rixty/SillyTavern
1
0
Fork 0
mirror of https://github.com/SillyTavern/SillyTavern.git synced 2025-06-05 21:59:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ask for password before resetting settings

Browse Source
This commit is contained in:
Cohee
2024-04-10 22:34:51 +03:00
parent 2306a4e34d
commit 01a4aa51f7
5 changed files with 27 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/endpoints/users-admin.js
View File

@@ -157,7 +157,7 @@ router.post('/create', requireAdminMiddleware, jsonParser, async (request, respo
}
const handles = await getAllUserHandles();
const handle = slugify(request.body.handle, { lower: true, trim: true, remove: /[^a-z0-9-]/g });
const handle = slugify(String(request.body.handle).toLowerCase(), { lower: true, trim: true, remove: /[^a-z0-9-]/g });
if (!handle) {
console.log('Create user failed: Invalid handle');

7
src/endpoints/users-private.js
View File

@@ -117,6 +117,13 @@ router.post('/backup', jsonParser, async (request, response) => {
router.post('/reset-settings', jsonParser, async (request, response) => {
try {
const password = request.body.password;
if (request.user.profile.password && request.user.profile.password !== getPasswordHash(password, request.user.profile.salt)) {
console.log('Reset settings failed: Incorrect password');
return response.status(401).json({ error: 'Incorrect password' });
}
const pathToFile = path.join(request.user.directories.root, SETTINGS_FILE);
await fsPromises.rm(pathToFile, { force: true });
await contentManager.checkForNewContent([request.user.directories], [contentManager.CONTENT_TYPES.SETTINGS]);