From b51cb55504e07ee791106fc99287a13a9f83286e Mon Sep 17 00:00:00 2001
From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>
Date: Thu, 12 Aug 2021 01:49:43 +0200
Subject: :bug: fix login undelete/undisable

---
 src/routes/auth/login.ts | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

(limited to 'src')

diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts
index 8d1a8df3..6c4e5e3e 100644
--- a/src/routes/auth/login.ts
+++ b/src/routes/auth/login.ts
@@ -47,27 +47,20 @@ router.post(
 
 		const user = await UserModel.findOne(
 			{ $or: query },
-			{
-				user_data: {
-					hash: true
-				},
-				id: true,
-				user_settings: {
-					locale: true,
-					theme: true
-				}
-			}
+			{ user_data: { hash: true }, id: true, disabled: true, deleted: true, user_settings: { locale: true, theme: true } }
 		)
 			.exec()
 			.catch((e) => {
 				throw FieldErrors({ login: { message: req.t("auth:login.INVALID_LOGIN"), code: "INVALID_LOGIN" } });
 			});
 
-		if (user.disabled && undelete) {
+		if (undelete) {
 			// undelete refers to un'disable' here
-			await UserModel.updateOne({ id: req.user_id }, { disabled: false }).exec();
-		} else if (user.disabled) {
-			return res.status(400).json({ message: req.t("auth:login.ACCOUNT_DISABLED"), code: 20013 });
+			if (user.disabled) await UserModel.updateOne({ id: user.id }, { disabled: false }).exec();
+			if (user.deleted) await UserModel.updateOne({ id: user.id }, { deleted: false }).exec();
+		} else {
+			if (user.deleted) return res.status(400).json({ message: "This account is scheduled for deletion.", code: 20011 });
+			if (user.disabled) return res.status(400).json({ message: req.t("auth:login.ACCOUNT_DISABLED"), code: 20013 });
 		}
 
 		// the salt is saved in the password refer to bcrypt docs
-- 
cgit 1.5.1