owltide/server/api/auth/account.post.ts

/*
	SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
	SPDX-License-Identifier: AGPL-3.0-or-later
*/
import { readUsers, writeUsers, nextUserId, type ServerUser } from "~/server/database";
import { broadcastEvent } from "~/server/streams";

export default defineEventHandler(async (event) => {
	let session = await getServerSession(event, false);
	if (session) {
		throw createError({
			status: 409,
			message: "Cannot create account while having an active session."
		});
	}

	const formData = await readFormData(event);
	const name = formData.get("name");

	const users = await readUsers();
	let user: ServerUser;
	if (typeof name === "string") {
		if (name === "") {
			throw createError({
				status: 400,
				message: "Name cannot be blank",
			});
		}
		if (users.some(user => user.name && user.name.toLowerCase() === name.toLowerCase())) {
			throw createError({
				status: 409,
				message: "User already exists",
			});
		}

		const firstUser = users.every(user => user.type === "anonymous");
		user = {
			id: await nextUserId(),
			updatedAt: new Date().toISOString(),
			type: firstUser ? "admin" : "regular",
			name,
		};

	} else if (name === null) {
		user = {
			id: await nextUserId(),
			updatedAt: new Date().toISOString(),
			type: "anonymous",
		};
	} else {
		throw createError({
			status: 400,
			message: "Invalid name",
		});
	}

	users.push(user);
	await writeUsers(users);
	await broadcastEvent({
		type: "user-update",
		data: user,
	});
	await setServerSession(event, user);
})