From 6086b0e7971ab265ae92fdb9276503a371169fbd Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Fri, 5 Apr 2024 12:11:43 +0200
Subject: [PATCH] typo

---
 src/routes/users.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/users.js b/src/routes/users.js
index e52415164..7754162ef 100644
--- a/src/routes/users.js
+++ b/src/routes/users.js
@@ -209,7 +209,7 @@ async function setGhost(req, res, next) {
     assert.strictEqual(typeof req.resource, 'object');
 
     if (typeof req.body.password !== 'string' || !req.body.password) return next(new HttpError(400, 'password must be non-empty string'));
-    if ('expiresAt' in req.body && typeof req.body.password !== 'number') return next(new HttpError(400, 'expiresAt must be a number'));
+    if ('expiresAt' in req.body && typeof req.body.expiresAt !== 'number') return next(new HttpError(400, 'expiresAt must be a number'));
     if (users.compareRoles(req.user.role, req.resource.role) < 0) return next(new HttpError(403, `role '${req.resource.role}' is required but user has only '${req.user.role}'`));
 
     const [error] = await safe(users.setGhost(req.resource, req.body.password, req.body.expiresAt || 0));