Skip to content

Commit f40d80e

Browse files
megothmegoth
committed
Conditionally enforcing acceptToc when creating account
1 parent b02bf0d commit f40d80e

File tree

5 files changed

+854
-32
lines changed

5 files changed

+854
-32
lines changed

lib/create-app.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,8 @@ function initAppLocals (app, argv, ldp) {
124124
app.locals.authMethod = argv.auth
125125
app.locals.localAuth = argv.localAuth
126126
app.locals.tokenService = new TokenService()
127+
app.locals.enforceToc = argv.enforceToc
128+
app.locals.tocUri = argv.tocUri
127129

128130
if (argv.email && argv.email.host) {
129131
app.locals.emailService = new EmailService(argv.templates.email, argv.email)

lib/requests/auth-request.js

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@ class AuthRequest {
8888

8989
let authQueryParams = AuthRequest.extractAuthParams(req)
9090
let returnToUrl = AuthRequest.parseParameter(req, 'returnToUrl')
91+
const acceptToc = AuthRequest.parseParameter(req, 'acceptToc')
9192

9293
let options = {
9394
response: res,
@@ -96,7 +97,8 @@ class AuthRequest {
9697
accountManager,
9798
returnToUrl,
9899
authQueryParams,
99-
localAuth
100+
localAuth,
101+
acceptToc
100102
}
101103

102104
return options

lib/requests/create-account-request.js

Lines changed: 28 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -28,12 +28,14 @@ class CreateAccountRequest extends AuthRequest {
2828
* this url on successful account creation
2929
* @param [options.enforceToc] {boolean} Whether or not to enforce the service provider's T&C
3030
* @param [options.tocUri] {string} URI to the service provider's T&C
31+
* @param [options.acceptToc] {boolean} Whether or not user has accepted T&C
3132
*/
3233
constructor (options) {
3334
super(options)
3435

3536
this.username = options.username
3637
this.userAccount = options.userAccount
38+
this.acceptToc = options.acceptToc === 'true'
3739
}
3840

3941
/**
@@ -47,7 +49,7 @@ class CreateAccountRequest extends AuthRequest {
4749
* `userAccountFrom()`), or it encounters an unsupported authentication
4850
* scheme.
4951
*
50-
* @return {CreateAccountRequest|CreateTlsAccountRequest}
52+
* @return {CreateOidcAccountRequest|CreateTlsAccountRequest}
5153
*/
5254
static fromParams (req, res) {
5355
let options = AuthRequest.requestOptions(req, res)
@@ -63,9 +65,8 @@ class CreateAccountRequest extends AuthRequest {
6365
options.userAccount = accountManager.userAccountFrom(body)
6466
}
6567

66-
const config = require('../../config')
67-
options.enforceToc = config.enforceToc
68-
options.tocUri = config.tocUri
68+
options.enforceToc = locals.enforceToc
69+
options.tocUri = locals.tocUri
6970

7071
switch (authMethod) {
7172
case 'oidc':
@@ -79,13 +80,15 @@ class CreateAccountRequest extends AuthRequest {
7980
}
8081
}
8182

82-
static post (req, res) {
83+
static async post (req, res) {
8384
let request = CreateAccountRequest.fromParams(req, res)
8485

85-
return Promise.resolve()
86-
.then(() => request.validate())
87-
.then(() => request.createAccount())
88-
.catch(error => request.error(error))
86+
try {
87+
request.validate()
88+
await request.createAccount()
89+
} catch (error) {
90+
request.error(error)
91+
}
8992
}
9093

9194
static get (req, res) {
@@ -231,6 +234,7 @@ class CreateOidcAccountRequest extends CreateAccountRequest {
231234
*
232235
* @param [options={}] {Object} See `CreateAccountRequest` constructor docstring
233236
* @param [options.password] {string} Password, as entered by the user at signup
237+
* @param [options.acceptToc] {boolean} Whether or not user has accepted T&C
234238
*/
235239
constructor (options) {
236240
super(options)
@@ -258,6 +262,13 @@ class CreateOidcAccountRequest extends CreateAccountRequest {
258262
error.statusCode = 400
259263
throw error
260264
}
265+
266+
// console.log(this.enforceToc, this.acceptToc)
267+
if (this.enforceToc && !this.acceptToc) {
268+
error = new Error('Accepting Terms & Conditions are required for this service')
269+
error.statusCode = 400
270+
throw error
271+
}
261272
}
262273

263274
/**
@@ -297,6 +308,7 @@ class CreateTlsAccountRequest extends CreateAccountRequest {
297308
*
298309
* @param [options={}] {Object} See `CreateAccountRequest` constructor docstring
299310
* @param [options.spkac] {string}
311+
* @param [options.acceptToc] {boolean} Whether or not user has accepted T&C
300312
*/
301313
constructor (options) {
302314
super(options)
@@ -306,7 +318,7 @@ class CreateTlsAccountRequest extends CreateAccountRequest {
306318
}
307319

308320
/**
309-
* Validates the Login request (makes sure required parameters are present),
321+
* Validates the Signup request (makes sure required parameters are present),
310322
* and throws an error if not.
311323
*
312324
* @throws {Error} If missing required params
@@ -319,6 +331,12 @@ class CreateTlsAccountRequest extends CreateAccountRequest {
319331
error.statusCode = 400
320332
throw error
321333
}
334+
335+
if (this.enforceToc && !this.acceptToc) {
336+
error = new Error('Accepting Terms & Conditions are required for this service')
337+
error.statusCode = 400
338+
throw error
339+
}
322340
}
323341

324342
/**

0 commit comments

Comments
 (0)