refactor: simplified utilities API > login rout

Removed continueLogin override in favour of a simpler `redirectAfterLogin` override Use passport to authenticate username and password instead of duplicated logic.
2026-06-17 16:00:09 +02:00 · 2021-10-22 15:56:31 -04:00
parent 6b4f35c2fa
commit 506c34a84d
2 changed files with 16 additions and 37 deletions
--- a/src/controllers/write/utilities.js
+++ b/src/controllers/write/utilities.js
@@ -2,7 +2,6 @@

 const user = require('../../user');
 const authenticationController = require('../authentication');
-const slugify = require('../../slugify');
 const helpers = require('../helpers');

 const Utilities = module.exports;
@@ -22,31 +21,9 @@ Utilities.ping.post = (req, res) => {
 };

 Utilities.login = (req, res) => {
-	res.locals.continueLogin = async (strategy, req, res) => {
-		const { username, password, session } = req.body;
-
-		const userslug = slugify(username);
-		const uid = await user.getUidByUserslug(userslug);
-		let ok = false;
-		try {
-			ok = await user.isPasswordCorrect(uid, password, req.ip);
-		} catch (err) {
-			if (err.message === '[[error:account-locked]]') {
-				return helpers.formatApiResponse(429, res, err);
-			}
-		}
-
-		if (ok) {
-			const userData = (await user.getUsers([uid], uid)).pop();
-
-			if (parseInt(session, 10) === 1) {
-				await authenticationController.doLogin(req, userData.uid);
-			}
-
-			helpers.formatApiResponse(200, res, userData);
-		} else {
-			helpers.formatApiResponse(403, res);
-		}
+	res.locals.redirectAfterLogin = async (req, res) => {
+		const userData = (await user.getUsers([req.uid], req.uid)).pop();
+		helpers.formatApiResponse(200, res, userData);
 	};
 	res.locals.noScriptErrors = (req, res, err, statusCode) => {
 		helpers.formatApiResponse(statusCode, res, new Error(err));