diff --git a/lib/actions.ts b/lib/actions.ts index 044be12..4112fc3 100644 --- a/lib/actions.ts +++ b/lib/actions.ts @@ -197,6 +197,12 @@ export async function changeAccountEmail(userId: string, email: string) { if (RESTRICT_ACCESS_LIST.includes(userId)) throw "restricted access"; await checkPermission("accounts/update/email", userId); + const SPLIT_RE = /([^@]+)(@.+)/; + const SYMBOL_RE = /\+.+|\./g; + + const segments = SPLIT_RE.exec(email); + if (!segments) throw "invalid email"; + await mongo() .db("revolt") .collection("accounts") @@ -205,11 +211,11 @@ export async function changeAccountEmail(userId: string, email: string) { { $set: { email: email, - email_normalised: email, + email_normalised: segments[1].replace(SYMBOL_RE, "") + segments[2], verification: { status: "Verified" }, - } + }, } - ) + ); } export async function verifyAccountEmail(userId: string) { @@ -219,7 +225,8 @@ export async function verifyAccountEmail(userId: string) { const account = await fetchAccountById(userId); if (!account) throw new Error("couldn't find account"); - if (account.verification.status == "Verified") throw new Error("already verified"); + if (account.verification.status == "Verified") + throw new Error("already verified"); let email = account.email; if (account.verification.status == "Moving") { @@ -236,9 +243,9 @@ export async function verifyAccountEmail(userId: string) { email: email, email_normalised: email, // <-- should be fine but someone should fix this in the future verification: { status: "Verified" }, - } + }, } - ) + ); } export async function suspendUser(userId: string) { @@ -274,7 +281,10 @@ export async function suspendUser(userId: string) { } } -export async function updateUserBadges(userId: string, badges: number): Promise<{ updatePublished: boolean }> { +export async function updateUserBadges( + userId: string, + badges: number +): Promise<{ updatePublished: boolean }> { await checkPermission("users/update/badges", userId, { badges }); await mongo().db("revolt").collection("users").updateOne( { @@ -299,7 +309,7 @@ export async function updateUserBadges(userId: string, badges: number): Promise< clear: [], }); } - } catch(e) { + } catch (e) { return { updatePublished: false }; } @@ -434,11 +444,11 @@ export async function unsuspendUser(userId: string) { export async function wipeUserProfile( userId: string, fields: { - banner: boolean, - avatar: boolean, - bio: boolean, - displayName: boolean, - status: boolean, + banner: boolean; + avatar: boolean; + bio: boolean; + displayName: boolean; + status: boolean; } ) { await checkPermission("users/action/wipe-profile", userId); @@ -457,15 +467,17 @@ export async function wipeUserProfile( ...(fields.banner ? { "profile.background": 1 } : {}), ...(fields.bio ? { "profile.content": 1 } : {}), ...(fields.status ? { "status.text": 1 } : {}), - ...(fields.avatar ? { "avatar": 1 } : {}), + ...(fields.avatar ? { avatar: 1 } : {}), }, - ...(fields.displayName ? { - $set: { - display_name: newDisplayName, - }, - } : {}), + ...(fields.displayName + ? { + $set: { + display_name: newDisplayName, + }, + } + : {}), } - ) + ); } export async function updateServerFlags(serverId: string, flags: number) {