jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Handle username conflict in account setup

Browse Source
This commit is contained in:
Johannes Zellner
2016-04-04 12:19:41 +02:00
parent 36f3f4b8f4
commit c73213b2f2
3 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/oauth2.js
+3 -2
View File
@@ -296,17 +296,18 @@ function accountSetup(req, res, next) {
debug('acountSetup: with token %s.', req.body.resetToken);
user.getByResetToken(req.body.resetToken, function (error, userObject) {
if (error) return next(new HttpError(401, 'Invalid resetToken'));
if (error) return res.redirect('/api/v1/session/account/setup?error=INVALID_TOKEN');
userObject.username = req.body.username;
userObject.displayName = req.body.displayName;
user.update(userObject.id, userObject.username, userObject.email, userObject.displayName, function (error) {
if (error && error.reason === UserError.ALREADY_EXISTS) return res.redirect('/api/v1/session/account/setup?error=ALREADY_EXISTS');
if (error) return next(new HttpError(500, error));
// setPassword clears the resetToken
user.setPassword(userObject.id, req.body.password, function (error, result) {
if (error && error.reason === UserError.BAD_PASSWORD) return next(new HttpError(406, 'Password does not meet the requirements'));
if (error && error.reason === UserError.BAD_PASSWORD) return res.redirect('/api/v1/session/account/setup?error=INVALID_PASSWORD');
if (error) return next(new HttpError(500, error));
res.redirect(util.format('%s?accessToken=%s&expiresAt=%s', config.adminOrigin(), result.token, result.expiresAt));
src/user.js
+1
View File
@@ -285,6 +285,7 @@ function updateUser(userId, username, email, displayName, callback) {
if (error) return callback(error);
userdb.update(userId, { username: username, email: email, displayName: displayName }, function (error) {
if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new UserError(UserError.ALREADY_EXISTS, error));
if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND, error));
if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
callback(null);
src/userdb.js
+1
View File
@@ -191,6 +191,7 @@ function update(userId, user, callback) {
args.push(userId);
database.query('UPDATE users SET ' + fields.join(', ') + ' WHERE id = ?', args, function (error, result) {
if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
if (result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));