REST APIs for the Best of Us! - A Meteor 0.9+ package for building REST APIs https://atmospherejs.com/nimble/restivus
544
stars
117
forks
source link
Try login with user who does not have password, crashes server #300
Open
adamgins opened 5 years ago
If you create a user by another means (eg Google login
accounts-google
) and a user tries to call rest '/login` route... it crashes the server.Note user had tried to reset their password... so had
reset
notbcrypt
iepassword: { reset:
To solve this you need to check for the
bycrypt
and not justauthenticatingUser.services?.password
https://github.com/kahmali/meteor-restivus/blob/devel/lib/auth.coffee#L55
ie