diff options
| author | gumi <git@gumi.ca> | 2020-03-02 21:10:38 -0500 |
|---|---|---|
| committer | gumi <git@gumi.ca> | 2020-03-02 21:10:38 -0500 |
| commit | e2f09515fccde8b16c3dc34a1f6e866a8a7ecfe0 (patch) | |
| tree | 702be7cf20d743670c7c4b6e4561ecc3ab319ef4 | |
| parent | 2c25f53ddf418bdedd94c6142b03c80e49fc584d (diff) | |
| download | api-e2f09515fccde8b16c3dc34a1f6e866a8a7ecfe0.tar.gz api-e2f09515fccde8b16c3dc34a1f6e866a8a7ecfe0.tar.bz2 api-e2f09515fccde8b16c3dc34a1f6e866a8a7ecfe0.tar.xz api-e2f09515fccde8b16c3dc34a1f6e866a8a7ecfe0.zip | |
hotfix
| -rw-r--r-- | src/routers/vault/middlewares/identity.js | 29 | ||||
| -rw-r--r-- | src/routers/vault/middlewares/legacy/account.js | 3 |
2 files changed, 26 insertions, 6 deletions
diff --git a/src/routers/vault/middlewares/identity.js b/src/routers/vault/middlewares/identity.js index acd1574..b95d6e0 100644 --- a/src/routers/vault/middlewares/identity.js +++ b/src/routers/vault/middlewares/identity.js @@ -106,21 +106,28 @@ const add_identity = async (req, res, next) => { await Claim.claim_accounts(req, ident.email, ident.vault); - for (const [key, session] of req.app.locals.session) { - if (session.vault === ident.vault && session.authenticated) { - session.identities.push({ + let session = null; + for (const [key, sess] of req.app.locals.session) { + if (sess.vault === ident.vault && sess.authenticated) { + sess.identities.push({ // TODO: make this a class! id: newIdent.id, email: newIdent.email, added: newIdent.addedDate, primary: false, }); + session = sess; break; } } req.app.locals.identity_pending.delete(validate); - console.info(`Vault.identity: added a new identity {${session.vault}} [${req.ip}]`); + + if (session !== null) { + console.info(`Vault.identity: added a new identity {${session.vault}} [${req.ip}]`); + } else { + console.info(`Vault.identity: added a new identity [${req.ip}]`); + } res.status(201).json({ status: "success", @@ -173,6 +180,17 @@ const add_identity = async (req, res, next) => { return; } + for (const [key, pending] of identity_pending) { + if (pending.vault === session.vault && pending.email === req.body.email) { + res.status(425).json({ + status: "error", + error: "already pending", + }); + req.app.locals.cooldown(req, 60e4); + return; + } + } + const find = await req.app.locals.vault.identity.findOne({ where: {email: req.body.email} }); @@ -224,7 +242,8 @@ const add_identity = async (req, res, next) => { res.status(200).json({ status: "success" }); - req.app.locals.cooldown(req, 6e4); + // TODO: split request and validation so that request has a cooldown of 6e4 + req.app.locals.cooldown(req, 5e3); }; const update_identity = async (req, res, next) => { diff --git a/src/routers/vault/middlewares/legacy/account.js b/src/routers/vault/middlewares/legacy/account.js index 14ecbe1..25cdac7 100644 --- a/src/routers/vault/middlewares/legacy/account.js +++ b/src/routers/vault/middlewares/legacy/account.js @@ -372,8 +372,9 @@ const migrate = async (req, res, next) => { continue; } + let evol_char; try { - const evol_char = await req.app.locals.evol.char.create({ + evol_char = await req.app.locals.evol.char.create({ name: char.name, charNum: num, accountId: evol_acc.accountId, |