Moved the changepassword function to the bottom so that it's under authentication, made it actually change the password, make it && instead of || so it doesn't cause the glitch stated in the last commit
This commit is contained in:
parent
bbd2ea7daa
commit
cda77cd3b9
45
main.go
45
main.go
|
@ -419,7 +419,7 @@ func main() {
|
|||
|
||||
enableAPIVersion2 := false
|
||||
enableAPIVersion1 := false
|
||||
version1PasswordChange := data["passwordchange"].(string)
|
||||
version1PasswordChange := data["newpass"].(string)
|
||||
versionCheck := c.GetHeader("X-Burgernotes-Version")
|
||||
if versionCheck != "" {
|
||||
versionCheckInt, err := strconv.Atoi(versionCheck)
|
||||
|
@ -452,27 +452,6 @@ func main() {
|
|||
return
|
||||
}
|
||||
|
||||
if enableAPIVersion1 || version1PasswordChange != "no" {
|
||||
salt, err := genSalt(16)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login genSalt() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-SALT"})
|
||||
return
|
||||
}
|
||||
hashedPassword, err := hash(version1PasswordChange, salt)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login hash() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-HASH"})
|
||||
return
|
||||
}
|
||||
_, err = conn.Exec("UPDATE users SET password = ? WHERE id = ?", hashedPassword, userid)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login Exec() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-DBUPDATE"})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if enableAPIVersion2 || enableAPIVersion1 {
|
||||
_, _, hashedPasswd, err := getUser(userid)
|
||||
if err != nil {
|
||||
|
@ -524,6 +503,28 @@ func main() {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
if enableAPIVersion1 && version1PasswordChange != "null" {
|
||||
salt, err := genSalt(16)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login genSalt() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-SALT"})
|
||||
return
|
||||
}
|
||||
hashedPassword, err := hash(version1PasswordChange, salt)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login hash() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-HASH"})
|
||||
return
|
||||
}
|
||||
_, err = conn.Exec("UPDATE users SET password = ? WHERE id = ?", hashedPassword, userid)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login Exec() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
c.JSON(500, gin.H{"error": "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgernotes and refer to the documentation for more info. Your error code is: UNKNOWN-API-LOGIN-DBUPDATE"})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
token, err := genSalt(512)
|
||||
if err != nil {
|
||||
log.Println("[ERROR] Unknown in /api/login token genSalt() at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
|
||||
|
|
Loading…
Reference in New Issue