Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-12-19 23:10:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: banned-users group

Browse Source
This commit is contained in:
gasoved
2020-12-14 09:20:41 +03:00
committed by Julian Lam
parent 389690c3fa
commit 53e0d4d2e0
24 changed files with 350 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/controllers/authentication.js
View File

@@ -382,24 +382,25 @@ authenticationController.localLogin = async function (req, username, password, n
const userslug = slugify(username);
const uid = await user.getUidByUserslug(userslug);
try {
const [userData, isAdminOrGlobalMod, banned, hasLoginPrivilege] = await Promise.all([
const [userData, isAdminOrGlobalMod, canLoginIfBanned] = await Promise.all([
user.getUserFields(uid, ['uid', 'passwordExpiry']),
user.isAdminOrGlobalMod(uid),
user.bans.isBanned(uid),
privileges.global.can('local:login', uid),
user.bans.canLoginIfBanned(uid),
]);
userData.isAdminOrGlobalMod = isAdminOrGlobalMod;
if (parseInt(uid, 10) && !hasLoginPrivilege) {
return next(new Error('[[error:local-login-disabled]]'));
}
if (banned) {
if (!canLoginIfBanned) {
const banMesage = await getBanInfo(uid);
return next(new Error(banMesage));
}
// Doing this after the ban check, because user's privileges might change after a ban expires
const hasLoginPrivilege = await privileges.global.can('local:login', uid);
if (parseInt(uid, 10) && !hasLoginPrivilege) {
return next(new Error('[[error:local-login-disabled]]'));
}
const passwordMatch = await user.isPasswordCorrect(uid, password, req.ip);
if (!passwordMatch) {
return next(new Error('[[error:invalid-login-credentials]]'));