budibase/packages/worker/src/api/controllers/global/users.ts

const {
  getGlobalUserParams,
  StaticDatabases,
} = require("@budibase/backend-core/db")
const { getGlobalUserByEmail } = require("@budibase/backend-core/utils")
const { user: userCache } = require("@budibase/backend-core/cache")
const { invalidateSessions } = require("@budibase/backend-core/sessions")
const accounts = require("@budibase/backend-core/accounts")
const {
  getGlobalDB,
  doWithGlobalDB,
  getTenantId,
  getTenantUser,
  doesTenantExist,
  doInTenant,
} = require("@budibase/backend-core/tenancy")
const { removeUserFromInfoDB } = require("@budibase/backend-core/deprovision")
const { errors } = require("@budibase/backend-core")
const { CacheKeys, bustCache } = require("@budibase/backend-core/cache")
import env from "../../../environment"
import { syncUserInApps } from "../../../utilities/appService"
import { quotas, users } from "@budibase/pro"
import { allUsers, getUser } from "../../utilities"
import { EmailTemplatePurpose } from "../../../constants"
import { checkInviteCode } from "../../../utilities/redis"
import { sendEmail } from "../../../utilities/email"

export const save = async (ctx: any) => {
  try {
    const user: any = await users.save(ctx.request.body, getTenantId())
    // let server know to sync user
    await syncUserInApps(user._id)
    ctx.body = user
  } catch (err: any) {
    ctx.throw(err.status || 400, err)
  }
}

const parseBooleanParam = (param: any) => {
  return !(param && param === "false")
}

export const adminUser = async (ctx: any) => {
  const { email, password, tenantId } = ctx.request.body
  await doInTenant(tenantId, async () => {
    // account portal sends a pre-hashed password - honour param to prevent double hashing
    const hashPassword = parseBooleanParam(ctx.request.query.hashPassword)
    // account portal sends no password for SSO users
    const requirePassword = parseBooleanParam(ctx.request.query.requirePassword)

    if (await doesTenantExist(tenantId)) {
      ctx.throw(403, "Organisation already exists.")
    }

    const response = await doWithGlobalDB(tenantId, async (db: any) => {
      const response = await db.allDocs(
        getGlobalUserParams(null, {
          include_docs: true,
        })
      )
      // write usage quotas for cloud
      if (!env.SELF_HOSTED) {
        // could be a scenario where it exists, make sure its clean
        try {
          const usageQuota = await db.get(
            StaticDatabases.GLOBAL.docs.usageQuota
          )
          if (usageQuota) {
            await db.remove(usageQuota._id, usageQuota._rev)
          }
        } catch (err) {
          // don't worry about errors
        }
        await db.put(quotas.generateNewQuotaUsage())
      }
      return response
    })

    if (response.rows.some((row: any) => row.doc.admin)) {
      ctx.throw(
        403,
        "You cannot initialise once an global user has been created."
      )
    }

    const user = {
      email: email,
      password: password,
      createdAt: Date.now(),
      roles: {},
      builder: {
        global: true,
      },
      admin: {
        global: true,
      },
      tenantId,
    }
    try {
      const finalUser = await users.save(
        user,
        tenantId,
        hashPassword,
        requirePassword
      )
      await bustCache(CacheKeys.CHECKLIST)
      ctx.body = finalUser
    } catch (err: any) {
      ctx.throw(err.status || 400, err)
    }
  })
}

export const destroy = async (ctx: any) => {
  const db = getGlobalDB()
  const dbUser = await db.get(ctx.params.id)

  if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {
    // root account holder can't be deleted from inside budibase
    const email = dbUser.email
    const account = await accounts.getAccount(email)
    if (account) {
      if (email === ctx.user.email) {
        ctx.throw(400, 'Please visit "Account" to delete this user')
      } else {
        ctx.throw(400, "Account holder cannot be deleted")
      }
    }
  }

  await removeUserFromInfoDB(dbUser)
  await db.remove(dbUser._id, dbUser._rev)
  await quotas.removeUser(dbUser)
  await userCache.invalidateUser(dbUser._id)
  await invalidateSessions(dbUser._id)
  // let server know to sync user
  await syncUserInApps(dbUser._id)
  ctx.body = {
    message: `User ${ctx.params.id} deleted.`,
  }
}

// called internally by app server user fetch
export const fetch = async (ctx: any) => {
  const all = await allUsers()
  // user hashed password shouldn't ever be returned
  for (let user of all) {
    if (user) {
      delete user.password
    }
  }
  ctx.body = all
}

