summary refs log tree commit diff
path: root/api/src/routes/users/@me/delete.ts
diff options
context:
space:
mode:
Diffstat (limited to 'api/src/routes/users/@me/delete.ts')
-rw-r--r--api/src/routes/users/@me/delete.ts11
1 files changed, 6 insertions, 5 deletions
diff --git a/api/src/routes/users/@me/delete.ts b/api/src/routes/users/@me/delete.ts
index 6bfe0b93..e3b54607 100644
--- a/api/src/routes/users/@me/delete.ts
+++ b/api/src/routes/users/@me/delete.ts
@@ -1,6 +1,7 @@
 import { Router, Request, Response } from "express";
 import { Guild, Member, User } from "@fosscord/util";
 import bcrypt from "bcrypt";
+import { HTTPError } from "lambert-server";
 const router = Router();
 
 router.post("/", async (req: Request, res: Response) => {
@@ -9,16 +10,16 @@ router.post("/", async (req: Request, res: Response) => {
 
 	if (user.data.hash) {
 		// guest accounts can delete accounts without password
-		correctpass = await bcrypt.compare(req.body.password, user.data.hash); //Not sure if user typed right password :/
+		correctpass = await bcrypt.compare(req.body.password, user.data.hash);
+		if (!correctpass) {
+			throw new HTTPError(req.t("auth:login.INVALID_PASSWORD"));
+		}
 	}
 
 	// TODO: decrement guild member count
 
 	if (correctpass) {
-		await Promise.all([
-			User.delete({ id: req.user_id }), //Yeetus user deletus
-			Member.delete({ id: req.user_id })
-		]);
+		await Promise.all([User.delete({ id: req.user_id }), Member.delete({ user_id: req.user_id })]);
 
 		res.sendStatus(204);
 	} else {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-10 17:31:57 +0000