From 3ffc156b79fb2cb5c90f73272445cb50fe8bd594 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Jedlicska?= <gergo@jedlicska.com>
Date: Wed, 17 Nov 2021 13:22:50 +0100
Subject: [PATCH] fix(server local auth): user is created before the invite is
 used, so stream permissions can be set

fix #470
---
 .../server/modules/auth/strategies/local.js    | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/packages/server/modules/auth/strategies/local.js b/packages/server/modules/auth/strategies/local.js
index 27fcd093e..0d75d19d7 100644
--- a/packages/server/modules/auth/strategies/local.js
+++ b/packages/server/modules/auth/strategies/local.js
@@ -44,19 +44,21 @@ module.exports = async ( app, session, sessionAppId, finalizeAuth ) => {
 
       let user = req.body
 
-      if ( serverInfo.inviteOnly && !req.session.inviteId ) {
-        throw new Error( 'This server is invite only. Please provide an invite id.' )
-      }
-
-      if ( req.session.inviteId ) {
-        const valid = await validateInvite( { id: req.session.inviteId, email: user.email } )
-        if ( !valid )
+      let userId
+      // go ahead with register
+      if ( !serverInfo.inviteOnly ){
+        userId = await createUser( user )
+      } else {
+        if ( !req.session.inviteId )
+          throw new Error( 'This server is invite only. Please provide an invite id.' )
+        
+        if ( !await validateInvite( { id: req.session.inviteId, email: user.email } ) )
           throw new Error( 'Invite email mismatch. Please use the original email the invite was sent to register.' )
 
+        userId = await createUser( user )
         await useInvite( { id: req.session.inviteId, email: user.email } )
       }
 
-      let userId = await createUser( user )
       req.user = { id: userId, email: user.email }
 
       return next( )