|
|
|
@ -261,26 +261,38 @@ class UserService extends SiteService {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async updateSettings (user, userDefinition) {
|
|
|
|
|
const { crypto: cryptoService } = this.dtp.services;
|
|
|
|
|
|
|
|
|
|
const updateOp = { $set: { }, $unset: { } };
|
|
|
|
|
|
|
|
|
|
// strip characters we don't want to allow in username
|
|
|
|
|
userDefinition.username = striptags(userDefinition.username.trim().replace(/[^A-Za-z0-9\-_]/gi, ''));
|
|
|
|
|
const username_lc = userDefinition.username.toLowerCase();
|
|
|
|
|
updateOp.$set.username = striptags(userDefinition.username.trim().replace(/[^A-Za-z0-9\-_]/gi, ''));
|
|
|
|
|
if (!updateOp.$set.username || (updateOp.$set.username.length === 0)) {
|
|
|
|
|
throw new SiteError(400, 'Must include a username');
|
|
|
|
|
}
|
|
|
|
|
updateOp.$set.username_lc = updateOp.$set.username.toLowerCase();
|
|
|
|
|
|
|
|
|
|
userDefinition.displayName = striptags(userDefinition.displayName.trim());
|
|
|
|
|
userDefinition.bio = striptags(userDefinition.bio.trim());
|
|
|
|
|
if (userDefinition.displayName && (userDefinition.displayName.length > 0)) {
|
|
|
|
|
updateOp.$set.displayName = striptags(userDefinition.displayName.trim());
|
|
|
|
|
} else {
|
|
|
|
|
updateOp.$unset.displayName = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
this.log.info('updating user settings', { userDefinition });
|
|
|
|
|
await User.updateOne(
|
|
|
|
|
{ _id: user._id },
|
|
|
|
|
{
|
|
|
|
|
$set: {
|
|
|
|
|
username: userDefinition.username,
|
|
|
|
|
username_lc,
|
|
|
|
|
displayName: userDefinition.displayName,
|
|
|
|
|
bio: userDefinition.bio,
|
|
|
|
|
theme: userDefinition.theme || 'dtp-light',
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
);
|
|
|
|
|
if (userDefinition.bio && (userDefinition.bio.length > 0)) {
|
|
|
|
|
updateOp.$set.bio = striptags(userDefinition.bio.trim());
|
|
|
|
|
} else {
|
|
|
|
|
updateOp.$unset.bio = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (userDefinition.password && userDefinition.password.length > 0) {
|
|
|
|
|
updateOp.$set.passwordSalt = uuidv4();
|
|
|
|
|
updateOp.$set.password = cryptoService.maskPassword(updateOp.$set.passwordSalt, userDefinition.password);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
updateOp.$set.theme = userDefinition.theme || 'dtp-light',
|
|
|
|
|
|
|
|
|
|
this.log.info('updating user settings', { userId: user._id });
|
|
|
|
|
await User.updateOne({ _id: user._id }, updateOp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async authenticate (account, options) {
|
|
|
|
|