// called internally by app server user find
export const find = async (ctx: any) => {
  ctx.body = await getUser(ctx.params.id)
}

export const tenantUserLookup = async (ctx: any) => {
  const id = ctx.params.id
  const user = await getTenantUser(id)
  if (user) {
    ctx.body = user
  } else {
    ctx.throw(400, "No tenant user found.")
  }
}

export const invite = async (ctx: any) => {
  let { email, userInfo } = ctx.request.body
  const existing = await getGlobalUserByEmail(email)
  if (existing) {
    ctx.throw(400, "Email address already in use.")
  }
  if (!userInfo) {
    userInfo = {}
  }
  userInfo.tenantId = getTenantId()
  const opts: any = {
    subject: "{{ company }} platform invitation",
    info: userInfo,
  }
  await sendEmail(email, EmailTemplatePurpose.INVITATION, opts)
  ctx.body = {
    message: "Invitation has been sent.",
  }
}

export const inviteAccept = async (ctx: any) => {
  const { inviteCode, password, firstName, lastName } = ctx.request.body
  try {
    // info is an extension of the user object that was stored by global
    const { email, info }: any = await checkInviteCode(inviteCode)
    ctx.body = await users.save(
      {
        firstName,
        lastName,
        password,
        email,
        ...info,
      },
      info.tenantId
    )
  } catch (err: any) {
    if (err.code === errors.codes.USAGE_LIMIT_EXCEEDED) {
      // explicitly re-throw limit exceeded errors
      ctx.throw(400, err)
    }
    ctx.throw(400, "Unable to create new user, invitation invalid.")
  }
}
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`const {`
			`getGlobalUserParams,`
			`StaticDatabases,`
Switching out @budibase/auth to @budibase/backend-core. 2022-01-11 08:33:00 +13:00			`} = require("@budibase/backend-core/db")`
Merge branch 'develop' into feature/licensing 2022-03-22 06:13:16 +13:00			`const { getGlobalUserByEmail } = require("@budibase/backend-core/utils")`
Switching out @budibase/auth to @budibase/backend-core. 2022-01-11 08:33:00 +13:00			`const { user: userCache } = require("@budibase/backend-core/cache")`
			`const { invalidateSessions } = require("@budibase/backend-core/sessions")`
			`const accounts = require("@budibase/backend-core/accounts")`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`const {`
			`getGlobalDB,`
Initial version of memory leak protection, making sure that PouchDB databases are closed correctly after use, using a combination of closures wrapping DB gets (this replaces the getDB, leaving only a dangerousGetDB function which can be used in very very specific scenarios) and then closing the DB as part of CLS hooked functions finishing. Also moving the GlobalDB init to the tenancy middleware as this is used everywhere in the worker/app services - means that not all getGlobalDB calls require an async closure around them. 2022-04-20 06:42:52 +12:00			`doWithGlobalDB,`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`getTenantId,`
Don't let user exist in multiple tenants when using custom sso 2021-10-07 03:15:46 +13:00			`getTenantUser,`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`doesTenantExist,`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`doInTenant,`
Switching out @budibase/auth to @budibase/backend-core. 2022-01-11 08:33:00 +13:00			`} = require("@budibase/backend-core/tenancy")`
			`const { removeUserFromInfoDB } = require("@budibase/backend-core/deprovision")`
Moving the withCache function to backend-core so that it can be shared, as well as adding a cache busting function which can be used when one of the checklist configs changes. 2022-05-24 02:03:52 +12:00			`const { errors } = require("@budibase/backend-core")`
			`const { CacheKeys, bustCache } = require("@budibase/backend-core/cache")`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`import env from "../../../environment"`
			`import { syncUserInApps } from "../../../utilities/appService"`
Add developer usage restrictions to SSO user creation 2022-03-18 21:01:31 +13:00			`import { quotas, users } from "@budibase/pro"`
Merge branch 'develop' into feature/licensing 2022-03-22 06:13:16 +13:00			`import { allUsers, getUser } from "../../utilities"`
Moving the withCache function to backend-core so that it can be shared, as well as adding a cache busting function which can be used when one of the checklist configs changes. 2022-05-24 02:03:52 +12:00			`import { EmailTemplatePurpose } from "../../../constants"`
			`import { checkInviteCode } from "../../../utilities/redis"`
			`import { sendEmail } from "../../../utilities/email"`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-02 02:58:40 +12:00
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const save = async (ctx: any) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`try {`
Published apps, automations and query count quotas 2022-03-20 14:13:54 +13:00			`const user: any = await users.save(ctx.request.body, getTenantId())`
Adding the sync call from the worker for creation, updating and deletion of users. Making sure that production and development apps are always up to date with user metadata. 2021-11-05 03:53:03 +13:00			`// let server know to sync user`
			`await syncUserInApps(user._id)`
			`ctx.body = user`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`} catch (err: any) {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`ctx.throw(err.status \|\| 400, err)`
