From f8552b0ea648035b28010e7c5dea82398e9825ea Mon Sep 17 00:00:00 2001
From: HF <hf@pixelplanet.fun>
Date: Thu, 28 Jul 2022 00:19:30 +0200
Subject: [PATCH] check for login on auth routes

---
 src/routes/api/auth/change_mail.js    | 2 +-
 src/routes/api/auth/change_name.js    | 2 +-
 src/routes/api/auth/change_passwd.js  | 2 +-
 src/routes/api/auth/delete_account.js | 2 +-
 src/routes/api/auth/logout.js         | 2 +-
 src/routes/api/auth/resend_verify.js  | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/routes/api/auth/change_mail.js b/src/routes/api/auth/change_mail.js
index 4d4d6a2..1f4d2dd 100644
--- a/src/routes/api/auth/change_mail.js
+++ b/src/routes/api/auth/change_mail.js
@@ -35,7 +35,7 @@ export default async (req: Request, res: Response) => {
   }
 
   const { user, lang } = req;
-  if (!user) {
+  if (!user || !user.regUser) {
     res.status(401);
     res.json({
       errors: [t`You are not authenticated.`],
diff --git a/src/routes/api/auth/change_name.js b/src/routes/api/auth/change_name.js
index 3661e9f..1c394ed 100644
--- a/src/routes/api/auth/change_name.js
+++ b/src/routes/api/auth/change_name.js
@@ -26,7 +26,7 @@ export default async (req: Request, res: Response) => {
   const { name } = req.body;
   const { user } = req;
 
-  if (!user) {
+  if (!user || !user.regUser) {
     res.status(401);
     res.json({
       errors: ['You are not authenticated.'],
diff --git a/src/routes/api/auth/change_passwd.js b/src/routes/api/auth/change_passwd.js
index 32b9bee..f60840c 100644
--- a/src/routes/api/auth/change_passwd.js
+++ b/src/routes/api/auth/change_passwd.js
@@ -31,7 +31,7 @@ export default async (req: Request, res: Response) => {
   }
 
   const { user } = req;
-  if (!user) {
+  if (!user || !user.regUser) {
     res.status(401);
     res.json({
       errors: [t`You are not authenticated.`],
diff --git a/src/routes/api/auth/delete_account.js b/src/routes/api/auth/delete_account.js
index 9b3fc1e..0ff475b 100644
--- a/src/routes/api/auth/delete_account.js
+++ b/src/routes/api/auth/delete_account.js
@@ -28,7 +28,7 @@ export default async (req, res) => {
   }
 
   const { user } = req;
-  if (!user) {
+  if (!user || !user.regUser) {
     res.status(401);
     res.json({
       errors: [t`You are not authenticated.`],
diff --git a/src/routes/api/auth/logout.js b/src/routes/api/auth/logout.js
index 412f38e..ad22c84 100644
--- a/src/routes/api/auth/logout.js
+++ b/src/routes/api/auth/logout.js
@@ -7,7 +7,7 @@ import type { Request, Response } from 'express';
 export default async (req: Request, res: Response) => {
   const { user } = req;
   const { t } = req.ttag;
-  if (!user) {
+  if (!user || !user.regUser) {
     res.status(401);
     res.json({
       errors: [t`You are not even logged in.`],
diff --git a/src/routes/api/auth/resend_verify.js b/src/routes/api/auth/resend_verify.js
index 71f0517..2a3ec9a 100644
--- a/src/routes/api/auth/resend_verify.js
+++ b/src/routes/api/auth/resend_verify.js
@@ -11,7 +11,7 @@ import { getHostFromRequest } from '../../../utils/ip';
 
 export default async (req: Request, res: Response) => {
   const { user, lang } = req;
-  if (!user) {
+  if (!user || !user.regUser) {
     res.status(401);
     res.json({
       errors: ['You are not authenticated.'],