summaryrefslogtreecommitdiffstats
path: root/server/api/authentication.js
diff options
context:
space:
mode:
authorJannik Schönartz2019-02-26 03:46:36 +0100
committerJannik Schönartz2019-02-26 03:46:36 +0100
commitcf1b40542c41b3c78e83650e4e73e596c85ff160 (patch)
treed10d2f5061815e95fc56e43f1675eb127416e255 /server/api/authentication.js
parent[webapp/groups] fix wrong tabbar color (diff)
downloadbas-cf1b40542c41b3c78e83650e4e73e596c85ff160.tar.gz
bas-cf1b40542c41b3c78e83650e4e73e596c85ff160.tar.xz
bas-cf1b40542c41b3c78e83650e4e73e596c85ff160.zip
[account] Fix for the changePassword method
User upadate changes didn't hashed the new password correctly changePassword from promises reworked to async / await (much cleaner) Check weather the usertable is empty is now a get request and not mixed in the post request
Diffstat (limited to 'server/api/authentication.js')
-rw-r--r--server/api/authentication.js13
1 files changed, 10 insertions, 3 deletions
diff --git a/server/api/authentication.js b/server/api/authentication.js
index 18158ce..60b04f9 100644
--- a/server/api/authentication.js
+++ b/server/api/authentication.js
@@ -5,6 +5,14 @@ var express = require('express')
var noAuthRouter = express.Router()
var authentication = require(path.join(__appdir, 'lib', 'authentication'))
+// Setup method for checking if setup is possible.
+noAuthRouter.get('/setup', (req, res) => {
+ db.user.findAll().then(users => {
+ if (users.length > 0) res.status(403).send({ status: 'USERTABLE_NOT_EMPTY', error_message: 'The user table is not empty, unauthorized creation is forbidden.' })
+ else res.send({ status: 'SUCCESS' })
+ })
+})
+
noAuthRouter.post('/token', (req, res) => {
authentication.loginToken(req, res)
})
@@ -20,9 +28,8 @@ noAuthRouter.post('/logout', (req, res) => {
// Setup method for creating the initial root account.
noAuthRouter.post('/setup', (req, res) => {
db.user.findAll().then(users => {
- if (users.length > 0) res.status(500).send({ status: 'USERTABLE_NOT_EMPTY', error_message: 'The user table is not empty, unauthorized creation is forbidden.' })
- else if (req.body.username) return authentication.signup(req, res)
- else res.send({ status: 'SUCCESS' })
+ if (users.length > 0) res.status(403).send({ status: 'USERTABLE_NOT_EMPTY', error_message: 'The user table is not empty, unauthorized creation is forbidden.' })
+ else authentication.signup(req, res)
})
})