some more things

2017-11-30 23:45:21 +02:00 · 2017-11-30 23:45:21 +02:00 · 34a81d7923
commit 34a81d7923
parent f76135f00f
4 changed files with 9 additions and 7 deletions
--- a/server/api/external.js
+++ b/server/api/external.js
@ -1,7 +1,7 @@
 import config from '../../scripts/load-config'
 import http from '../../scripts/http'
 import models from './models'
-import image from './image'
+import Image from './image'
 import UAPI from './index'
 import qs from 'querystring'
 import oauth from 'oauth-libre'
@ -173,7 +173,7 @@ const API = {

      if (rawData.picture) {
        if (rawData.picture.is_silhouette === false && rawData.picture.url) {
-          let imgdata = await image.downloadImage(rawData.picture.url)
+          let imgdata = await Image.downloadImage(rawData.picture.url)
          if (imgdata && imgdata.fileName) {
            profilepic = imgdata.fileName
          }
@ -224,7 +224,7 @@ const API = {
      let profilepic = null

      if (rawData.profile_image_url_https) {
-        let imgdata = await image.downloadImage(rawData.profile_image_url_https)
+        let imgdata = await Image.downloadImage(rawData.profile_image_url_https)
        if (imgdata && imgdata.fileName) {
          profilepic = imgdata.fileName
        }
@ -303,7 +303,7 @@ const API = {
    getAvatar: async (rawData) => {
      let profilepic = null
      if (rawData.image) {
-        let imgdata = await image.downloadImage(rawData.image)
+        let imgdata = await Image.downloadImage(rawData.image)
        if (imgdata && imgdata.fileName) {
          profilepic = imgdata.fileName
        }
@ -345,7 +345,7 @@ const API = {
      let aviSnowflake = rawData.avatar
      if (aviSnowflake) {
        try {
-          let avpt = await image.downloadImage('https://cdn.discordapp.com/avatars/' + rawData.id + '/' + aviSnowflake + '.png')
+          let avpt = await Image.downloadImage('https://cdn.discordapp.com/avatars/' + rawData.id + '/' + aviSnowflake + '.png')
          if (avpt && avpt.fileName) {
            profilepic = avpt.fileName
          }
--- a/server/api/index.js
+++ b/server/api/index.js
@ -210,7 +210,7 @@ const API = {

      let file = path.join(uploadsDir, user.avatar_file)
      if (await fs.exists(file)) {
-        await fs.unlinkAsync(file)
+        await fs.unlink(file)
      }

      return API.User.update(user, {avatar_file: null})
--- a/server/routes/index.js
+++ b/server/routes/index.js
@ -452,6 +452,8 @@ router.post('/reset/:token', csrfValidation, wrap(async (req, res) => {
  try {
    await API.User.Reset.changePassword(user, password, token)

+    console.warn('[SECURITY AUDIT] User \'%s\' password has been changed from %s', user.username, req.realIP)
+
    req.flash('message', {error: false, text: 'Your password has been changed successfully. You may now log in!'})
    res.redirect('/login')
  } catch (e) {
--- a/templates/reset_password/html.pug
+++ b/templates/reset_password/html.pug
@ -2,5 +2,5 @@ h1 Hello, #{display_name}!
 p You've requested to reset your password on Icy Network.
 p Click on or copy the following link into your URL bar in order to reset your Icy Network account password:
 a.activate(href=domain + "/reset/" + reset_token, target="_blank", rel="nofollow")= domain + "/reset/" + reset_token
-p If you did not request for a password reset on Icy Network, please ignore this email.
+p If you did not request a password reset on Icy Network, please ignore this email.
 small This email has been sent to you because of an action performed on the IcyNet.eu website.