diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/users.ts | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 840b9fc74..3bdbcdf6a 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -234,14 +234,19 @@ const usersUpdateMeValidator = [ | |||
234 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 234 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
235 | logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') }) | 235 | logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') }) |
236 | 236 | ||
237 | const user = res.locals.oauth.token.User | ||
238 | |||
237 | if (req.body.password || req.body.email) { | 239 | if (req.body.password || req.body.email) { |
240 | if (user.pluginAuth !== null) { | ||
241 | return res.status(400) | ||
242 | .json({ error: 'You cannot update your email or password that is associated with an external auth system.' }) | ||
243 | } | ||
244 | |||
238 | if (!req.body.currentPassword) { | 245 | if (!req.body.currentPassword) { |
239 | return res.status(400) | 246 | return res.status(400) |
240 | .json({ error: 'currentPassword parameter is missing.' }) | 247 | .json({ error: 'currentPassword parameter is missing.' }) |
241 | .end() | ||
242 | } | 248 | } |
243 | 249 | ||
244 | const user = res.locals.oauth.token.User | ||
245 | if (await user.isPasswordMatch(req.body.currentPassword) !== true) { | 250 | if (await user.isPasswordMatch(req.body.currentPassword) !== true) { |
246 | return res.status(401) | 251 | return res.status(401) |
247 | .json({ error: 'currentPassword is invalid.' }) | 252 | .json({ error: 'currentPassword is invalid.' }) |