Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-28 17:46:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

check password validity in user delete socket call

Browse Source
This commit is contained in:
Julian Lam
2018-07-03 16:38:51 -04:00
parent cb8e62cd7c
commit fb42862ec7
2 changed files with 17 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/socket.io/user.js
View File

@@ -36,6 +36,11 @@ SocketUser.deleteAccount = function (socket, data, callback) {
}
async.waterfall([
function (next) {
user.isPasswordCorrect(socket.uid, data.password, function (err, ok) {
next(err || !ok ? new Error('[[error:invalid-password]]') : undefined);
});
},
function (next) {
user.isAdministrator(socket.uid, next);
},
@@ -56,7 +61,15 @@ SocketUser.deleteAccount = function (socket, data, callback) {
});
next();
},
], callback);
], function (err) {
if (err) {
return setTimeout(function () {
callback(err);
}, 2500);
}
callback();
});
};
SocketUser.emailExists = function (socket, data, callback) {