fix: don't swallow errors in POST /accounts (#921)

lautarodragan · web-flow · commit 750b023f8bff · 2019-04-15T20:32:06.000-03:00
diff --git a/src/api/accounts/CreateAccount.ts b/src/api/accounts/CreateAccount.ts
@@ -2,7 +2,6 @@ import * as Joi from 'joi'
 import bytesToUuid = require('uuid/lib/bytesToUuid')
 
 import { PasswordComplexConfiguration } from '../../api/PasswordComplexConfiguration'
-import { errors } from '../../errors/errors'
 import { validatePassword } from '../../helpers/validatePassword'
 import { AccountsController } from '../../modules/Accounts/Accounts.controller'
 import { SendEmailTo } from '../../utils/SendEmail'
@@ -19,16 +18,8 @@ export const CreateAccountSchema = (
 export const CreateAccount = (sendEmail: SendEmailTo, verifiedAccount: boolean, pwnedCheckerRoot: string) => async (
   ctx: any,
 ): Promise<any> => {
-  const logger = ctx.logger(__dirname)
-
-  try {
-    const usersController = new AccountsController(ctx.logger, verifiedAccount, pwnedCheckerRoot, sendEmail)
-    const { email, password } = ctx.request.body
-    const { account: { id, issuer }, token } = await usersController.create({ email, password })
-    ctx.body = { id: bytesToUuid(id), issuer, token }
-  } catch (exception) {
-    const { AccountAlreadyExists } = errors
-    logger.error({ exception }, 'api.CreateAccount')
-    ctx.throw(AccountAlreadyExists.code, AccountAlreadyExists.message)
-  }
+  const usersController = new AccountsController(ctx.logger, verifiedAccount, pwnedCheckerRoot, sendEmail)
+  const { email, password } = ctx.request.body
+  const { account: { id, issuer }, token } = await usersController.create({ email, password })
+  ctx.body = { id: bytesToUuid(id), issuer, token }
 }
diff --git a/src/modules/Accounts/Accounts.controller.ts b/src/modules/Accounts/Accounts.controller.ts
@@ -3,6 +3,7 @@ import * as Pino from 'pino'
 
 import { Token } from '../../api/Tokens'
 import { getToken } from '../../api/accounts/utils/utils'
+import { AccountAlreadyExists } from '../../errors/errors'
 import { uuid4 } from '../../helpers/uuid'
 import { GenericDAO } from '../../interfaces/GenericDAO'
 import { Network } from '../../interfaces/Network'
@@ -30,6 +31,11 @@ export class AccountsController {
   public async create({ email, password }: { email: string, password: string }) {
     this.logger.debug({ email }, 'Creating account')
 
+    const existing = await Account.findOne({ email })
+
+    if (existing)
+      throw new AccountAlreadyExists()
+
     const id = await this.getUnusedId()
     const { privateKey, publicKey } = generateED25519Base58Keys()
     const encryptedPrivateKey = await Vault.encrypt(privateKey)
