diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts index 1e0694368f..fa573b69fa 100644 --- a/src/server/api/private/signin.ts +++ b/src/server/api/private/signin.ts @@ -53,9 +53,9 @@ export default async (ctx: Koa.BaseContext) => { // Compare password const same = await bcrypt.compare(password, profile.password!); - async function fail(status?: number, failure?: {error: string}) { + async function fail(status?: number, failure?: { error: string }) { // Append signin history - const record = await Signins.save({ + await Signins.save({ id: genId(), createdAt: new Date(), userId: user.id, @@ -64,23 +64,19 @@ export default async (ctx: Koa.BaseContext) => { success: false }); - // Publish signin event - publishMainStream(user.id, 'signin', await Signins.pack(record)); - - if (status && failure) { - ctx.throw(status, failure); - } + ctx.throw(status || 500, failure || { error: 'someting happened' }); } if (!profile.twoFactorEnabled) { if (same) { signin(ctx, user); + return; } else { await fail(403, { error: 'incorrect password' }); + return; } - return; } if (token) { @@ -169,6 +165,7 @@ export default async (ctx: Koa.BaseContext) => { if (isValid) { signin(ctx, user); + return; } else { await fail(403, { error: 'invalid challenge data' @@ -191,6 +188,7 @@ export default async (ctx: Koa.BaseContext) => { await fail(403, { error: 'no keys found' }); + return; } // 32 byte challenge @@ -219,6 +217,5 @@ export default async (ctx: Koa.BaseContext) => { ctx.status = 200; return; } - - await fail(); + // never get here };