Patched some holes when poking with curl

2021-07-24 20:04:35 +10:00
parent 46ded91c41
commit c63e14ddf3
8 changed files with 49 additions and 26 deletions
@@ -3,13 +3,13 @@ const { accounts } = require('../database/models');

 //auth/update
 const route = async (req, res) => {
-	//generate the password hash
-	let hash;
-
-	if (req.body.password) {
-		hash = await bcrypt.hash(req.body.password, await bcrypt.genSalt(11));
+	if (!req.body.password) {
+		return res.status(401).end('Missing password');
 	}

+	//generate the password hash
+	let hash = await bcrypt.hash(req.body.password, await bcrypt.genSalt(11));
+
 	//update the account
 	await accounts.update({
 		contact: req.body.contact,