apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[FIX] Allow deletion of own account for passwordless accounts (e.g. OAUTH) (#21119)

Browse Source
pull/21695/head
wolbernd 5 years ago committed by GitHub
parent e7820cca6d
commit d7f586f386
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      app/lib/server/methods/deleteUserOwnAccount.js
  2. 1
      client/views/account/AccountProfilePage.js

3
app/lib/server/methods/deleteUserOwnAccount.js
Unescape View File

@ -1,6 +1,7 @@
import { Meteor } from 'meteor/meteor';
import { check } from 'meteor/check';
import { Accounts } from 'meteor/accounts-base';
import { SHA256 } from 'meteor/sha';
import s from 'underscore.string';
import { settings } from '../../../settings';
@ -34,7 +35,7 @@ Meteor.methods({
if (result.error) {
throw new Meteor.Error('error-invalid-password', 'Invalid password', { method: 'deleteUserOwnAccount' });
}
} else if (user.username !== s.trim(password)) {
} else if (SHA256(user.username) !== s.trim(password)) {
throw new Meteor.Error('error-invalid-username', 'Invalid username', { method: 'deleteUserOwnAccount' });
}

1
client/views/account/AccountProfilePage.js
Unescape View File

@ -231,7 +231,6 @@ const AccountProfilePage = () => {
onCancel={closeModal}
title={title}
text={t('If_you_are_sure_type_in_your_username')}
isPassword
/>
));
}, [closeModal, deleteOwnAccount, dispatchToastMessage, erasureType, localPassword, t, setModal]);

Write Preview
Loading…
Cancel
Save