Added signup page.

src/auth.js

@@ -41,7 +41,10 @@ export async function login(credentials) {
 		throw new HttpError('Authentication is disabled', 405);
 	}
 
-	const user = await fetchUser(credentials.username.trim(), true);
+	const user = await fetchUser(credentials.username.trim(), {
+		email: true,
+		raw: true,
+	});
 
 	if (!user) {
 		throw new HttpError('Username or password incorrect', 401);
@@ -92,8 +95,8 @@ export async function signup(credentials) {
 	}
 
 	const existingUser = await knex('users')
-		.where('username', curatedUsername)
-		.orWhere('email', credentials.email)
+		.where(knex.raw('lower(username)'), curatedUsername.toLowerCase())
+		.orWhere(knex.raw('lower(email)'), credentials.email.toLowerCase())
 		.first();
 
 	if (existingUser) {
@@ -120,5 +123,10 @@ export async function signup(credentials) {
 		primary: true,
 	});
 
+	await generateAvatar({
+		id: userId,
+		username: curatedUsername,
+	});
+
 	return fetchUser(userId);
 }

src/users.js

@@ -23,7 +23,7 @@ export function curateUser(user) {
 	return curatedUser;
 }
 
-export async function fetchUser(userId, raw) {
+export async function fetchUser(userId, options = {}) {
 	const user = await knex('users')
 		.select(knex.raw('users.*, users_roles.abilities as role_abilities, COALESCE(json_agg(stashes ORDER BY stashes.created_at) FILTER (WHERE stashes.id IS NOT NULL), \'[]\') as stashes'))
 		.modify((builder) => {
@@ -32,9 +32,11 @@ export async function fetchUser(userId, raw) {
 			}
 
 			if (typeof userId === 'string') {
-				builder
-					.where('users.username', userId)
-					.orWhere('users.email', userId);
+				builder.where(knex.raw('lower(users.username)'), userId.toLowerCase());
+
+				if (options.email) {
+					builder.orWhere(knex.raw('lower(users.email)'), userId.toLowerCase());
+				}
 			}
 		})
 		.leftJoin('users_roles', 'users_roles.role', 'users.role')
@@ -42,7 +44,7 @@ export async function fetchUser(userId, raw) {
 		.groupBy('users.id', 'users_roles.role')
 		.first();
 
-	if (raw) {
+	if (options.raw) {
 		return user;
 	}
 

src/web/auth.js

@@ -11,8 +11,6 @@ export async function setUserApi(req, res, next) {
 }
 
 export async function loginApi(req, res) {
-	console.log('login!', req.body);
-
 	const user = await login(req.body);
 
 	req.session.user = user;

src/web/server.js

@@ -34,6 +34,7 @@ import {
 	setUserApi,
 	loginApi,
 	logoutApi,
+	signupApi,
 } from './auth.js';
 
 import initLogger from '../logger.js';
@@ -89,21 +90,22 @@ export default async function initServer() {
 		router.use(viteDevMiddleware);
 	}
 
-	router.get('/api/scenes', fetchScenesApi);
-
-	router.get('/api/actors', fetchActorsApi);
-
-	router.get('/api/movies', fetchMoviesApi);
-
+	// SESSION
 	router.post('/api/session', loginApi);
 	router.delete('/api/session', logoutApi);
 
-	// ...
-	// Other middlewares (e.g. some RPC middleware such as Telefunc)
-	// ...
+	// USERS
+	router.post('/api/users', signupApi);
+
+	// SCENES
+	router.get('/api/scenes', fetchScenesApi);
+
+	// ACTORS
+	router.get('/api/actors', fetchActorsApi);
+
+	// MOVIES
+	router.get('/api/movies', fetchMoviesApi);
 
-	// Vike middleware. It should always be our last middleware (because it's a
-	// catch-all middleware superseding any middleware placed after it).
 	router.get('*', async (req, res, next) => {
 		const pageContextInit = {
 			urlOriginal: req.originalUrl,