Aktueller Stand

app/api/register/route.ts

@@ -1,30 +1,89 @@
 import bcrypt from "bcryptjs";
 import { NextResponse } from "next/server";
+import { randomUUID } from "crypto";
 import { prisma } from "../../../lib/prisma";
-import { isAdminEmail } from "../../../lib/auth";
+import { isAdminEmail, isSuperAdminEmail } from "../../../lib/auth";
+import { sendMail } from "../../../lib/mailer";
 
 export async function POST(request: Request) {
+  const registrationSetting = await prisma.setting.findUnique({
+    where: { key: "registration_enabled" }
+  });
+  if (registrationSetting?.value === "false") {
+    return NextResponse.json(
+      { error: "Registrierung ist derzeit deaktiviert." },
+      { status: 403 }
+    );
+  }
+
   const body = await request.json();
   const { email, name, password } = body || {};
+  const normalizedEmail = String(email || "").trim().toLowerCase();
 
-  if (!email || !password) {
+  if (!normalizedEmail || !password) {
     return NextResponse.json({ error: "Email und Passwort sind erforderlich." }, { status: 400 });
   }
 
-  const existing = await prisma.user.findUnique({ where: { email } });
+  const existing = await prisma.user.findUnique({ where: { email: normalizedEmail } });
   if (existing) {
     return NextResponse.json({ error: "Account existiert bereits." }, { status: 409 });
   }
 
   const passwordHash = await bcrypt.hash(password, 10);
+  const superAdmin = isSuperAdminEmail(normalizedEmail);
+  const admin = isAdminEmail(normalizedEmail) || superAdmin;
+
   const user = await prisma.user.create({
     data: {
-      email,
+      email: normalizedEmail,
       name: name || null,
       passwordHash,
-      role: isAdminEmail(email) ? "ADMIN" : "USER"
+      role: superAdmin ? "SUPERADMIN" : admin ? "ADMIN" : "USER",
+      status: admin ? "ACTIVE" : "PENDING",
+      emailVerified: admin
     }
   });
 
+  const categories = await prisma.category.findMany({
+    select: { id: true }
+  });
+
+  const view = await prisma.userView.create({
+    data: {
+      name: "Meine Ansicht",
+      token: randomUUID(),
+      user: { connect: { id: user.id } }
+    }
+  });
+
+  if (categories.length > 0) {
+    await prisma.userViewCategory.createMany({
+      data: categories.map((category) => ({
+        viewId: view.id,
+        categoryId: category.id
+      }))
+    });
+  }
+
+  if (!admin) {
+    const token = randomUUID();
+    const expires = new Date(Date.now() + 24 * 60 * 60 * 1000);
+    await prisma.verificationToken.create({
+      data: {
+        identifier: normalizedEmail,
+        token,
+        expires
+      }
+    });
+
+    const baseUrl = process.env.NEXTAUTH_URL || "http://localhost:3000";
+    const verifyUrl = `${baseUrl}/verify/confirm?token=${token}`;
+    await sendMail({
+      to: normalizedEmail,
+      subject: "E-Mail verifizieren",
+      text: `Bitte verifiziere deine E-Mail: ${verifyUrl}`
+    });
+  }
+
   return NextResponse.json({ id: user.id, email: user.email });
 }