add support to limit registration to invite codes

author: Pinapelz <yukais@pinapelz.com> 2025-11-07 22:46:34 -0800
committer: Pinapelz <yukais@pinapelz.com> 2025-11-07 22:46:34 -0800
commit: 91c737c907f174b5252877876126a8b81e6cb831 (patch)
tree: 2529ded98423308a15d96256dc0f1688f12b69c8 /backend/src
parent: 5963d4904cb6e4abe1b379e85a8a29cf03ade6a8 (diff)
3 files changed, 60 insertions, 1 deletions
diff --git a/backend/src/index.ts b/backend/src/index.ts
index c0089c2..9511f28 100644
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@@ -11,6 +11,7 @@ import * as userRoutes from './routes/user';
 import * as gameRoutes from './routes/game';
 import * as scoreRoutes from './routes/score';
 import * as adminRoutes from './routes/admin';
+import * as serverRoutes from './routes/server';
 
 const app = express();
 const port = 5000;
@@ -48,6 +49,8 @@ startSessionCleanup();
 app.post('/api/register', authRoutes.handleRegistration);
 app.post('/api/authenticate', authRoutes.handleAuthentication);
 app.post('/api/logout', requireAuth, authRoutes.handleLogout);
+app.get('/api/info', serverRoutes.handleGetInstanceInfo);
+app.post('/api/admin/createInvite', serverRoutes.handleCreateInviteCode);
 
 app.get('/api/me', userRoutes.handleMeRoute);
 app.get('/api/session', userRoutes.handleGetCurrentSession);
diff --git a/backend/src/routes/auth.ts b/backend/src/routes/auth.ts
index f857dea..8bc6274 100644
--- a/backend/src/routes/auth.ts
+++ b/backend/src/routes/auth.ts
@@ -6,12 +6,24 @@ import crypto from 'crypto';
 
 export const handleRegistration = async (req: express.Request, res: express.Response) => {
   try {
-    const { username, password, email } = req.body;
+    const { username, password, email, code: inviteCode } = req.body;
+    const requireInvite = process.env.REQUIRE_INVITE === 'true';
 
     if (!username || !password || !email) {
       return res.status(400).json({ error: 'All fields are required' });
     }
 
+    if (requireInvite && !inviteCode) {
+      return res.status(400).json({ error: 'Invite code is required' });
+    }
+
+    if (requireInvite && inviteCode) {
+      const invite = await prisma.inviteCodes.findUnique({ where: { code: inviteCode } });
+      if (!invite || invite.remaining <= 0) {
+        return res.status(400).json({ error: 'Invalid invite code' });
+      }
+    }
+
     const existingUser = await prisma.user.findFirst({
       where: {
         OR: [
@@ -38,6 +50,14 @@ export const handleRegistration = async (req: express.Request, res: express.Resp
       }
     });
 
+    // Decrement invite code usage if required
+    if (requireInvite && inviteCode) {
+      await prisma.inviteCodes.update({
+        where: { code: inviteCode },
+        data: { remaining: { decrement: 1 } }
+      });
+    }
+
     // Create session for the new user
     req.session.userId = user.id;
     const sessionId = await createSession(user.id);
diff --git a/backend/src/routes/server.ts b/backend/src/routes/server.ts
new file mode 100644
index 0000000..7377fff
--- /dev/null
+++ b/backend/src/routes/server.ts
@@ -0,0 +1,36 @@
+import { prisma } from '../config/db';
+import express from 'express';
+
+export const handleGetInstanceInfo = async (req: express.Request, res: express.Response) => {
+  try {
+    const userCount = await prisma.user.count();
+    const requireInvite = process.env.REQUIRE_INVITE || false;
+    return res.status(200).json({ userCount, requireInvite });
+  } catch (error) {
+    console.error('Unable to get instance info:', error);
+    res.status(500).json({ error: 'Internal server error' });
+  }
+}
+
+export const handleCreateInviteCode = async (req: express.Request, res: express.Response) => {
+  try {
+    const { uses, code } = req.body;
+    if (!uses) {
+      return res.status(400).json({ error: 'Missing required parameter: uses (number of maximum usages of this code)' });
+    }
+    const codeAlreadyExists = await prisma.inviteCodes.findUnique({ where: { code } });
+    if (codeAlreadyExists) {
+      return res.status(400).json({ error: 'Invite code already exists' });
+    }
+    const inviteCode = await prisma.inviteCodes.create({
+      data: {
+        code: code || Math.random().toString(36).substring(2, 15),
+        remaining: uses,
+      },
+    });
+    return res.status(200).json({ inviteCode });
+  } catch (error) {
+    console.error('Unable to create invite code:', error);
+    res.status(500).json({ error: 'Internal server error' });
+  }
+}
author	Pinapelz <yukais@pinapelz.com>	2025-11-07 22:46:34 -0800
committer	Pinapelz <yukais@pinapelz.com>	2025-11-07 22:46:34 -0800
commit	91c737c907f174b5252877876126a8b81e6cb831 (patch)
tree	2529ded98423308a15d96256dc0f1688f12b69c8 /backend/src
parent	5963d4904cb6e4abe1b379e85a8a29cf03ade6a8 (diff)