Make require password to update email
This commit is contained in:
parent
48d0e2fa5f
commit
22e30b44b9
@ -26,6 +26,7 @@ common:
|
||||
close: "閉じる"
|
||||
do-not-copy-paste: "ここにコードを入力したり張り付けたりしないでください。アカウントが不正利用される可能性があります。"
|
||||
load-more: "もっと読み込む"
|
||||
enter-password: "パスワードを入力してください"
|
||||
|
||||
got-it: "わかった"
|
||||
customization-tips:
|
||||
|
@ -218,8 +218,14 @@ export default Vue.extend({
|
||||
},
|
||||
|
||||
updateEmail() {
|
||||
this.$root.api('i/update_email', {
|
||||
email: this.email == '' ? null : this.email
|
||||
this.$input({
|
||||
title: this.$t('@.enter-password'),
|
||||
type: 'password'
|
||||
}).then(password => {
|
||||
this.$root.api('i/update_email', {
|
||||
password: password,
|
||||
email: this.email == '' ? null : this.email
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
@ -7,6 +7,7 @@ import fetchMeta from '../../../../misc/fetch-meta';
|
||||
import rndstr from 'rndstr';
|
||||
import config from '../../../../config';
|
||||
const ms = require('ms');
|
||||
import * as bcrypt from 'bcryptjs';
|
||||
|
||||
export const meta = {
|
||||
requireCredential: true,
|
||||
@ -19,6 +20,10 @@ export const meta = {
|
||||
},
|
||||
|
||||
params: {
|
||||
password: {
|
||||
validator: $.str
|
||||
},
|
||||
|
||||
email: {
|
||||
validator: $.str.optional.nullable
|
||||
},
|
||||
@ -26,6 +31,13 @@ export const meta = {
|
||||
};
|
||||
|
||||
export default define(meta, (ps, user) => new Promise(async (res, rej) => {
|
||||
// Compare password
|
||||
const same = await bcrypt.compare(ps.password, user.password);
|
||||
|
||||
if (!same) {
|
||||
return rej('incorrect password');
|
||||
}
|
||||
|
||||
await User.update(user._id, {
|
||||
$set: {
|
||||
email: ps.email,
|
||||
|
Loading…
Reference in New Issue
Block a user