From 24221d66e0eec1ed8dd095ed04ae16784040e7dc Mon Sep 17 00:00:00 2001 From: Misty Release Bot Date: Thu, 18 Aug 2022 13:45:26 +0000 Subject: [PATCH 1/4] chore: incrementing version number - v2.4.4 --- install/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/package.json b/install/package.json index f49aebd84f..0f1d15ae17 100644 --- a/install/package.json +++ b/install/package.json @@ -2,7 +2,7 @@ "name": "nodebb", "license": "GPL-3.0", "description": "NodeBB Forum", - "version": "2.4.3", + "version": "2.4.4", "homepage": "http://www.nodebb.org", "repository": { "type": "git", From 77e492b8d728912321db7cc2e99277587c61446d Mon Sep 17 00:00:00 2001 From: Misty Release Bot Date: Thu, 18 Aug 2022 13:45:27 +0000 Subject: [PATCH 2/4] chore: update changelog for v2.4.4 --- CHANGELOG.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e3038ff6dc..37ac7ed189 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +#### v2.4.4 (2022-08-18) + +##### Chores + +* incrementing version number - v2.4.3 (9c647c6c) +* update changelog for v2.4.3 (06da15a5) +* incrementing version number - v2.4.2 (3aa7b855) +* incrementing version number - v2.4.1 (60cbd148) +* incrementing version number - v2.4.0 (4834cde3) +* incrementing version number - v2.3.1 (d2425942) +* incrementing version number - v2.3.0 (046ea120) + +##### Bug Fixes + +* missing req, closes #10847 (489fb3a3) + #### v2.4.3 (2022-08-18) ##### Chores From bc37a5c51656a20affd8745fa860b5a8bfa023d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Fri, 19 Aug 2022 08:51:04 -0400 Subject: [PATCH 3/4] fix: parseInt caller.uid closes #10849 --- src/api/users.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/users.js b/src/api/users.js index aa1ea25687..abc295acfd 100644 --- a/src/api/users.js +++ b/src/api/users.js @@ -305,7 +305,7 @@ async function isPrivilegedOrSelfAndPasswordMatch(caller, data) { async function processDeletion({ uid, method, password, caller }) { const isTargetAdmin = await user.isAdministrator(uid); - const isSelf = parseInt(uid, 10) === caller.uid; + const isSelf = parseInt(uid, 10) === parseInt(caller.uid, 10); const isAdmin = await user.isAdministrator(caller.uid); if (isSelf && meta.config.allowAccountDelete !== 1) { From 9b96c33d5d3706f9c5795b9c07ace063f69b101d Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Fri, 19 Aug 2022 13:04:10 -0400 Subject: [PATCH 4/4] fix: wrap passport.authenticate to pass in keepSessionInfo if not already set --- src/routes/authentication.js | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/routes/authentication.js b/src/routes/authentication.js index b3f9bcba40..3c6ea76f0b 100644 --- a/src/routes/authentication.js +++ b/src/routes/authentication.js @@ -25,6 +25,20 @@ Auth.initialize = function (app, middleware) { Auth.app = app; Auth.middleware = middleware; + + // Apply wrapper around passport.authenticate to pass in keepSessionInfo option + const _authenticate = passport.authenticate; + passport.authenticate = (strategy, options, callback) => { + if (!callback && typeof options === 'function') { + return _authenticate.call(passport, strategy, options); + } + + if (!options.hasOwnProperty('keepSessionInfo')) { + options.keepSessionInfo = true; + } + + return _authenticate.call(passport, strategy, options, callback); + }; }; Auth.setAuthVars = function setAuthVars(req) {