summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/api/routes/auth/login.ts5
-rw-r--r--src/api/routes/auth/mfa/totp.ts3
-rw-r--r--src/api/routes/auth/mfa/webauthn.ts3
-rw-r--r--src/api/routes/users/@me/mfa/webauthn/credentials/index.ts2
4 files changed, 7 insertions, 6 deletions
diff --git a/src/api/routes/auth/login.ts b/src/api/routes/auth/login.ts

index e6616731..9c6f2335 100644
--- a/src/api/routes/auth/login.ts
+++ b/src/api/routes/auth/login.ts
@@ -72,14 +72,13 @@ router.post(
 				"id",
 				"disabled",
 				"deleted",
-				"settings",
 				"totp_secret",
 				"mfa_enabled",
 				"webauthn_enabled",
 				"security_keys",
 				"verified",
 			],
-			relations: ["security_keys"],
+			relations: ["security_keys", "settings"],
 		}).catch(() => {
 			throw FieldErrors({
 				login: {
@@ -187,7 +186,7 @@ router.post(
 		// Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package
 		// https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png
 
-		res.json({ token, settings: user.settings });
+		res.json({ token, settings: { ...user.settings, index: undefined } });
 	},
 );
 
diff --git a/src/api/routes/auth/mfa/totp.ts b/src/api/routes/auth/mfa/totp.ts

index 65cdd397..6236d209 100644
--- a/src/api/routes/auth/mfa/totp.ts
+++ b/src/api/routes/auth/mfa/totp.ts
@@ -34,7 +34,8 @@ router.post(
 			where: {
 				totp_last_ticket: ticket,
 			},
-			select: ["id", "totp_secret", "settings"],
+			select: ["id", "totp_secret"],
+			relations: ["settings"],
 		});
 
 		const backup = await BackupCode.findOne({
diff --git a/src/api/routes/auth/mfa/webauthn.ts b/src/api/routes/auth/mfa/webauthn.ts

index c4334c4c..a9fa78b2 100644
--- a/src/api/routes/auth/mfa/webauthn.ts
+++ b/src/api/routes/auth/mfa/webauthn.ts
@@ -54,7 +54,8 @@ router.post(
 			where: {
 				totp_last_ticket: ticket,
 			},
-			select: ["id", "settings"],
+			select: ["id"],
+			relations: ["settings"],
 		});
 
 		const ret = await verifyWebAuthnToken(ticket);
diff --git a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts

index a33e06ce..85fb251c 100644
--- a/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts
+++ b/src/api/routes/users/@me/mfa/webauthn/credentials/index.ts
@@ -89,11 +89,11 @@ router.post(
 				"id",
 				"disabled",
 				"deleted",
-				"settings",
 				"totp_secret",
 				"mfa_enabled",
 				"username",
 			],
+			relations: ["settings"],
 		});
 
 		if (isGenerateSchema(req.body)) {
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-06-30 18:37:15 +0000