fix tracking inactivated accounts

Bricks666 · