diff --git a/src/api/client/index.ts b/src/api/client/index.ts index 0eace9d..bfdd014 100644 --- a/src/api/client/index.ts +++ b/src/api/client/index.ts @@ -6,6 +6,7 @@ import { createJWT } from "../../keys"; import Client from "../../models/client"; import RequestError, { HttpStatusCode } from "../../helper/request_error"; import config from "../../config"; +import Mail from "../../models/mail"; const ClientRouter = Router(); @@ -45,10 +46,15 @@ ClientRouter.get("/user", Stacker(GetClientAuthMiddleware(false), GetUserMiddlew })); ClientRouter.get("/account", Stacker(GetClientApiAuthMiddleware(), async (req: Request, res) => { + let mails = await Promise.all(req.user.mails.map(id => Mail.findById(id))); + + let mail = mails.find(e => e.primary) || mails[0]; + res.json({ user: { username: req.user.username, name: req.user.name, + email: mail } }) })); diff --git a/src/api/oauth/auth.ts b/src/api/oauth/auth.ts index 22f86ba..52e9ec7 100644 --- a/src/api/oauth/auth.ts +++ b/src/api/oauth/auth.ts @@ -10,6 +10,7 @@ import { randomBytes } from "crypto"; // import { ObjectID } from "bson"; import Grant, { IGrant } from "../../models/grants"; import GetAuthPage from "../../views/authorize"; +import { ObjectID } from "mongodb"; // const AuthRoute = Stacker(GetUserMiddleware(true), async (req: Request, res: Response) => { // let { response_type, client_id, redirect_uri, scope, state, nored } = req.query; @@ -123,8 +124,15 @@ const GetAuthRoute = (view = false) => let proms: PromiseLike[] = []; if (scopes) { for (let perm of scopes.filter(e => e !== "read_user")) { + let oid = undefined; + try { + oid = new ObjectID(perm); + } catch (err) { + Logging.error(err); + continue; + } proms.push( - Permission.findById(perm).then(p => { + Permission.findById(oid).then(p => { if (!p) return Promise.reject(new Error()); permissions.push(p); })