SimCompanies/dashboard
2
1
Fork 0
Code Issues 17 Pull Requests Releases Activity

require password for username change

Browse Source
This commit is contained in:
Oliver Boehlk
2020-05-15 23:00:23 +02:00
parent 7c67c39ca7
commit 6591cf877a
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/index.js
View File

@@ -294,9 +294,15 @@ app.get('/API/resourcelist', function (req, res) {
});
app.post("/API/user/setname", function (req, res) {
let { email } = req.body;
let { email, password } = req.body;
if (email) {
if (DEBUG) return res.status(status.OK).send();
try {
if (!await validatePassword(req.user.email, passport))
return res.status(status.UNAUTHORIZED).send("wrong password supplied");
} catch (e) {
return res.status(status.INTERNAL_SERVER_ERROR).send(e);
}
connection.query(`UPDATE user SET email = ${mysql.escape(email)} WHERE email = ${mysql.escape(req.user.email)}`, function (err, rows) {
if (err)
return res.status(status.INTERNAL_SERVER_ERROR).send("the username seems invalid or already taken - if you think this is an error contact the sys admin");