summaryrefslogtreecommitdiff
path: root/src/routers/vault/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'src/routers/vault/middlewares')
-rw-r--r--src/routers/vault/middlewares/identity.js8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/routers/vault/middlewares/identity.js b/src/routers/vault/middlewares/identity.js
index 6f77134..e05caef 100644
--- a/src/routers/vault/middlewares/identity.js
+++ b/src/routers/vault/middlewares/identity.js
@@ -55,7 +55,12 @@ const add_identity = async (req, res, next) => {
// TODO: make an IdentityStore type similar to SessionStore and get rid of Ephemeral
const ident = req.app.locals.identity_pending.get(secret);
- if (ident === null || ident === undefined) {
+ let email;
+ try {
+ email = validate.get_email(req, res);
+ } catch { return } // already handled
+
+ if (ident === null || ident === undefined || ident.email !== email) {
res.status(410).json({
status: "error",
error: "token has expired",
@@ -106,6 +111,7 @@ const add_identity = async (req, res, next) => {
res.status(201).json({
status: "success",
+ identity: newIdent,
});
req.app.locals.cooldown(req, 6e4);
return;
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-11-16 01:19:15 +0000