closes #1911

11 years ago · 96b0b449b9
parent f31978aa2c
commit 96b0b449b9
3 changed files with 47 additions and 27 deletions
--- a/public/src/forum/reset_code.js
+++ b/public/src/forum/reset_code.js
@ -26,7 +26,7 @@ define('forum/reset_code', function() {
 					password: password.val()
 				}, function(err) {
 					if(err) {
-						return app.alert(err.message);
+						return app.alertError(err.message);
 					}
 					$('#error').addClass('hide').hide();
 					$('#notice').addClass('hide').hide();
--- a/src/user/auth.js
+++ b/src/user/auth.js
@ -1,3 +1,5 @@
 'use strict';
 var db = require('../database'),
 	meta = require('../meta');
@ -6,24 +8,35 @@ module.exports = function(User) {
 	User.auth.logAttempt = function(uid, callback) {
 		db.exists('lockout:' + uid, function(err, exists) {
-			if (!exists) {
+			if (err) {
 				return callback(err);
 			}
 			if (exists) {
 				return callback(new Error('[[error:account-locked]]'));
 			}
 			db.increment('loginAttempts:' + uid, function(err, attempts) {
 				if (err) {
 					return callback(err);
 				}
 				if ((meta.config.loginAttempts || 5) < attempts) {
 					// Lock out the account
 					db.set('lockout:' + uid, '', function(err) {
 						if (err) {
 							return callback(err);
 						}
 						db.delete('loginAttempts:' + uid);
-							db.pexpire('lockout:' + uid, 1000*60*(meta.config.lockoutDuration || 60));
+						db.pexpire('lockout:' + uid, 1000 * 60 * (meta.config.lockoutDuration || 60));
 						callback(new Error('account-locked'));
 					});
 				} else {
-						db.pexpire('loginAttempts:' + uid, 1000*60*60);
+					db.pexpire('loginAttempts:' + uid, 1000 * 60 * 60);
 					callback();
 				}
 			});
-			} else {
+		});
 				callback(new Error('[[error:account-locked]]'));
 			}
 		})
 	};
 	User.auth.clearLoginAttempts = function(uid) {
--- a/src/user/reset.js
+++ b/src/user/reset.js
@ -70,23 +70,30 @@ var async = require('async'),
 				return callback(err);
 			}
-			if (validated) {
+			if (!validated) {
 				return;
 			}
 			db.getObjectField('reset:uid', code, function(err, uid) {
 				if (err) {
 					return callback(err);
 				}
 				user.hashPassword(password, function(err, hash) {
 					if (err) {
 						return callback(err);
 					}
 					user.setUserField(uid, 'password', hash);
 					events.logPasswordReset(uid);
 					});
 					db.deleteObjectField('reset:uid', code);
 					db.deleteObjectField('reset:expiry', code);
 					db.delete('lockout:' + uid);
 					user.auth.clearLoginAttempts(uid);
-					callback(null);
+					callback();
 				});
 			});
 			}
 		});
 	};