added a new property to userData "hasPassword", disabling "current password" field in user editing if no password is set (for SSO logins, for example)

2025-10-31 19:15:58 +01:00 · 2014-03-06 15:32:06 -05:00
parent 4a1513eabf
commit e9e53ad95e
3 changed files with 19 additions and 10 deletions
--- a/public/src/forum/accountedit.js
+++ b/public/src/forum/accountedit.js
@@ -189,8 +189,7 @@ define(['forum/accountheader', 'uploader'], function(header, uploader) {
 			password_confirm.on('blur', onPasswordConfirmChanged);

 			$('#changePasswordBtn').on('click', function() {
-
-				if (passwordvalid && passwordsmatch && (currentPassword.val() || app.isAdmin)) {
+				if ((passwordvalid && passwordsmatch) || app.isAdmin) {
 					socket.emit('user.changePassword', {
 						'currentPassword': currentPassword.val(),
 						'newPassword': password.val(),
--- a/public/templates/accountedit.tpl
+++ b/public/templates/accountedit.tpl
@@ -115,7 +115,7 @@
 					<div class="control-group">
 						<label class="control-label" for="inputCurrentPassword">[[user:current_password]]</label>
 						<div class="controls">
-							<input class="form-control" type="password" id="inputCurrentPassword" placeholder="Current Password" value="">
+							<input class="form-control" type="password" id="inputCurrentPassword" placeholder="Current Password" value=""<!-- IF !hasPassword --> disabled<!-- ENDIF !hasPassword-->>
 						</div>
 					</div>

--- a/src/user.js
+++ b/src/user.js
@@ -185,8 +185,13 @@ var bcrypt = require('bcryptjs'),
 				return callback(err);
 			}

-			if (data && data.password) {
+			if (data) {
+				if (data.password) {
 					delete data.password;
+					data.hasPassword = true;
+				} else {
+					data.hasPassword = false;
+				}
 			}
 			callback(err, data);
 		});
@@ -467,6 +472,7 @@ var bcrypt = require('bcryptjs'),
 					return callback(err);
 				}

+				if (currentPassword !== null) {
 					bcrypt.compare(data.currentPassword, currentPassword, function(err, res) {
 						if (err || !res) {
 							return callback(err || new Error('Your current password is not correct!'));
@@ -474,6 +480,10 @@ var bcrypt = require('bcryptjs'),

 						hashAndSetPassword(callback);
 					});
+				} else {
+					// No password in account (probably SSO login)
+					hashAndSetPassword(callback);
+				}
 			});
 		}
 	};