Spacebar/server
1
0
Fork 0
mirror of https://github.com/spacebarchat/server.git synced 2024-09-19 17:21:35 +02:00
Code Issues Releases Activity

check pw and other auth before letting users undisable

Browse Source
This commit is contained in:
Madeline 2023-01-31 15:13:19 +11:00
parent 5ffa0a67f8
commit b31ce62bd5
No known key found for this signature in database
GPG Key ID: 1958E017C36F2E47
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
src/api/routes/auth/login.ts
View File

@ -88,25 +88,6 @@ router.post(
});
});
if (undelete) {
// undelete refers to un'disable' here
if (user.disabled)
await User.update({ id: user.id }, { disabled: false });
if (user.deleted)
await User.update({ id: user.id }, { deleted: false });
} else {
if (user.deleted)
return res.status(400).json({
message: "This account is scheduled for deletion.",
code: 20011,
});
if (user.disabled)
return res.status(400).json({
message: req.t("auth:login.ACCOUNT_DISABLED"),
code: 20013,
});
}
// the salt is saved in the password refer to bcrypt docs
const same_password = await bcrypt.compare(
password,
@ -169,6 +150,25 @@ router.post(
});
}
if (undelete) {
// undelete refers to un'disable' here
if (user.disabled)
await User.update({ id: user.id }, { disabled: false });
if (user.deleted)
await User.update({ id: user.id }, { deleted: false });
} else {
if (user.deleted)
return res.status(400).json({
message: "This account is scheduled for deletion.",
code: 20011,
});
if (user.disabled)
return res.status(400).json({
message: req.t("auth:login.ACCOUNT_DISABLED"),
code: 20013,
});
}
const token = await generateToken(user.id);
// Notice this will have a different token structure, than discord