From eafae55e359b68ec45ca77bf40d713cc6c9b0865 Mon Sep 17 00:00:00 2001
From: "Navy.gif" <navydotgif@gmail.com>
Date: Tue, 18 Jul 2023 17:11:25 +0300
Subject: [PATCH] perms + tell the client to re-auth after passwd change

---
 src/server/endpoints/api/User.ts | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/src/server/endpoints/api/User.ts b/src/server/endpoints/api/User.ts
index 3c2e920..f547c4f 100644
--- a/src/server/endpoints/api/User.ts
+++ b/src/server/endpoints/api/User.ts
@@ -69,9 +69,9 @@ class UserEndpoint extends ApiEndpoint
             [ 'get', '/connect/:service/finalise', this.connectOAuthFinalise.bind(this) ],
 
             // Applications
-            [ 'get', '/applications', this.applications.bind(this) ], 
+            [ 'get', '/applications', this.applications.bind(this), [ server.auth.createAuthoriser('applications', 5) ]], 
             [ 'post', '/applications', this.createApplication.bind(this), [ server.auth.createAuthoriser('applications:create', 5) ]],
-            [ 'delete', '/applications/:id', this.deleteApplication.bind(this) ],
+            [ 'delete', '/applications/:id', this.deleteApplication.bind(this), [ server.auth.createAuthoriser('applications', 5) ]],
         ];
 
         this.middleware = [
@@ -151,11 +151,21 @@ class UserEndpoint extends ApiEndpoint
                 return res.status(400).send('Username taken');
             user.name = body.username; 
         }
-        if (body.newPassword) 
-            await user.setPassword(body.newPassword);
+        
         if (body.displayName !== user.displayName) 
             user.displayName = body.displayName;
-        
+
+        if (body.newPassword)
+        {
+            await user.setPassword(body.newPassword, true); 
+            req.session.destroy(() => 
+            {
+                res.json({ reAuth: true });
+            });
+            return;
+        }
+
+
         await user.save();
         return res.end();