IcyNetwork/IcyNet.eu
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

prevent potential redirect loop with activation link

Browse Source
This commit is contained in:
Evert Prants 2017-10-14 23:35:22 +03:00
parent 1e027c4b88
commit b0a6856fbc
Signed by: evert
GPG Key ID: 1688DA83D222D0B5
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
server/routes/index.js
View File

@ -737,11 +737,14 @@ router.get('/logout', (req, res) => {
router.get('/activate/:token', wrap(async (req, res) => { router.get('/activate/:token', wrap(async (req, res) => {
if (req.session.user) return res.redirect('/login') if (req.session.user) return res.redirect('/login')
let token = req.params.token let token = req.params.token
let success = await API.User.Login.activationToken(token) let success = await API.User.Login.activationToken(token)
if (!success) return formError(req, res, 'Unknown or invalid activation token')
if (!success) {
req.flash('message', {error: true, text: 'Invalid or expired activation token.'})
} else {
req.flash('message', {error: false, text: 'Your account has been activated! You may now log in.'}) req.flash('message', {error: false, text: 'Your account has been activated! You may now log in.'})
}
res.redirect('/login') res.redirect('/login')
})) }))