From e2f09515fccde8b16c3dc34a1f6e866a8a7ecfe0 Mon Sep 17 00:00:00 2001
From: gumi <git@gumi.ca>
Date: Mon, 2 Mar 2020 21:10:38 -0500
Subject: hotfix

---
 src/routers/vault/middlewares/identity.js       | 29 ++++++++++++++++++++-----
 src/routers/vault/middlewares/legacy/account.js |  3 ++-
 2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/src/routers/vault/middlewares/identity.js b/src/routers/vault/middlewares/identity.js
index acd1574..b95d6e0 100644
--- a/src/routers/vault/middlewares/identity.js
+++ b/src/routers/vault/middlewares/identity.js
@@ -106,21 +106,28 @@ const add_identity = async (req, res, next) => {
 
         await Claim.claim_accounts(req, ident.email, ident.vault);
 
-        for (const [key, session] of req.app.locals.session) {
-            if (session.vault === ident.vault && session.authenticated) {
-                session.identities.push({
+        let session = null;
+        for (const [key, sess] of req.app.locals.session) {
+            if (sess.vault === ident.vault && sess.authenticated) {
+                sess.identities.push({
                     // TODO: make this a class!
                     id: newIdent.id,
                     email: newIdent.email,
                     added: newIdent.addedDate,
                     primary: false,
                 });
+                session = sess;
                 break;
             }
         }
 
         req.app.locals.identity_pending.delete(validate);
-        console.info(`Vault.identity: added a new identity {${session.vault}} [${req.ip}]`);
+
+        if (session !== null) {
+            console.info(`Vault.identity: added a new identity {${session.vault}} [${req.ip}]`);
+        } else {
+            console.info(`Vault.identity: added a new identity [${req.ip}]`);
+        }
 
         res.status(201).json({
             status: "success",
@@ -173,6 +180,17 @@ const add_identity = async (req, res, next) => {
         return;
     }
 
+    for (const [key, pending] of identity_pending) {
+        if (pending.vault === session.vault && pending.email === req.body.email) {
+            res.status(425).json({
+                status: "error",
+                error: "already pending",
+            });
+            req.app.locals.cooldown(req, 60e4);
+            return;
+        }
+    }
+
     const find = await req.app.locals.vault.identity.findOne({
         where: {email: req.body.email}
     });
@@ -224,7 +242,8 @@ const add_identity = async (req, res, next) => {
     res.status(200).json({
         status: "success"
     });
-    req.app.locals.cooldown(req, 6e4);
+    // TODO: split request and validation so that request has a cooldown of 6e4
+    req.app.locals.cooldown(req, 5e3);
 };
 
 const update_identity = async (req, res, next) => {
diff --git a/src/routers/vault/middlewares/legacy/account.js b/src/routers/vault/middlewares/legacy/account.js
index 14ecbe1..25cdac7 100644
--- a/src/routers/vault/middlewares/legacy/account.js
+++ b/src/routers/vault/middlewares/legacy/account.js
@@ -372,8 +372,9 @@ const migrate = async (req, res, next) => {
             continue;
         }
 
+        let evol_char;
         try {
-            const evol_char = await req.app.locals.evol.char.create({
+            evol_char = await req.app.locals.evol.char.create({
                 name: char.name,
                 charNum: num,
                 accountId: evol_acc.accountId,
-- 
cgit v1.2.3-60-g2f50