jeena/PeerTube
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions

Fix external auth email/password update

Browse source 
Also check if an actor does not already exist when creating the user
This commit is contained in:
Chocobozzz 2020-05-20 10:04:44 +02:00
parent 51539e95d9
commit 9a7fd9600b
No known key found for this signature in database
GPG key ID: 583A612D890159BE
8 changed files with 32 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

9
server/middlewares/validators/users.ts
View file

@ -234,14 +234,19 @@ const usersUpdateMeValidator = [
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') })
const user = res.locals.oauth.token.User
if (req.body.password || req.body.email) {
if (user.pluginAuth !== null) {
return res.status(400)
.json({ error: 'You cannot update your email or password that is associated with an external auth system.' })
}
if (!req.body.currentPassword) {
return res.status(400)
.json({ error: 'currentPassword parameter is missing.' })
.end()
}
const user = res.locals.oauth.token.User
if (await user.isPasswordMatch(req.body.currentPassword) !== true) {
return res.status(401)
.json({ error: 'currentPassword is invalid.' })