name: name,
email: email
};
- setAndSendLoginToken("Welcome to " + params.siteURL, user, res);
+ setAndSendLoginToken("Welcome to " + params.siteURL, user);
res.json({});
}
});
router.get("/users", access.ajax, (req,res) => {
const ids = req.query["ids"];
// NOTE: slightly too permissive RegExp
- if (ids.match(/^([0-9]+,?)+$/)) {
+ if (!!ids && !!ids.match(/^([0-9]+,?)+$/)) {
UserModel.getByIds(ids, (err, users) => {
res.json({ users: users });
});
// Authentication-related methods:
// to: object user (to who we send an email)
-function setAndSendLoginToken(subject, to, res) {
+function setAndSendLoginToken(subject, to) {
// Set login token and send welcome(back) email with auth link
const token = genToken(params.token.length);
UserModel.setLoginToken(token, to.id);
if (UserModel.checkNameEmail({ [type]: nameOrEmail })) {
UserModel.getOne(type, nameOrEmail, (err,user) => {
access.checkRequest(res, err, user, "Unknown user", () => {
- setAndSendLoginToken("Token for " + params.siteURL, user, res);
+ setAndSendLoginToken("Token for " + params.siteURL, user);
res.json({});
});
});