added a new property to userData "hasPassword", disabling "current password" field in user editing if no password is set (for SSO logins, for example)

11 years ago · e9e53ad95e
parent 4a1513eabf
commit e9e53ad95e
3 changed files with 19 additions and 10 deletions
--- a/public/src/forum/accountedit.js
+++ b/public/src/forum/accountedit.js
@ -189,8 +189,7 @@ define(['forum/accountheader', 'uploader'], function(header, uploader) {
 			password_confirm.on('blur', onPasswordConfirmChanged);
 			$('#changePasswordBtn').on('click', function() {
-
+				if ((passwordvalid && passwordsmatch) || app.isAdmin) {
 				if (passwordvalid && passwordsmatch && (currentPassword.val() || app.isAdmin)) {
 					socket.emit('user.changePassword', {
 						'currentPassword': currentPassword.val(),
 						'newPassword': password.val(),
--- a/public/templates/accountedit.tpl
+++ b/public/templates/accountedit.tpl
@ -115,7 +115,7 @@
 					<div class="control-group">
 						<label class="control-label" for="inputCurrentPassword">[[user:current_password]]</label>
 						<div class="controls">
-							<input class="form-control" type="password" id="inputCurrentPassword" placeholder="Current Password" value="">
+							<input class="form-control" type="password" id="inputCurrentPassword" placeholder="Current Password" value=""<!-- IF !hasPassword --> disabled<!-- ENDIF !hasPassword-->>
 						</div>
 					</div>
--- a/src/user.js
+++ b/src/user.js
@ -185,8 +185,13 @@ var bcrypt = require('bcryptjs'),
 				return callback(err);
 			}
-			if (data && data.password) {
+			if (data) {
-				delete data.password;
+				if (data.password) {
 					delete data.password;
 					data.hasPassword = true;
 				} else {
 					data.hasPassword = false;
 				}
 			}
 			callback(err, data);
 		});
@ -467,13 +472,18 @@ var bcrypt = require('bcryptjs'),
 					return callback(err);
 				}
-				bcrypt.compare(data.currentPassword, currentPassword, function(err, res) {
+				if (currentPassword !== null) {
-					if (err || !res) {
+					bcrypt.compare(data.currentPassword, currentPassword, function(err, res) {
-						return callback(err || new Error('Your current password is not correct!'));
+						if (err || !res) {
-					}
+							return callback(err || new Error('Your current password is not correct!'));
 						}
 						hashAndSetPassword(callback);
 					});
 				} else {
 					// No password in account (probably SSO login)
 					hashAndSetPassword(callback);
-				});
+				}
 			});
 		}
 	};