diff options
| author | Mar0xy <marie@kaifa.ch> | 2023-09-26 02:26:30 +0200 |
|---|---|---|
| committer | Mar0xy <marie@kaifa.ch> | 2023-09-26 02:26:30 +0200 |
| commit | 8595a325ceb24e5a3e2710c2dc78d821f45181bd (patch) | |
| tree | afbce0c498dfd3b324dc30c8dfba847d07117c6a /packages/backend/src/server/api/endpoints/i/delete-account.ts | |
| parent | fix: expiredafter time on poll (diff) | |
| parent | build(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#11900) (diff) | |
| download | sharkey-8595a325ceb24e5a3e2710c2dc78d821f45181bd.tar.gz sharkey-8595a325ceb24e5a3e2710c2dc78d821f45181bd.tar.bz2 sharkey-8595a325ceb24e5a3e2710c2dc78d821f45181bd.zip | |
merge: upstream
Diffstat (limited to 'packages/backend/src/server/api/endpoints/i/delete-account.ts')
| -rw-r--r-- | packages/backend/src/server/api/endpoints/i/delete-account.ts | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/packages/backend/src/server/api/endpoints/i/delete-account.ts b/packages/backend/src/server/api/endpoints/i/delete-account.ts index 7c96d94706..e0b40db917 100644 --- a/packages/backend/src/server/api/endpoints/i/delete-account.ts +++ b/packages/backend/src/server/api/endpoints/i/delete-account.ts @@ -10,6 +10,7 @@ import type { UsersRepository, UserProfilesRepository } from '@/models/_.js'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { DeleteAccountService } from '@/core/DeleteAccountService.js'; import { DI } from '@/di-symbols.js'; +import { UserAuthService } from '@/core/UserAuthService.js'; export const meta = { requireCredential: true, @@ -21,6 +22,7 @@ export const paramDef = { type: 'object', properties: { password: { type: 'string' }, + token: { type: 'string', nullable: true }, }, required: ['password'], } as const; @@ -34,19 +36,32 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint- @Inject(DI.userProfilesRepository) private userProfilesRepository: UserProfilesRepository, + private userAuthService: UserAuthService, private deleteAccountService: DeleteAccountService, ) { super(meta, paramDef, async (ps, me) => { + const token = ps.token; const profile = await this.userProfilesRepository.findOneByOrFail({ userId: me.id }); + + if (profile.twoFactorEnabled) { + if (token == null) { + throw new Error('authentication failed'); + } + + try { + await this.userAuthService.twoFactorAuthenticate(profile, token); + } catch (e) { + throw new Error('authentication failed'); + } + } + const userDetailed = await this.usersRepository.findOneByOrFail({ id: me.id }); if (userDetailed.isDeleted) { return; } - // Compare password - const same = await argon2.verify(profile.password!, ps.password); - - if (!same) { + const passwordMatched = await argon2.verify(profile.password!, ps.password); + if (!passwordMatched) { throw new Error('incorrect password'); } |