mirror of
https://github.com/kremalicious/umami.git
synced 2024-12-24 18:26:20 +01:00
Fix update user.
This commit is contained in:
parent
5fc96cf5e1
commit
ef324fdf73
@ -16,7 +16,9 @@ import useMessages from 'hooks/useMessages';
|
||||
export default function UserEditForm({ userId, data, onSave }) {
|
||||
const { formatMessage, labels, messages } = useMessages();
|
||||
const { post, useMutation } = useApi();
|
||||
const { mutate, error } = useMutation(({ username }) => post(`/users/${userId}`, { username }));
|
||||
const { mutate, error } = useMutation(({ username, password, role }) =>
|
||||
post(`/users/${userId}`, { username, password, role }),
|
||||
);
|
||||
|
||||
const handleSubmit = async data => {
|
||||
mutate(data, {
|
||||
|
@ -43,6 +43,7 @@ export interface User {
|
||||
id: string;
|
||||
username: string;
|
||||
password?: string;
|
||||
role: string;
|
||||
createdAt?: Date;
|
||||
}
|
||||
|
||||
|
@ -45,7 +45,10 @@ export default async (
|
||||
|
||||
const token = createSecureToken({ userId: user.id }, secret());
|
||||
|
||||
return ok(res, { token, user });
|
||||
return ok(res, {
|
||||
token,
|
||||
user: { id: user.id, username: user.username, createdAt: user.createdAt },
|
||||
});
|
||||
}
|
||||
|
||||
return unauthorized(res, 'message.incorrect-username-password');
|
||||
|
@ -1,4 +1,4 @@
|
||||
import { NextApiRequestQueryBody, User } from 'lib/types';
|
||||
import { NextApiRequestQueryBody, Roles, User } from 'lib/types';
|
||||
import { canDeleteUser, canUpdateUser, canViewUser } from 'lib/auth';
|
||||
import { useAuth } from 'lib/middleware';
|
||||
import { NextApiResponse } from 'next';
|
||||
@ -12,6 +12,7 @@ export interface UserRequestQuery {
|
||||
export interface UserRequestBody {
|
||||
username: string;
|
||||
password: string;
|
||||
role: Roles;
|
||||
}
|
||||
|
||||
export default async (
|
||||
@ -40,17 +41,20 @@ export default async (
|
||||
return unauthorized(res);
|
||||
}
|
||||
|
||||
const { username, password } = req.body;
|
||||
const { username, password, role } = req.body;
|
||||
|
||||
const user = await getUser({ id });
|
||||
|
||||
const data: any = {};
|
||||
|
||||
// Only admin can change these fields
|
||||
if (password && isAdmin) {
|
||||
if (password) {
|
||||
data.password = hashPassword(password);
|
||||
}
|
||||
|
||||
if (role && isAdmin) {
|
||||
data.role = role;
|
||||
}
|
||||
|
||||
// Only admin can change these fields
|
||||
if (username && isAdmin) {
|
||||
data.username = username;
|
||||
|
@ -17,6 +17,7 @@ export async function getUser(
|
||||
username: true,
|
||||
password: includePassword,
|
||||
role: true,
|
||||
createdAt: true,
|
||||
},
|
||||
});
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user