krgamestudios/auth-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Hopefully plugged an undefined username hole

Browse Source
This commit is contained in:
Kayne Ruse
2021-04-28 21:00:48 +10:00
parent e141583f91
commit 768352b804
11 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/admin/ban-user.js
+2 -2
View File
@@ -9,7 +9,7 @@ const route = async (req, res) => {
}, {
where: {
username: {
[Op.eq]: req.body.username
[Op.eq]: req.body.username || ''
},
admin: {
[Op.not]: true
@@ -27,7 +27,7 @@ const route = async (req, res) => {
//forcibly logout
tokens.destroy({
where: {
username: req.body.username
username: req.body.username || ''
}
});
server/admin/grant-admin.js
+1 -1
View File
@@ -10,7 +10,7 @@ const route = async (req, res) => {
}, {
where: {
username: {
[Op.eq]: req.body.username
[Op.eq]: req.body.username || ''
}
}
});
server/admin/grant-mod.js
+1 -1
View File
@@ -9,7 +9,7 @@ const route = async (req, res) => {
}, {
where: {
username: {
[Op.eq]: req.body.username
[Op.eq]: req.body.username || ''
}
}
});
server/admin/index.js
+1 -1
View File
@@ -12,7 +12,7 @@ router.use(tokenAuth);
router.use(async (req, res, next) => {
const record = await accounts.findOne({
where: {
username: req.user.username
username: req.user.username || ''
}
});
server/admin/remove-admin.js
+1 -1
View File
@@ -9,7 +9,7 @@ const route = async (req, res) => {
}, {
where: {
username: {
[Op.eq]: req.body.username
[Op.eq]: req.body.username || ''
}
}
});
server/admin/remove-mod.js
+1 -1
View File
@@ -10,7 +10,7 @@ const route = async (req, res) => {
}, {
where: {
username: {
[Op.eq]: req.body.username
[Op.eq]: req.body.username || ''
}
}
});
server/auth/index.js
+1 -1
View File
@@ -20,7 +20,7 @@ router.use(tokenAuth);
router.use(async (req, res, next) => {
const record = await accounts.findOne({
where: {
username: req.user.username
username: req.user.username || ''
}
});
server/auth/login.js
+1 -1
View File
@@ -19,7 +19,7 @@ const route = async (req, res) => {
//get the existing account
const account = await accounts.findOne({
where: {
email: req.body.email
email: req.body.email || ''
}
});
server/auth/signup.js
+1 -1
View File
@@ -70,7 +70,7 @@ const validateDetails = async (body) => {
//check for existing username
const usernameRecord = await accounts.findOne({
where: {
username: body.username
username: body.username || ''
}
});
server/auth/validation.js
+2 -2
View File
@@ -5,7 +5,7 @@ const route = async (req, res) => {
//get the existing pending signup
const info = await pendingSignups.findOne({
where: {
username: req.query.username
username: req.query.username || ''
}
});
@@ -29,7 +29,7 @@ const route = async (req, res) => {
//delete the pending signup
pendingSignups.destroy({
where: {
username: req.query.username
username: req.query.username || ''
}
});
server/utilities/validate-username.js
+2 -2
View File
@@ -6,11 +6,11 @@ module.exports = username => {
if (username.length < 8 && username.length > 100) {
return false;
}
if (!isAlpha(username)) {
return false;
}
return true;
}