router.post( '/register', e(async (req, res, next) => { let username

1. router.post(
2.   '/register',
3.   e(async (req, res, next) => {
4.     let username = null
5.     try {
6.       await request({
7.         method: 'post',
8.         uri: 'https://makerpassport.org/api/v4/users',
9.         headers: {
10.           Authorization: process.env.GITLAB_ADMIN_TOKEN,
11.         },
12.         body: {
13.           email: req.body.email,
14.           name: req.body.name,
15.           username: req.body.username,
16.           password: req.body.password,
17.         },
18.         json: true,
19.       })
20.     } catch (e) {
21.       if (e.statusCode === 409) {
22.         // user already exists
23.         const user = (await request({
24.           method: 'get',
25.           uri: `https://makerpassport.org/api/v4/users?search=${req.body.email}`,
26.           headers: {
27.             Authorization: process.env.GITLAB_ADMIN_TOKEN,
28.           },
29.           json: true,
30.         }))[0]
31.         if (user.email === req.body.email) {
32.           // make sure email is the same otherwise user could be impersonated
33.           // from account with email as name
34.           username = user.username
35.         }
36.       } else {
37.         console.error('could not register user', e.statusCode, e.message)
38.         return res.sendStatus(e.statusCode)
39.       }
40.     }
41.  
42.     let user = await User.findOne({ email: req.body.email })
43.     let userToken = null
44.     try {
45.       userToken = await request({
46.         method: 'post',
47.         uri: 'https://makerpassport.org/oauth/token',
48.         headers: {
49.           Authorization: process.env.GITLAB_ADMIN_TOKEN,
50.         },
51.         body: {
52.           grant_type: 'password',
53.           username: username || req.body.username,
54.           password: req.body.password,
55.         },
56.         json: true,
57.       })
58.     } catch (e) {
59.       if (user && user.covid) {
60.         return res.sendStatus(409)
61.       }
62.       console.error('could not login user in gitlab', e.statusCode, e.message)
63.       return res.sendStatus(e.statusCode)
64.     }
65.  
66.     const userData = {
67.       email: req.body.email,
68.       username: req.body.username,
69.       firstName: req.body.firstName,
70.       lastName: req.body.lastName,
71.       address: {
72.         city: req.body.city,
73.         postCode: req.body.postCode,
74.         line1: req.body.address,
75.       },
76.       covid: {
77.         userType: req.body.type,
78.         subtype: req.body.subtype,
79.         organization: req.body.organization,
80.         telephone: req.body.telephone,
81.       },
82.     }
83.     if (req.body.type === 'give') {
84.       userData.lab = await Lab.create({
85.         name: req.body.name,
86.         address: {
87.           city: req.body.city,
88.           postCode: req.body.postCode,
89.           line1: req.body.address,
90.         },
91.         contact: req.body.telephone,
92.       })
93.     }
94.  
95.     try {
96.       user = await register(userData)
97.     } catch (e) {
98.       if (e.message.includes('duplicate')) {
99.         Object.assign(user, userData)
100.       }
101.     }
102.  
103.     user.logins.push({
104.       date: new Date().getTime(),
105.     })
106.     await user.save()
107.  
108.     const token = generateToken(user._id)
109.     res.status(200).send({
110.       user,
111.       token,
112.       access_token: userToken.access_token,
113.     })
114.   })
115. )