mirror of
https://github.com/spacebarchat/server.git
synced 2024-11-08 20:02:39 +01:00
Send 204 regardless of user existance
This commit is contained in:
TomatoCake
parent
dbd93bdd7c
commit
98c1b93133
@ -17,15 +17,8 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
import { getIpAdress, route, verifyCaptcha } from "@spacebar/api";
|
import { getIpAdress, route, verifyCaptcha } from "@spacebar/api";
|
||||||
import {
|
import { Config, Email, ForgotPasswordSchema, User } from "@spacebar/util";
|
||||||
Config,
|
|
||||||
Email,
|
|
||||||
FieldErrors,
|
|
||||||
ForgotPasswordSchema,
|
|
||||||
User,
|
|
||||||
} from "@spacebar/util";
|
|
||||||
import { Request, Response, Router } from "express";
|
import { Request, Response, Router } from "express";
|
||||||
import { HTTPError } from "lambert-server";
|
|
||||||
const router = Router();
|
const router = Router();
|
||||||
|
|
||||||
router.post(
|
router.post(
|
||||||
@ -37,9 +30,6 @@ router.post(
|
|||||||
400: {
|
400: {
|
||||||
body: "APIErrorOrCaptchaResponse",
|
body: "APIErrorOrCaptchaResponse",
|
||||||
},
|
},
|
||||||
500: {
|
|
||||||
body: "APIErrorResponse",
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
}),
|
}),
|
||||||
async (req: Request, res: Response) => {
|
async (req: Request, res: Response) => {
|
||||||
@ -71,50 +61,20 @@ router.post(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const user = await User.findOneOrFail({
|
res.sendStatus(204);
|
||||||
|
|
||||||
|
const user = await User.findOne({
|
||||||
where: [{ phone: login }, { email: login }],
|
where: [{ phone: login }, { email: login }],
|
||||||
select: ["username", "id", "disabled", "deleted", "email"],
|
select: ["username", "id", "email"],
|
||||||
relations: ["security_keys"],
|
}).catch(() => {});
|
||||||
}).catch(() => {
|
|
||||||
throw FieldErrors({
|
|
||||||
login: {
|
|
||||||
message: req.t("auth:password_reset.EMAIL_DOES_NOT_EXIST"),
|
|
||||||
code: "EMAIL_DOES_NOT_EXIST",
|
|
||||||
},
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
if (!user.email)
|
if (user && user.email) {
|
||||||
throw FieldErrors({
|
Email.sendResetPassword(user, user.email).catch((e) => {
|
||||||
login: {
|
|
||||||
message:
|
|
||||||
"This account does not have an email address associated with it.",
|
|
||||||
code: "NO_EMAIL",
|
|
||||||
},
|
|
||||||
});
|
|
||||||
|
|
||||||
if (user.deleted)
|
|
||||||
return res.status(400).json({
|
|
||||||
message: "This account is scheduled for deletion.",
|
|
||||||
code: 20011,
|
|
||||||
});
|
|
||||||
|
|
||||||
if (user.disabled)
|
|
||||||
return res.status(400).json({
|
|
||||||
message: req.t("auth:login.ACCOUNT_DISABLED"),
|
|
||||||
code: 20013,
|
|
||||||
});
|
|
||||||
|
|
||||||
return await Email.sendResetPassword(user, user.email)
|
|
||||||
.then(() => {
|
|
||||||
return res.sendStatus(204);
|
|
||||||
})
|
|
||||||
.catch((e) => {
|
|
||||||
console.error(
|
console.error(
|
||||||
`Failed to send password reset email to ${user.username}#${user.discriminator}: ${e}`,
|
`Failed to send password reset email to ${user.username}#${user.discriminator} (${user.id}): ${e}`,
|
||||||
);
|
);
|
||||||
throw new HTTPError("Failed to send password reset email", 500);
|
|
||||||
});
|
});
|
||||||
|
}
|
||||||
},
|
},
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user