summaryrefslogtreecommitdiffstats
path: root/server/api/users.js
diff options
context:
space:
mode:
authorJannik Schönartz2019-02-26 10:00:29 +0100
committerJannik Schönartz2019-02-26 10:00:29 +0100
commitf4d4c1ee3725bbae32199fba99106fbd4d39d31b (patch)
treeda8b2db3afc36500afd7be327cb396916f487eb4 /server/api/users.js
parent[permissionmanager] Fix security bug: Code was executed weather the user had ... (diff)
downloadbas-f4d4c1ee3725bbae32199fba99106fbd4d39d31b.tar.gz
bas-f4d4c1ee3725bbae32199fba99106fbd4d39d31b.tar.xz
bas-f4d4c1ee3725bbae32199fba99106fbd4d39d31b.zip
[webapp/dashboard] User data now stores in the global storage & [usermanagement] fix 'username already exist' error not workling properly
Diffstat (limited to 'server/api/users.js')
-rw-r--r--server/api/users.js4
1 files changed, 4 insertions, 0 deletions
diff --git a/server/api/users.js b/server/api/users.js
index a297033..178c6fb 100644
--- a/server/api/users.js
+++ b/server/api/users.js
@@ -93,6 +93,10 @@ router.postAsync(['/', '/:id'], async (req, res) => {
let username = req.body.username
if (username && req.params.id !== 'current') {
if (!authentication.validateUsername(username)) return res.status(400).send({ auth: false, status: 'INVALID_USERNAME', error_message: 'Username does not fullfill the requirements. (No whitespaces)' })
+
+ // Check if the username already exists.
+ let userDb = await db.user.findOne({ where: { username: username, id: { $not: id } } })
+ if (userDb) return res.status(400).send({ auth: false, status: 'USER_ALREADY_EXISTS', error_message: 'The provided username already exists.' })
userinfo.username = username
}