From 622c5fee25e7d86914d343ca3f873dc4bd55ffad Mon Sep 17 00:00:00 2001
From: Akshay <nerdy@peppe.rs>
Date: Fri, 22 Nov 2024 19:48:31 +0000
Subject: rework invite and admins a bit

---
 src/routes/index.js | 24 +++++++++---------------
 1 file changed, 9 insertions(+), 15 deletions(-)

(limited to 'src/routes/index.js')

diff --git a/src/routes/index.js b/src/routes/index.js
index 9a415be..e585d3d 100644
--- a/src/routes/index.js
+++ b/src/routes/index.js
@@ -136,15 +136,6 @@ router.get("/create-invite", authenticateAdmin, async (req, res) => {
 	}
 
 	try {
-		db.run(`
-		  CREATE TABLE IF NOT EXISTS invites (
-		  	id INTEGER PRIMARY KEY AUTOINCREMENT,
-		  	token TEXT NOT NULL,
-		  	createdAt TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-		  	usedAt TIMESTAMP
-		  )
-	  `);
-
 		createInvite();
 		return res.redirect("/dashboard");
 	} catch (err) {
@@ -201,19 +192,22 @@ router.post("/register", validateInviteToken, async (req, res) => {
 	try {
 		const hashedPassword = await Bun.password.hash(password);
 
-		db.query(
-			"UPDATE invites SET usedAt = CURRENT_TIMESTAMP WHERE id = $id",
-		).run({
-			id: req.invite.id,
-		});
+		if (!req.isFirstUser) {
+			db.query(
+				"UPDATE invites SET usedAt = CURRENT_TIMESTAMP WHERE id = $id",
+			).run({
+				id: req.invite.id,
+			});
+		}
 
 		const insertedRecord = db
 			.query(
-				"INSERT INTO users (username, password_hash) VALUES ($username, $hashedPassword)",
+				"INSERT INTO users (username, password_hash, isAdmin) VALUES ($username, $hashedPassword, $isAdmin)",
 			)
 			.run({
 				username,
 				hashedPassword,
+				isAdmin: req.isFirstUser ? 1 : 0,
 			});
 		const id = insertedRecord.lastInsertRowid;
 		const token = jwt.sign({ username, id }, JWT_KEY, { expiresIn: "5d" });
-- 
cgit v1.2.3