watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-04 04:37:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix update user.

Browse source
This commit is contained in:
Brian Cao 2023-04-13 12:08:53 -07:00
parent 5fc96cf5e1
commit ef324fdf73
5 changed files with 17 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
pages/api/auth/login.ts
View file

@ -45,7 +45,10 @@ export default async (
const token = createSecureToken({ userId: user.id }, secret());
return ok(res, { token, user });
return ok(res, {
token,
user: { id: user.id, username: user.username, createdAt: user.createdAt },
});
}
return unauthorized(res, 'message.incorrect-username-password');

12
pages/api/users/[id]/index.ts
View file

@ -1,4 +1,4 @@
import { NextApiRequestQueryBody, User } from 'lib/types';
import { NextApiRequestQueryBody, Roles, User } from 'lib/types';
import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
import { useAuth } from 'lib/middleware';
import { NextApiResponse } from 'next';
@ -12,6 +12,7 @@ export interface UserRequestQuery {
export interface UserRequestBody {
username: string;
password: string;
role: Roles;
}
export default async (
@ -40,17 +41,20 @@ export default async (
return unauthorized(res);
}
const { username, password } = req.body;
const { username, password, role } = req.body;
const user = await getUser({ id });
const data: any = {};
// Only admin can change these fields
if (password && isAdmin) {
if (password) {
data.password = hashPassword(password);
}
if (role && isAdmin) {
data.role = role;
}
// Only admin can change these fields
if (username && isAdmin) {
data.username = username;