1 files changed, 19 insertions, 1 deletions
diff --git a/server/helpers/middlewares/accounts.ts b/server/helpers/middlewares/accounts.ts
index 29b4ed1a6..9be80167c 100644
--- a/server/helpers/middlewares/accounts.ts
+++ b/server/helpers/middlewares/accounts.ts
@@ -2,6 +2,7 @@ import { Response } from 'express'
 import { AccountModel } from '../../models/account/account'
 import * as Bluebird from 'bluebird'
 import { MAccountDefault } from '../../types/models'
+import { UserModel } from '@server/models/account/user'
 function doesAccountIdExist (id: number | string, res: Response, sendNotFound = true) {
  const promise = AccountModel.load(parseInt(id + '', 10))
@@ -39,11 +40,28 @@ async function doesAccountExist (p: Bluebird<MAccountDefault>, res: Response, se
  return true
 }
+async function doesUserFeedTokenCorrespond (id: number | string, token: string, res: Response) {
+  const user = await UserModel.loadById(parseInt(id + '', 10))
+  if (token !== user.feedToken) {
+    res.status(401)
+       .send({ error: 'User and token mismatch' })
+       .end()
+    return false
+  }
+  res.locals.user = user
+  return true
+}
 // ---------------------------------------------------------------------------
 export {
  doesAccountIdExist,
  doesLocalAccountNameExist,
  doesAccountNameWithHostExist,
-  doesAccountExist
+  doesAccountExist,
+  doesUserFeedTokenCorrespond
 }

diff --git a/server/helpers/middlewares/accounts.ts b/server/helpers/middlewares/accounts.ts index 29b4ed1a6..9be80167c 100644 --- a/server/helpers/middlewares/accounts.ts +++ b/server/helpers/middlewares/accounts.ts
@@ -2,6 +2,7 @@ import { Response } from 'express'
2	import { AccountModel } from '../../models/account/account'	2	import { AccountModel } from '../../models/account/account'
3	import * as Bluebird from 'bluebird'	3	import * as Bluebird from 'bluebird'
4	import { MAccountDefault } from '../../types/models'	4	import { MAccountDefault } from '../../types/models'
		5	import { UserModel } from '@server/models/account/user'
5		6
6	function doesAccountIdExist (id: number \| string, res: Response, sendNotFound = true) {	7	function doesAccountIdExist (id: number \| string, res: Response, sendNotFound = true) {
7	const promise = AccountModel.load(parseInt(id + '', 10))	8	const promise = AccountModel.load(parseInt(id + '', 10))
@@ -39,11 +40,28 @@ async function doesAccountExist (p: Bluebird<MAccountDefault>, res: Response, se
39	return true	40	return true
40	}	41	}
41		42
		43	async function doesUserFeedTokenCorrespond (id: number \| string, token: string, res: Response) {
		44	const user = await UserModel.loadById(parseInt(id + '', 10))
		45
		46	if (token !== user.feedToken) {
		47	res.status(401)
		48	.send({ error: 'User and token mismatch' })
		49	.end()
		50
		51	return false
		52	}
		53
		54	res.locals.user = user
		55
		56	return true
		57	}
		58
42	// ---------------------------------------------------------------------------	59	// ---------------------------------------------------------------------------
43		60
44	export {	61	export {
45	doesAccountIdExist,	62	doesAccountIdExist,
46	doesLocalAccountNameExist,	63	doesLocalAccountNameExist,
47	doesAccountNameWithHostExist,	64	doesAccountNameWithHostExist,
48	doesAccountExist	65	doesAccountExist,
		66	doesUserFeedTokenCorrespond
49	}	67	}