mirror of
https://github.com/spacebarchat/server.git
synced 2024-11-10 20:52:42 +01:00
Added email sanitisation to /users/@me PATCH. Could previously have email as any string
This commit is contained in:
parent
dbbe0037d0
commit
f4dbca6150
@ -7039,6 +7039,9 @@
|
||||
},
|
||||
"code": {
|
||||
"type": "string"
|
||||
},
|
||||
"email": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"definitions": {
|
||||
|
@ -1,5 +1,5 @@
|
||||
import { Router, Request, Response } from "express";
|
||||
import { User, PrivateUserProjection, emitEvent, UserUpdateEvent, handleFile, FieldErrors } from "@fosscord/util";
|
||||
import { User, PrivateUserProjection, emitEvent, UserUpdateEvent, handleFile, FieldErrors, adjustEmail } from "@fosscord/util";
|
||||
import { route } from "@fosscord/api";
|
||||
import bcrypt from "bcrypt";
|
||||
|
||||
@ -21,6 +21,7 @@ export interface UserModifySchema {
|
||||
password?: string;
|
||||
new_password?: string;
|
||||
code?: string;
|
||||
email?: string;
|
||||
}
|
||||
|
||||
router.get("/", route({}), async (req: Request, res: Response) => {
|
||||
@ -46,6 +47,12 @@ router.patch("/", route({ body: "UserModifySchema" }), async (req: Request, res:
|
||||
}
|
||||
}
|
||||
|
||||
if (body.email) {
|
||||
body.email = adjustEmail(body.email);
|
||||
if (!body.email)
|
||||
throw FieldErrors({ email: { message: req.t("auth:register.EMAIL_INVALID"), code: "EMAIL_INVALID" } });
|
||||
}
|
||||
|
||||
user.assign(body);
|
||||
|
||||
if (body.new_password) {
|
||||
|
Loading…
Reference in New Issue
Block a user