VSinerva/freesewing
1
0
Fork 0
Code Activity

Merge pull request #5467 from freesewing/joost

Browse source 
fix(backend): Allow Oauth login without consent. Fixes #5433"
This commit is contained in:
Joost De Cock 2023-11-12 12:28:24 +01:00 committed by GitHub
commit a60b1fedbe
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
sites/backend/src/models/user.mjs
View file

@ -121,7 +121,7 @@ UserModel.prototype.oauthSignIn = async function ({ body }) {
/* /*
* Final check for account status and other things before returning * Final check for account status and other things before returning
*/ */
const [ok, err, status] = this.isOk() const [ok, err, status] = this.isOk(401, 'signInFailed', true)
if (ok === true) return this.signInOk() if (ok === true) return this.signInOk()
else return this.setResponse(status, err) else return this.setResponse(status, err)
} }
@ -1518,7 +1518,7 @@ UserModel.prototype.guardedMfaUpdate = async function ({ body, user, ip }) {
this.clear.mfaSecret, this.clear.mfaSecret,
this.clear.data.mfaScratchCodes this.clear.data.mfaScratchCodes
) )
let result, mfaScratchCodes let result
if (Array.isArray(check)) [result] = check if (Array.isArray(check)) [result] = check
else result = check else result = check
if (result) { if (result) {
@ -1556,7 +1556,7 @@ UserModel.prototype.guardedMfaUpdate = async function ({ body, user, ip }) {
* Verify secret and token * Verify secret and token
*/ */
const check = await this.mfa.verify(body.token, this.clear.mfaSecret, false) const check = await this.mfa.verify(body.token, this.clear.mfaSecret, false)
let result, mfaScratchCodes let result
if (Array.isArray(check)) [result] = check if (Array.isArray(check)) [result] = check
else result = check else result = check
if (body.secret === this.clear.mfaSecret && result) { if (body.secret === this.clear.mfaSecret && result) {
@ -1819,7 +1819,7 @@ UserModel.prototype.isOk = function (
if ( if (
this.exists && this.exists &&
this.record && this.record &&
this.record.status > 0 && (allowWithoutConsent || this.record.status > 0) &&
(allowWithoutConsent || this.record.consent > 0) && (allowWithoutConsent || this.record.consent > 0) &&
this.record.role && this.record.role &&
this.record.role !== 'blocked' this.record.role !== 'blocked'
@ -1828,7 +1828,7 @@ UserModel.prototype.isOk = function (
if (!this.exists) return [false, 'noSuchUser', 404] if (!this.exists) return [false, 'noSuchUser', 404]
if (this.record.consent < 1 && !allowWithoutConsent) return [false, 'consentLacking', 451] if (this.record.consent < 1 && !allowWithoutConsent) return [false, 'consentLacking', 451]
if (this.record.status < 1) return [false, 'statusLacking', 403] if (this.record.status < 1 && !allowWithoutConsent) return [false, 'statusLacking', 403]
if (this.record.role === 'blocked') return [false, 'accountBlocked', 403] if (this.record.role === 'blocked') return [false, 'accountBlocked', 403]
return [false, failMsg, failStatus] return [false, failMsg, failStatus]