Merge pull request 'Login in WI möglich trotz nicht bestätigter mail #77' (#205) from #77 into 1.0.0

Reviewed-on: sh-edraft.de/kd_discord_bot#205 Reviewed-by: Ebola-Chan <nick.jungmann@gmail.com> Closes #77
2023-02-16 22:18:20 +01:00 · 2023-02-16 22:18:20 +01:00 · e2ef4f3bde
commit e2ef4f3bde
parent 3456c5f021 065e8b0645
2 changed files with 8 additions and 0 deletions
--- a/kdb-bot/src/bot_api/service/auth_service.py
+++ b/kdb-bot/src/bot_api/service/auth_service.py
@ -465,6 +465,9 @@ class AuthService(AuthServiceABC):
        if db_user.password != user_dto.password:
            raise ServiceException(ServiceErrorCode.InvalidUser, "Wrong password")

+        if db_user.confirmation_id is not None:
+            raise ServiceException(ServiceErrorCode.Forbidden, "E-Mail not verified")
+
        token = self.generate_token(db_user)
        refresh_token = self._create_and_save_refresh_token(db_user)
        if db_user.forgot_password_id is not None:
@ -488,6 +491,9 @@ class AuthService(AuthServiceABC):
                lambda x: self._auth_users.add_auth_user_user_rel(AuthUserUsersRelation(db_user, x))
            )

+        if db_user.confirmation_id is not None:
+            raise ServiceException(ServiceErrorCode.Forbidden, "E-Mail not verified")
+
        token = self.generate_token(db_user)
        refresh_token = self._create_and_save_refresh_token(db_user)
        if db_user.forgot_password_id is not None:
--- a/kdb-web/src/app/modules/auth/components/login/login.component.ts
+++ b/kdb-web/src/app/modules/auth/components/login/login.component.ts
@ -74,6 +74,8 @@ export class LoginComponent implements OnInit {
          this.spinnerService.hideSpinner();
          this.router.navigate(["auth", "login"]).then(() => {
          });
+          this.state = "";
+          this.code = "";
          return throwError(() => err);
        })).subscribe(token => {
          this.authService.saveToken(token);