rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-03-02 10:57:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ask for password before resetting settings

Browse Source
This commit is contained in:
Cohee 2024-04-10 22:34:51 +03:00
parent 2306a4e34d
commit 01a4aa51f7
5 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
public/scripts/login.js
View File

@ -263,4 +263,13 @@ function configureDiscreetLogin() {
}
document.getElementById('shadow_popup').style.opacity = '';
$('#cancelRecovery').on('click', onCancelRecoveryClick);
$(document).on('keydown', (evt) => {
if (evt.key === 'Enter' && document.activeElement.tagName === 'INPUT') {
if ($('#passwordRecoveryBlock').is(':visible')) {
$('#sendRecovery').trigger('click');
} else {
$('#loginButton').trigger('click');
}
}
});
})();

5
public/scripts/templates/resetSettings.html
View File

@ -5,4 +5,9 @@
<div data-i18n="Don't forget to save a snapshot of your settings before proceeding.">
Don't forget to save a snapshot of your settings before proceeding.
</div>
<hr>
<div>
Enter your password below to confirm:
</div>
<input id="resetSettingsPassword" name="password" type="password" class="text_pole" placeholder="Password">
</div>

6
public/scripts/user.js
View File

@ -364,7 +364,11 @@ async function deleteUser(handle, callback) {
*/
async function resetSettings(handle, callback) {
try {
let password = '';
const template = $(renderTemplate('resetSettings'));
template.find('input[name="password"]').on('input', function () {
password = String($(this).val());
});
const result = await callGenericPopup(template, POPUP_TYPE.CONFIRM, '', { okButton: 'Reset', cancelButton: 'Cancel', wide: false, large: false });
if (result !== POPUP_RESULT.AFFIRMATIVE) {
@ -374,7 +378,7 @@ async function resetSettings(handle, callback) {
const response = await fetch('/api/users/reset-settings', {
method: 'POST',
headers: getRequestHeaders(),
body: JSON.stringify({ handle }),
body: JSON.stringify({ handle, password }),
});
if (!response.ok) {

2
src/endpoints/users-admin.js
View File

@ -157,7 +157,7 @@ router.post('/create', requireAdminMiddleware, jsonParser, async (request, respo
}
const handles = await getAllUserHandles();
const handle = slugify(request.body.handle, { lower: true, trim: true, remove: /[^a-z0-9-]/g });
const handle = slugify(String(request.body.handle).toLowerCase(), { lower: true, trim: true, remove: /[^a-z0-9-]/g });
if (!handle) {
console.log('Create user failed: Invalid handle');

7
src/endpoints/users-private.js
View File

@ -117,6 +117,13 @@ router.post('/backup', jsonParser, async (request, response) => {
router.post('/reset-settings', jsonParser, async (request, response) => {
try {
const password = request.body.password;
if (request.user.profile.password && request.user.profile.password !== getPasswordHash(password, request.user.profile.salt)) {
console.log('Reset settings failed: Incorrect password');
return response.status(401).json({ error: 'Incorrect password' });
}
const pathToFile = path.join(request.user.directories.root, SETTINGS_FILE);
await fsPromises.rm(pathToFile, { force: true });
await contentManager.checkForNewContent([request.user.directories], [contentManager.CONTENT_TYPES.SETTINGS]);