			`}`
			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`const parseBooleanParam = (param: any) => {`
Fixing issue presented by test, passing Couch instance around for when it is being used in memory. 2021-11-16 08:34:08 +13:00			`return !(param && param === "false")`
Cloud SSO flow and auto login on verification 2021-09-22 05:20:26 +12:00			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const adminUser = async (ctx: any) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`const { email, password, tenantId } = ctx.request.body`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`await doInTenant(tenantId, async () => {`
			`// account portal sends a pre-hashed password - honour param to prevent double hashing`
			`const hashPassword = parseBooleanParam(ctx.request.query.hashPassword)`
			`// account portal sends no password for SSO users`
			`const requirePassword = parseBooleanParam(ctx.request.query.requirePassword)`
Add pre-hased password option to admin creation 2021-09-10 04:08:27 +12:00
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`if (await doesTenantExist(tenantId)) {`
			`ctx.throw(403, "Organisation already exists.")`
			`}`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`const response = await doWithGlobalDB(tenantId, async (db: any) => {`
			`const response = await db.allDocs(`
			`getGlobalUserParams(null, {`
			`include_docs: true,`
			`})`
			`)`
			`// write usage quotas for cloud`
			`if (!env.SELF_HOSTED) {`
			`// could be a scenario where it exists, make sure its clean`
			`try {`
			`const usageQuota = await db.get(`
			`StaticDatabases.GLOBAL.docs.usageQuota`
			`)`
			`if (usageQuota) {`
			`await db.remove(usageQuota._id, usageQuota._rev)`
			`}`
			`} catch (err) {`
			`// don't worry about errors`
Initial version of memory leak protection, making sure that PouchDB databases are closed correctly after use, using a combination of closures wrapping DB gets (this replaces the getDB, leaving only a dangerousGetDB function which can be used in very very specific scenarios) and then closing the DB as part of CLS hooked functions finishing. Also moving the GlobalDB init to the tenancy middleware as this is used everywhere in the worker/app services - means that not all getGlobalDB calls require an async closure around them. 2022-04-20 06:42:52 +12:00			`}`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`await db.put(quotas.generateNewQuotaUsage())`
Adding the ability to run the monorepo in cloud mode without the connected account portal (login, org setting and admin creation are all available again) as well as re-working how the redirects work to massively reduce the chance of cycles which I was experiencing constantly. 2021-09-30 04:55:59 +13:00			`}`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`return response`
			`})`
Further work, tenancy now working but some more work to be done. 2021-07-17 05:04:49 +12:00
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`if (response.rows.some((row: any) => row.doc.admin)) {`
			`ctx.throw(`
			`403,`
			`"You cannot initialise once an global user has been created."`
			`)`
			`}`
do not allow users to initialise again once an admin has been created 2021-05-06 09:06:31 +12:00
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`const user = {`
			`email: email,`
			`password: password,`
			`createdAt: Date.now(),`
			`roles: {},`
			`builder: {`
			`global: true,`
			`},`
			`admin: {`
			`global: true,`
			`},`
Moving the withCache function to backend-core so that it can be shared, as well as adding a cache busting function which can be used when one of the checklist configs changes. 2022-05-24 02:03:52 +12:00			`tenantId,`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`}`
			`try {`
			`const finalUser = await users.save(`
			`user,`
			`tenantId,`
			`hashPassword,`
			`requirePassword`
			`)`
			`await bustCache(CacheKeys.CHECKLIST)`
			`ctx.body = finalUser`
			`} catch (err: any) {`
			`ctx.throw(err.status \|\| 400, err)`
			`}`
			`})`
Swapping over everything to use the new user ID and updating everything after some end to end testing. 2021-04-21 04:17:44 +12:00			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const destroy = async (ctx: any) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`const db = getGlobalDB()`
Swapping over everything to use the new user ID and updating everything after some end to end testing. 2021-04-21 04:17:44 +12:00			`const dbUser = await db.get(ctx.params.id)`
Fix email link from internal bb onboarding. Prevent account holder from being deleted 2021-10-04 23:30:59 +13:00
Don't perform account deletion check when self hosted 2021-10-11 23:14:44 +13:00			`if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {`
			`// root account holder can't be deleted from inside budibase`
			`const email = dbUser.email`
			`const account = await accounts.getAccount(email)`
			`if (account) {`
			`if (email === ctx.user.email) {`
			`ctx.throw(400, 'Please visit "Account" to delete this user')`
			`} else {`
			`ctx.throw(400, "Account holder cannot be deleted")`
			`}`
Fix email link from internal bb onboarding. Prevent account holder from being deleted 2021-10-04 23:30:59 +13:00			`}`
			`}`

