Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
check password validity in user delete socket call
- Loading branch information
Showing
with
17 additions
and
14 deletions.
-
+3
−13
public/src/client/account/edit.js
-
+14
−1
src/socket.io/user.js
|
|
@@ -169,10 +169,9 @@ define('forum/account/edit', ['forum/account/header', 'translator', 'components' |
|
|
confirmBtn.html('<i class="fa fa-spinner fa-spin"></i>'); |
|
|
confirmBtn.prop('disabled', true); |
|
|
|
|
|
socket.emit('user.checkPassword', { |
|
|
uid: parseInt(ajaxify.data.uid, 10), |
|
|
socket.emit('user.deleteAccount', { |
|
|
password: $('#confirm-password').val(), |
|
|
}, function (err, ok) { |
|
|
}, function (err) { |
|
|
function restoreButton() { |
|
|
translator.translate('[[modules:bootbox.confirm]]', function (confirmText) { |
|
|
confirmBtn.text(confirmText); |
|
|
@@ -183,19 +182,10 @@ define('forum/account/edit', ['forum/account/header', 'translator', 'components' |
|
|
if (err) { |
|
|
restoreButton(); |
|
|
return app.alertError(err.message); |
|
|
} else if (!ok) { |
|
|
restoreButton(); |
|
|
return app.alertError('[[error:invalid-password]]'); |
|
|
} |
|
|
|
|
|
confirmBtn.html('<i class="fa fa-check"></i>'); |
|
|
socket.emit('user.deleteAccount', {}, function (err) { |
|
|
if (err) { |
|
|
return app.alertError(err.message); |
|
|
} |
|
|
|
|
|
window.location.href = config.relative_path + '/'; |
|
|
}); |
|
|
window.location.href = config.relative_path + '/'; |
|
|
}); |
|
|
|
|
|
return false; |
|
|
|
|
|
@@ -36,6 +36,11 @@ SocketUser.deleteAccount = function (socket, data, callback) { |
|
|
} |
|
|
|
|
|
async.waterfall([ |
|
|
function (next) { |
|
|
user.isPasswordCorrect(socket.uid, data.password, function (err, ok) { |
|
|
next(err || !ok ? new Error('[[error:invalid-password]]') : undefined); |
|
|
}); |
|
|
}, |
|
|
function (next) { |
|
|
user.isAdministrator(socket.uid, next); |
|
|
}, |
|
|
@@ -56,7 +61,15 @@ SocketUser.deleteAccount = function (socket, data, callback) { |
|
|
}); |
|
|
next(); |
|
|
}, |
|
|
], callback); |
|
|
], function (err) { |
|
|
if (err) { |
|
|
return setTimeout(function () { |
|
|
callback(err); |
|
|
}, 2500); |
|
|
} |
|
|
|
|
|
callback(); |
|
|
}); |
|
|
}; |
|
|
|
|
|
SocketUser.emailExists = function (socket, data, callback) { |
|
|
|
