diff options
Diffstat (limited to 'src/api/routes')
-rw-r--r-- | src/api/routes/auth/login.ts | 5 | ||||
-rw-r--r-- | src/api/routes/auth/mfa/totp.ts | 3 | ||||
-rw-r--r-- | src/api/routes/auth/mfa/webauthn.ts | 3 | ||||
-rw-r--r-- | src/api/routes/users/@me/mfa/webauthn/credentials/index.ts | 2 |
4 files changed, 7 insertions, 6 deletions
diff --git a/src/api/routes/auth/login.ts b/src/api/routes/auth/login.ts index e6616731..9c6f2335 100644 --- a/src/api/routes/auth/login.ts +++ b/src/api/routes/auth/login.ts @@ -72,14 +72,13 @@ router.post( "id", "disabled", "deleted", - "settings", "totp_secret", "mfa_enabled", "webauthn_enabled", "security_keys", "verified", ], - relations: ["security_keys"], + relations: ["security_keys", "settings"], }).catch(() => { throw FieldErrors({ login: { @@ -187,7 +186,7 @@ router.post( // Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package // https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png - res.json({ token, settings: user.settings }); + res.json({ token, settings: { ...user.settings, index: undefined } }); }, ); diff --git a/src/api/routes/auth/mfa/totp.ts b/src/api/routes/auth/mfa/totp.ts index 65cdd397..6236d209 100644 --- a/src/api/routes/auth/mfa/totp.ts +++ b/src/api/routes/auth/mfa/totp.ts @@ -34,7 +34,8 @@ router.post( where: { totp_last_ticket: ticket, }, - select: ["id", "totp_secret", "settings"], + select: ["id", "totp_secret"], + relations: ["settings"], }); const backup = await BackupCode.findOne({ diff --git a/src/api/routes/auth/mfa/webauthn.ts b/src/api/routes/auth/mfa/webauthn.ts index c4334c4c..a9fa78b2 100644 --- a/src/api/routes/auth/mfa/webauthn.ts +++ b/src/api/routes/auth/mfa/webauthn.ts @@ -54,7 +54,8 @@ router.post( where: { totp_last_ticket: ticket, }, - select: ["id", "settings"], + select: ["id"], + relations: ["settings"], }); const ret = await verifyWebAuthnToken(ticket); diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts index a33e06ce..85fb251c 100644 --- a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts +++ b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts @@ -89,11 +89,11 @@ router.post( "id", "disabled", "deleted", - "settings", "totp_secret", "mfa_enabled", "username", ], + relations: ["settings"], }); if (isGenerateSchema(req.body)) { |