swissmakers_gmbh/swiss-datashare
12
0
Fork 0
mirror of https://github.com/swissmakers/swiss-datashare.git synced 2026-04-19 13:33:13 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: password can be changed with wrong password

Browse Source
This commit is contained in:
Elias Schneider
2024-01-14 14:14:07 +01:00
parent 067652aa80
commit 0ccb836444
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/auth/auth.service.ts
View File

@@ -139,7 +139,7 @@ export class AuthService {
async updatePassword(user: User, newPassword: string, oldPassword?: string) { async updatePassword(user: User, newPassword: string, oldPassword?: string) {
const isPasswordValid = const isPasswordValid =
!user.password || !(await argon.verify(user.password, oldPassword)); !user.password || await argon.verify(user.password, oldPassword);
if (!isPasswordValid) throw new ForbiddenException("Invalid password"); if (!isPasswordValid) throw new ForbiddenException("Invalid password");