Fix throwing unhandled promise rejection if user doesn't exist in validatePasswordRedirect user to /profile on successful login

merge-requests/6/head
knotteye 2019-12-05 15:03:27 -06:00
parent be38b873eb
commit 8c17149f39
2 changed files with 15 additions and 4 deletions

View File

@ -45,8 +45,12 @@ async function query(query: string){
} }
async function validatePassword(username: string, password: string){ async function validatePassword(username: string, password: string){
try {
let pass: any = await query('select password_hash from users where username='+raw.escape(username)+' limit 1'); let pass: any = await query('select password_hash from users where username='+raw.escape(username)+' limit 1');
return await bcrypt.compare(password, pass[0].password_hash.toString()); return await bcrypt.compare(password, pass[0].password_hash.toString());
} catch(e) {
return false;
}
} }
async function hash(pwd){ async function hash(pwd){

View File

@ -3,8 +3,15 @@
<h3>Log in to {{ sitename }}</h3><span style="font-size: small;">Not registered yet? Sign up <a href="/register">here</a>.</br></br></span> <h3>Log in to {{ sitename }}</h3><span style="font-size: small;">Not registered yet? Sign up <a href="/register">here</a>.</br></br></span>
<form action="/api/login" method="POST" target="responseFrame"> <form action="/api/login" method="POST" target="responseFrame">
Username: </br><input type="text" name="username" style="min-width: 300px" placeholder="e.g. lain"/></br> Username: </br><input type="text" name="username" style="min-width: 300px" placeholder="e.g. lain"/></br>
Password: </br><input type="password" name="password" style="min-width: 300px"/></br> Password: </br><input type="password" name="password" style="min-width: 300px"/></br></br>
<input type="submit" value="Submit"> <input type="submit" value="Submit">
</form> </form>
<iframe name="responseFrame" border="0" frameborder="0" style="display: inline;"></iframe> <script type="text/javascript">
function handleLoad() {
var r = JSON.parse(document.getElementById('responseFrame').contentDocument.documentElement.textContent).success
if (typeof(r) !== 'undefined') window.location.href = '/profile'
}
</script>
<iframe name="responseFrame" onload="handleLoad()" border="0" frameborder="0" style="display: inline;" id="responseFrame">
</iframe>
{% endblock %} {% endblock %}