closes #2550, closes #2518

This commit is contained in:
barisusakli
2015-02-01 19:11:58 -05:00
parent 79083004e4
commit 2c8e8a1f1c
17 changed files with 369 additions and 249 deletions

View File

@@ -8,7 +8,7 @@ var async = require('async'),
module.exports = function(User) {
User.auth = {};
User.auth.logAttempt = function(uid, callback) {
User.auth.logAttempt = function(uid, ip, callback) {
db.exists('lockout:' + uid, function(err, exists) {
if (err) {
return callback(err);
@@ -30,12 +30,15 @@ module.exports = function(User) {
return callback(err);
}
var duration = 1000 * 60 * (meta.config.lockoutDuration || 60);
db.delete('loginAttempts:' + uid);
db.pexpire('lockout:' + uid, duration);
events.logAccountLock(uid, duration);
callback(new Error('account-locked'));
events.log({
type: 'account-locked',
uid: uid,
ip: ip
});
callback(new Error('[[error:account-locked]]'));
});
} else {
db.pexpire('loginAttempts:' + uid, 1000 * 60 * 60);

View File

@@ -148,8 +148,6 @@ module.exports = function(User) {
return callback(err);
}
events.logEmailChange(uid, userData.email, newEmail);
var gravatarpicture = User.createGravatarURLFromEmail(newEmail);
async.parallel([
function(next) {
@@ -183,9 +181,13 @@ module.exports = function(User) {
if (!newUsername) {
return callback();
}
User.getUserFields(uid, ['username', 'userslug'], function(err, userData) {
function update(field, object, value, callback) {
async.parallel([
async.series([
function(next) {
db.deleteObjectField(field + ':uid', userData[field], next);
},
function(next) {
User.setUserField(uid, field, value, next);
},
@@ -198,7 +200,6 @@ module.exports = function(User) {
if (err) {
return callback(err);
}
var userslug = utils.slugify(newUsername);
async.parallel([
function(next) {
@@ -206,25 +207,15 @@ module.exports = function(User) {
return next();
}
db.deleteObjectField('username:uid', userData.username, function(err) {
if (err) {
return next(err);
}
events.logUsernameChange(uid, userData.username, newUsername);
update('username', 'username:uid', newUsername, next);
});
update('username', 'username:uid', newUsername, next);
},
function(next) {
if (userslug === userData.userslug) {
var newUserslug = utils.slugify(newUsername);
if (newUserslug === userData.userslug) {
return next();
}
db.deleteObjectField('userslug:uid', userData.userslug, function(err) {
if (err) {
return next(err);
}
update('userslug', 'userslug:uid', userslug, next);
});
update('userslug', 'userslug:uid', newUserslug, next);
}
], callback);
});
@@ -261,23 +252,11 @@ module.exports = function(User) {
function hashAndSetPassword(callback) {
User.hashPassword(data.newPassword, function(err, hash) {
if(err) {
if (err) {
return callback(err);
}
User.setUserField(data.uid, 'password', hash, function(err) {
if(err) {
return callback(err);
}
if(parseInt(uid, 10) === parseInt(data.uid, 10)) {
events.logPasswordChange(data.uid);
} else {
events.logAdminChangeUserPassword(uid, data.uid);
}
callback();
});
User.setUserField(data.uid, 'password', hash, callback);
});
}

View File

@@ -83,7 +83,6 @@ var async = require('async'),
return callback(err);
}
user.setUserField(uid, 'password', hash);
events.logPasswordReset(uid);
db.deleteObjectField('reset:uid', code);
db.deleteObjectField('reset:expiry', code);