Permalink
Browse files

check password validity in user delete socket call

  • Loading branch information...
julianlam committed Jul 3, 2018
1 parent cb8e62c commit fb42862ec7a5a3d6a18cbf402818910eb9661129
Showing with 17 additions and 14 deletions.
  1. +3 −13 public/src/client/account/edit.js
  2. +14 −1 src/socket.io/user.js
@@ -169,10 +169,9 @@ define('forum/account/edit', ['forum/account/header', 'translator', 'components'
confirmBtn.html('<i class="fa fa-spinner fa-spin"></i>');
confirmBtn.prop('disabled', true);
socket.emit('user.checkPassword', {
uid: parseInt(ajaxify.data.uid, 10),
socket.emit('user.deleteAccount', {
password: $('#confirm-password').val(),
}, function (err, ok) {
}, function (err) {
function restoreButton() {
translator.translate('[[modules:bootbox.confirm]]', function (confirmText) {
confirmBtn.text(confirmText);
@@ -183,19 +182,10 @@ define('forum/account/edit', ['forum/account/header', 'translator', 'components'
if (err) {
restoreButton();
return app.alertError(err.message);
} else if (!ok) {
restoreButton();
return app.alertError('[[error:invalid-password]]');
}
confirmBtn.html('<i class="fa fa-check"></i>');
socket.emit('user.deleteAccount', {}, function (err) {
if (err) {
return app.alertError(err.message);
}
window.location.href = config.relative_path + '/';
});
window.location.href = config.relative_path + '/';
});
return false;
@@ -36,6 +36,11 @@ SocketUser.deleteAccount = function (socket, data, callback) {
}
async.waterfall([
function (next) {
user.isPasswordCorrect(socket.uid, data.password, function (err, ok) {
next(err || !ok ? new Error('[[error:invalid-password]]') : undefined);
});
},
function (next) {
user.isAdministrator(socket.uid, next);
},
@@ -56,7 +61,15 @@ SocketUser.deleteAccount = function (socket, data, callback) {
});
next();
},
], callback);
], function (err) {
if (err) {
return setTimeout(function () {
callback(err);
}, 2500);
}
callback();
});
};
SocketUser.emailExists = function (socket, data, callback) {

0 comments on commit fb42862

Please sign in to comment.