feat: self-service migration of ry members without associated Discord user

ahnl · ahnl · commit 009bfe0e0a3e · 2025-11-02T11:56:37.000+02:00
diff --git a/src/database/schemas/userInfo.js b/src/database/schemas/userInfo.js
@@ -22,6 +22,7 @@ const SchemaUserInfo = new Schema({
             sparse: true,
             type: String
         },
+        migrationKey: String,
         handledIn: String,
         appliedAt: Date,
         status: {
diff --git a/src/routes/membersArea.js b/src/routes/membersArea.js
@@ -36,6 +36,15 @@ router.use(session({
     }
 }))
 
+function isValidMigrationQuery(email, migrationKey) {
+    return (
+        typeof email === "string" &&
+        typeof migrationKey === "string" &&
+        email.length > 0 &&
+        /^[A-Za-z0-9]{128}$/.test(migrationKey)
+    )
+}
+
 router.post("/authenticate", async (req, res, next) => {
     try {
         console.log("debug: /authenticate")
@@ -334,6 +343,59 @@ router.get("/logout", async (req, res, next) => {
     }
 })
 
+router.get("/migrate", async (req, res, next) => {
+    try {
+        const { email, migrationKey } = req.query
+        if (!isValidMigrationQuery(email, migrationKey)) {
+            return res.status(400).json({ status: "error", message: "invalid query params" })
+        }
+
+        const doc = await database.UserInfo.findOne({
+            "associationMembership.email": email,
+            "associationMembership.migrationKey": migrationKey
+        }, "associationMembership.firstName associationMembership.lastName")
+
+        if (!doc) return res.status(404).json({ status: "not_found" })
+
+        return res.json({
+            firstName: doc.associationMembership?.firstName ?? null,
+            lastName: doc.associationMembership?.lastName ?? null
+        })
+    } catch (e) {
+        next(e)
+    }
+})
+
+router.post("/migrate", requireAuth, async (req, res, next) => {
+    try {
+        const { email, migrationKey } = req.query
+        if (!isValidMigrationQuery(email, migrationKey)) {
+            return res.status(400).json({ status: "error", message: "invalid query params" })
+        }
+
+        const discordId = req.session.discordId
+        if (!discordId) return res.status(403).json({ status: "error", message: "unauthenticated" })
+
+        // Remove the current document that holds this Discord id
+        await database.UserInfo.findOneAndDelete({ id: discordId })
+
+        // Assign the Discord id to the association member document
+        const updated = await database.UserInfo.findOneAndUpdate({
+            "associationMembership.email": email,
+            "associationMembership.migrationKey": migrationKey
+        }, {
+            $set: { id: discordId },
+            $unset: { "associationMembership.migrationKey": "" }
+        }, { new: true })
+
+        if (!updated) return res.status(404).json({ status: "not_found" })
+
+        return res.json({ status: "ok" })
+    } catch (e) {
+        next(e)
+    }
+})
+
 router.use((
     err, req, res, next
 ) => {
