adapt-authoring-auth-local 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/.github/workflows/new.yml +7 -11
  2. package/lib/LocalAuthModule.js +5 -5
  3. package/package.json +2 -2
  4. package/.github/workflows/labelled_prs.yml +0 -16
package/.github/workflows/new.yml CHANGED
@@ -1,19 +1,15 @@
1
- name: Add to main project
1
+ # Calls the org-level reusable workflow to add PRs to the TODO Board
2
+
3
+ name: Add PR to Project
2
4
 
3
5
  on:
4
- issues:
5
- types:
6
- - opened
7
6
  pull_request:
8
7
  types:
9
8
  - opened
9
+ - reopened
10
10
 
11
11
  jobs:
12
12
  add-to-project:
13
- name: Add to main project
14
- runs-on: ubuntu-latest
15
- steps:
16
- - uses: actions/add-to-project@v0.1.0
17
- with:
18
- project-url: https://github.com/orgs/adapt-security/projects/5
19
- github-token: ${{ secrets.PROJECTS_SECRET }}
13
+ uses: adapt-security/.github/.github/workflows/new.yml@main
14
+ secrets:
15
+ PROJECTS_SECRET: ${{ secrets.PROJECTS_SECRET }}
package/lib/LocalAuthModule.js CHANGED
@@ -184,8 +184,8 @@ class LocalAuthModule extends AbstractAuthModule {
184
184
  const text = this.app.lang.translate(undefined, 'app.updateusertext')
185
185
  const html = this.app.lang.translate(undefined, 'app.updateuserhtml')
186
186
  try {
187
- if(mailer.isEnabled) await mailer.send({ to: user.email, subject, text, html })
188
- } catch(e) {
187
+ if (mailer.isEnabled) await mailer.send({ to: user.email, subject, text, html })
188
+ } catch (e) {
189
189
  this.log('error', e)
190
190
  }
191
191
 
@@ -284,13 +284,13 @@ class LocalAuthModule extends AbstractAuthModule {
284
284
  async changePasswordHandler (req, res, next) {
285
285
  let email
286
286
  try {
287
- if (req.auth.token) { // already authenticated, so can use auth data
287
+ if (req.auth.token && req.body.noAuth !== 'true') { // already authenticated, so can use auth data
288
288
  if (req.auth.token.type !== this.type) throw new Error()
289
289
  // allow for a specific email to be passed via body, falling back to the email from the auth data
290
290
  email = req.body.email || req.auth.user.email
291
291
  // validate the existing password for security
292
- const [user] = await this.users.find({ email });
293
- await PasswordUtils.compare(req.body.oldPassword, user.password);
292
+ const [user] = await this.users.find({ email })
293
+ await PasswordUtils.compare(req.body.oldPassword, user.password)
294
294
  } else { // no authenticated, so should expect body data
295
295
  const tokenData = await PasswordUtils.validateReset(req.body.token)
296
296
  email = tokenData.email
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "adapt-authoring-auth-local",
3
- "version": "1.0.1",
3
+ "version": "1.0.2",
4
4
  "description": "Module which implements username/password (local) authentication",
5
5
  "homepage": "https://github.com/adapt-security/adapt-authoring-auth-local",
6
6
  "license": "GPL-3.0",
@@ -8,7 +8,7 @@
8
8
  "main": "index.js",
9
9
  "repository": "github:adapt-security/adapt-authoring-auth-local",
10
10
  "dependencies": {
11
- "bcryptjs": "3.0.2",
11
+ "bcryptjs": "3.0.3",
12
12
  "date-fns": "^4.1.0",
13
13
  "lodash": "^4.17.21"
14
14
  },
package/.github/workflows/labelled_prs.yml DELETED
@@ -1,16 +0,0 @@
1
- name: Add labelled PRs to project
2
-
3
- on:
4
- pull_request:
5
- types: [ labeled ]
6
-
7
- jobs:
8
- add-to-project:
9
- if: ${{ github.event.label.name == 'dependencies' }}
10
- name: Add to main project
11
- runs-on: ubuntu-latest
12
- steps:
13
- - uses: actions/add-to-project@v0.1.0
14
- with:
15
- project-url: https://github.com/orgs/adapt-security/projects/5
16
- github-token: ${{ secrets.PROJECTS_SECRET }}