Navy.gif/webserver-framework
Template
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

prohibit name change to existing name

Browse Source
This commit is contained in:
Erik 2023-05-02 02:55:04 +03:00
parent ff83c11cf8
commit c44fb4ebfa
Signed by: Navy.gif
GPG Key ID: 2532FBBB61C65A68
3 changed files with 21 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
options.json
View File

@ -2,7 +2,7 @@
"projectName": "webserver-framework", "projectName": "webserver-framework",
"serverFilePath": "./server/Server.js", "serverFilePath": "./server/Server.js",
"shardOptions": { "shardOptions": {
"respawn": false "respawn": true
}, },
"shardCount": 1, "shardCount": 1,
"serverOptions": { "serverOptions": {

7
src/server/components/UserDatabase.ts
View File

@ -212,6 +212,13 @@ class UserDatabase implements UserDatabaseInterface {
} }
/**
* Find user by name
*
* @param {string} name
* @return {*}
* @memberof UserDatabase
*/
async findUser (name: string) { async findUser (name: string) {
if (!name) if (!name)

16
src/server/endpoints/api/User.ts
View File

@ -49,7 +49,12 @@ class UserEndpoint extends ApiEndpoint {
]; ];
this.subpaths = [ this.subpaths = [
[ 'post', '/avatar', this.uploadAvatar.bind(this), [ fileUpload({ limits: { fileSize: 1024 * 1024 * 12, files: 1 }, abortOnLimit: true, safeFileNames: true, preserveExtension: true }) ]], [ 'post', '/avatar', this.uploadAvatar.bind(this), [ fileUpload({
limits: { fileSize: 1024 * 1024 * 12, files: 1 },
abortOnLimit: true,
safeFileNames: true,
preserveExtension: true
}) ]],
[ 'post', '/settings', this.updateSettings.bind(this) ], [ 'post', '/settings', this.updateSettings.bind(this) ],
// 2 Factor Authentication // 2 Factor Authentication
@ -127,10 +132,15 @@ class UserEndpoint extends ApiEndpoint {
if (!await user.authenticate(body.password)) if (!await user.authenticate(body.password))
return res.status(403).send('Invalid password'); return res.status(403).send('Invalid password');
if (body.username !== user.name) {
const existing = await this.#users.findUser(body.username);
if (existing)
return res.status(400).send('Username taken');
user.name = body.username;
}
if (body.newPassword) if (body.newPassword)
await user.setPassword(body.newPassword); await user.setPassword(body.newPassword);
if (body.username !== user.name)
user.name = body.username;
if (body.displayName !== user.displayName) if (body.displayName !== user.displayName)
user.displayName = body.displayName; user.displayName = body.displayName;