mirror of
https://github.com/spacebarchat/server.git
synced 2024-11-05 10:22:31 +01:00
check pw and other auth before letting users undisable
This commit is contained in:
parent
5ffa0a67f8
commit
b31ce62bd5
@ -88,25 +88,6 @@ router.post(
|
||||
});
|
||||
});
|
||||
|
||||
if (undelete) {
|
||||
// undelete refers to un'disable' here
|
||||
if (user.disabled)
|
||||
await User.update({ id: user.id }, { disabled: false });
|
||||
if (user.deleted)
|
||||
await User.update({ id: user.id }, { deleted: false });
|
||||
} else {
|
||||
if (user.deleted)
|
||||
return res.status(400).json({
|
||||
message: "This account is scheduled for deletion.",
|
||||
code: 20011,
|
||||
});
|
||||
if (user.disabled)
|
||||
return res.status(400).json({
|
||||
message: req.t("auth:login.ACCOUNT_DISABLED"),
|
||||
code: 20013,
|
||||
});
|
||||
}
|
||||
|
||||
// the salt is saved in the password refer to bcrypt docs
|
||||
const same_password = await bcrypt.compare(
|
||||
password,
|
||||
@ -169,6 +150,25 @@ router.post(
|
||||
});
|
||||
}
|
||||
|
||||
if (undelete) {
|
||||
// undelete refers to un'disable' here
|
||||
if (user.disabled)
|
||||
await User.update({ id: user.id }, { disabled: false });
|
||||
if (user.deleted)
|
||||
await User.update({ id: user.id }, { deleted: false });
|
||||
} else {
|
||||
if (user.deleted)
|
||||
return res.status(400).json({
|
||||
message: "This account is scheduled for deletion.",
|
||||
code: 20011,
|
||||
});
|
||||
if (user.disabled)
|
||||
return res.status(400).json({
|
||||
message: req.t("auth:login.ACCOUNT_DISABLED"),
|
||||
code: 20013,
|
||||
});
|
||||
}
|
||||
|
||||
const token = await generateToken(user.id);
|
||||
|
||||
// Notice this will have a different token structure, than discord
|
||||
|
Loading…
Reference in New Issue
Block a user