edit

src/webserver.js

@@ -419,10 +419,16 @@ passport.deserializeUser(function(uid, done) {
 
 	app.get('/users/:uid/edit', function(req, res){
 		
-		if(req.user && req.params.uid && req.user.uid === req.params.uid)
-			res.send(templates['header'] + create_route('users/'+req.params.uid+'/edit','accountedit') + templates['footer']);
-		else
-			return res.redirect('/403');	
+		if(!req.user)
+			return res.redirect('/403');
+		
+		user.getUserField(req.user.uid, 'username', function(username) {
+		
+			if(req.params.uid && username === req.params.uid)
+				res.send(templates['header'] + create_route('users/'+req.params.uid+'/edit','accountedit') + templates['footer']);
+			else
+				return res.redirect('/403');
+		});	
 	});