Remove global info users on user deletion 2021-10-01 01:08:07 +13:00			`await removeUserFromInfoDB(dbUser)`
basic group apis 2021-04-19 22:34:07 +12:00			`await db.remove(dbUser._id, dbUser._rev)`
Published apps, automations and query count quotas 2022-03-20 14:13:54 +13:00			`await quotas.removeUser(dbUser)`
WIP - first version of user sessions. 2021-07-07 05:10:04 +12:00			`await userCache.invalidateUser(dbUser._id)`
			`await invalidateSessions(dbUser._id)`
Adding the sync call from the worker for creation, updating and deletion of users. Making sure that production and development apps are always up to date with user metadata. 2021-11-05 03:53:03 +13:00			`// let server know to sync user`
			`await syncUserInApps(dbUser._id)`
basic group apis 2021-04-19 22:34:07 +12:00			`ctx.body = {`
Swapping over everything to use the new user ID and updating everything after some end to end testing. 2021-04-21 04:17:44 +12:00			message: `User ${ctx.params.id} deleted.`,
basic group apis 2021-04-19 22:34:07 +12:00			`}`
			`}`

			`// called internally by app server user fetch`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const fetch = async (ctx: any) => {`
Merge branch 'develop' into feature/licensing 2022-03-22 06:13:16 +13:00			`const all = await allUsers()`
basic group apis 2021-04-19 22:34:07 +12:00			`// user hashed password shouldn't ever be returned`
Merge branch 'develop' into feature/licensing 2022-03-22 06:13:16 +13:00			`for (let user of all) {`
basic group apis 2021-04-19 22:34:07 +12:00			`if (user) {`
			`delete user.password`
			`}`
			`}`
Fixes 2022-03-26 05:08:12 +13:00			`ctx.body = all`
basic group apis 2021-04-19 22:34:07 +12:00			`}`

			`// called internally by app server user find`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const find = async (ctx: any) => {`
Shifting over all of self API, deprecating old endpoints. 2022-02-15 07:11:35 +13:00			`ctx.body = await getUser(ctx.params.id)`
basic group apis 2021-04-19 22:34:07 +12:00			`}`
Finalising the usage of redis in the password reset and invitation systems. 2021-05-06 02:10:28 +12:00
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const tenantUserLookup = async (ctx: any) => {`
Prevent duplicate internal budibase users across tenants 2021-09-29 03:49:03 +13:00			`const id = ctx.params.id`
			`const user = await getTenantUser(id)`
			`if (user) {`
			`ctx.body = user`
			`} else {`
Password reset for budibase users 2021-09-18 00:41:22 +12:00			`ctx.throw(400, "No tenant user found.")`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`}`
			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const invite = async (ctx: any) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`let { email, userInfo } = ctx.request.body`
re-write, to use the ideas that Rory put in place, still WIP, un-tested but all implemented. 2021-08-03 05:34:43 +12:00			`const existing = await getGlobalUserByEmail(email)`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`if (existing) {`
			`ctx.throw(400, "Email address already in use.")`
			`}`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`if (!userInfo) {`
			`userInfo = {}`
			`}`
			`userInfo.tenantId = getTenantId()`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`const opts: any = {`
Formatting. 2021-05-12 02:24:17 +12:00			`subject: "{{ company }} platform invitation",`
Updating system to allow setting builder/admin as a toggle during the invitation phase of a user. 2021-05-25 05:45:43 +12:00			`info: userInfo,`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`}`
			`await sendEmail(email, EmailTemplatePurpose.INVITATION, opts)`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`ctx.body = {`
Formatting. 2021-05-06 02:19:44 +12:00			`message: "Invitation has been sent.",`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`}`
Finalising the usage of redis in the password reset and invitation systems. 2021-05-06 02:10:28 +12:00			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const inviteAccept = async (ctx: any) => {`
Adding the ability to get all apps, with the status attached. 2021-05-20 02:09:57 +12:00			`const { inviteCode, password, firstName, lastName } = ctx.request.body`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`try {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`// info is an extension of the user object that was stored by global`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`const { email, info }: any = await checkInviteCode(inviteCode)`
Add developer usage restrictions to SSO user creation 2022-03-18 21:01:31 +13:00			`ctx.body = await users.save(`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`{`
			`firstName,`
			`lastName,`
			`password,`
			`email,`
			`...info,`
			`},`
			`info.tenantId`
			`)`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`} catch (err: any) {`
Enforce licensed developer count + error types/codes framework 2022-03-05 02:42:50 +13:00			`if (err.code === errors.codes.USAGE_LIMIT_EXCEEDED) {`
			`// explicitly re-throw limit exceeded errors`
			`ctx.throw(400, err)`
			`}`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`ctx.throw(400, "Unable to create new user, invitation invalid.")`
Finalising the usage of redis in the password reset and invitation systems. 2021-05-06 02:10:28 +12:00			`}`
			`}`