Allow password changes for external registrations
This commit is contained in:
parent
29f6c56161
commit
39d3d568e8
@ -277,7 +277,9 @@ router.get('/user/manage', ensureLogin, wrap(async (req, res) => {
|
||||
|
||||
// Change password
|
||||
router.get('/user/manage/password', ensureLogin, wrap(async (req, res) => {
|
||||
res.render('user/password_new')
|
||||
let socialStatus = await API.User.socialStatus(req.session.user)
|
||||
|
||||
res.render('user/password_new', {token: socialStatus.password})
|
||||
}))
|
||||
|
||||
// Change email
|
||||
@ -458,7 +460,7 @@ router.post('/login/reset', accountLimiter, csrfValidation, wrap(async (req, res
|
||||
}
|
||||
|
||||
try {
|
||||
await API.User.Reset.reset(email)
|
||||
await API.User.Reset.reset(email, false)
|
||||
|
||||
req.flash('message', {error: false, text: 'We\'ve sent a link to your email address. Please check spam folders, too!'})
|
||||
res.redirect('/login/reset?success=true')
|
||||
@ -631,16 +633,19 @@ router.post('/user/manage', csrfValidation, wrap(async (req, res, next) => {
|
||||
// Change user password
|
||||
router.post('/user/manage/password', accountLimiter, csrfValidation, wrap(async (req, res, next) => {
|
||||
if (!req.session.user) return next()
|
||||
let user = req.session.user
|
||||
let socialStatus = await API.User.socialStatus(user)
|
||||
|
||||
if (!req.body.password_old) {
|
||||
if (!req.body.password_old && socialStatus.password) {
|
||||
return formError(req, res, 'Please enter your current password.')
|
||||
}
|
||||
|
||||
let user = req.session.user
|
||||
if (socialStatus.password) {
|
||||
let passwordMatch = await API.User.Login.password(user, req.body.password_old)
|
||||
if (!passwordMatch) {
|
||||
return formError(req, res, 'The password you provided is incorrect.')
|
||||
}
|
||||
}
|
||||
|
||||
let password = req.body.password
|
||||
if (!password || password.length < 8) {
|
||||
|
Reference in New Issue
Block a user