,
+    { redirectTo: `${url}/auth/set-password?email=${email}` }
+  )
 
   if (!error) {
+    await supabase_admin.from('users').insert({
+      id: data.user.id,
+      email: data.user.email,
+    })
 
-    await supabase_admin
-      .from('users')
-      .insert({ 
-        id: data.user.id, 
-        email: data.user.email 
-      })
-
     // Add to 'server_members' or 'collaborators'
-    const {error} = server_invitation ? 
-      await supabase_admin.from('server_members').insert({ user: data.user.id, role }) :
-      await supabase_admin.from('collaborators').insert({ site, user: data.user.id, role })
+    const { error } = server_invitation
+      ? await supabase_admin
+          .from('server_members')
+          .insert({ user: data.user.id, role })
+      : await supabase_admin
+          .from('collaborators')
+          .insert({ site, user: data.user.id, role })
 
     console.error(error)
-    return json({success: !error, error: error?.message});
+    return json({ success: !error, error: error?.message })
   } else {
     console.error(error)
-    return json({success: false, error: error.message});
+    return json({ success: false, error: error.message })
   }
-
 }
diff --git a/src/routes/auth/SignIn.svelte b/src/routes/auth/SignIn.svelte
@@ -17,12 +17,6 @@
       <span>Password</span>
       <input bind:value={password} type="password" name="password" />
     </label>
-    <input
-      name="invitation_id"
-      type="text"
-      class="hidden"
-      value={$page.url.searchParams.get('join')}
-    />
   </div>
   <button class="button" type="submit">
     {#if !$navigating}

diff --git a/src/routes/auth/SignUp.svelte b/src/routes/auth/SignUp.svelte
@@ -26,12 +26,6 @@
       <span>Confirm Password</span>
       <input bind:value={password_confirmation} type="password" />
     </label>
-    <input
-      name="invitation_id"
-      type="text"
-      class="hidden"
-      value={$page.url.searchParams.get('join')}
-    />
   </div>
   <button class="button" type="submit" {disabled}>
     {#if !$navigating}

diff --git a/src/routes/auth/set-password/+page.server.js b/src/routes/auth/set-password/+page.server.js
@@ -1,26 +1,30 @@
 import supabase_admin from '$lib/supabase/admin'
-import {redirect} from '@sveltejs/kit'
+import { redirect } from '@sveltejs/kit'
 
 /** @type {import('./$types').Actions} */
 export const actions = {
-  default: async ({ request, locals }) => {
-    const { session } = locals
+  default: async ({ request, locals: { supabase } }) => {
+    const form_data = await request.formData()
+    const email = form_data.get('email')
+    const password = form_data.get('password')
 
-    const form_data = await request.formData();
-    const email = form_data.get('email');
-    const password = form_data.get('password');
+    const { data } = await supabase_admin
+      .from('users')
+      .select('id')
+      .eq('email', email)
+      .single()
 
-    const { data, error } = await supabase_admin.auth.admin.updateUserById(
-      session.user.id,
-      { password }
-    )
+    const { error } = await supabase_admin.auth.admin.updateUserById(data.id, {
+      password,
+    })
 
     await supabase_admin.from('invitations').delete().match({ email })
 
     if (!error) {
+      await supabase.auth.signInWithPassword({ email, password })
       throw redirect(303, '/')
     }
 
-    return { success: !error, error };
-  }
-};
+    return { success: !error, error }
+  },
+}
diff --git a/src/routes/auth/set-password/+page.svelte b/src/routes/auth/set-password/+page.svelte
@@ -33,22 +33,17 @@
       <div class="fields">
         <label>
           <span>Email</span>
-          <input bind:value={email} type="text" name="email" disabled />
+          <input bind:value={email} type="email" disabled />
+          <input value={email} type="hidden" name="email" />
         </label>
         <label>
           <span>Password</span>
-          <input bind:value={password} type="password" name="email" />
+          <input bind:value={password} type="password" />
         </label>
         <label>
           <span>Confirm Password</span>
           <input bind:value={password_again} type="password" name="password" />
         </label>
-        <input
-          name="invitation_id"
-          type="text"
-          class="hidden"
-          value={$page.url.searchParams.get('join')}
-        />
       </div>
       <button
         class="button"
@@ -137,10 +132,6 @@
       padding: 0.75rem;
       background-color: #1c1c1c;
       font-size: 1rem;
-
-      &.hidden {
-        display: none;
-      }
     }
 
     .button {