Allow password changes for external registrations

This commit is contained in:
Evert Prants 2019-08-08 17:13:52 +03:00
parent 29f6c56161
commit 39d3d568e8
Signed by: evert
GPG Key ID: 1688DA83D222D0B5

View File

@ -277,7 +277,9 @@ router.get('/user/manage', ensureLogin, wrap(async (req, res) => {
// Change password // Change password
router.get('/user/manage/password', ensureLogin, wrap(async (req, res) => { router.get('/user/manage/password', ensureLogin, wrap(async (req, res) => {
res.render('user/password_new') let socialStatus = await API.User.socialStatus(req.session.user)
res.render('user/password_new', {token: socialStatus.password})
})) }))
// Change email // Change email
@ -458,7 +460,7 @@ router.post('/login/reset', accountLimiter, csrfValidation, wrap(async (req, res
} }
try { try {
await API.User.Reset.reset(email) await API.User.Reset.reset(email, false)
req.flash('message', {error: false, text: 'We\'ve sent a link to your email address. Please check spam folders, too!'}) req.flash('message', {error: false, text: 'We\'ve sent a link to your email address. Please check spam folders, too!'})
res.redirect('/login/reset?success=true') res.redirect('/login/reset?success=true')
@ -631,16 +633,19 @@ router.post('/user/manage', csrfValidation, wrap(async (req, res, next) => {
// Change user password // Change user password
router.post('/user/manage/password', accountLimiter, csrfValidation, wrap(async (req, res, next) => { router.post('/user/manage/password', accountLimiter, csrfValidation, wrap(async (req, res, next) => {
if (!req.session.user) return next() if (!req.session.user) return next()
let user = req.session.user
let socialStatus = await API.User.socialStatus(user)
if (!req.body.password_old) { if (!req.body.password_old && socialStatus.password) {
return formError(req, res, 'Please enter your current password.') return formError(req, res, 'Please enter your current password.')
} }
let user = req.session.user if (socialStatus.password) {
let passwordMatch = await API.User.Login.password(user, req.body.password_old) let passwordMatch = await API.User.Login.password(user, req.body.password_old)
if (!passwordMatch) { if (!passwordMatch) {
return formError(req, res, 'The password you provided is incorrect.') return formError(req, res, 'The password you provided is incorrect.')
} }
}
let password = req.body.password let password = req.body.password
if (!password || password.length < 8) { if (!password || password.length < 8) {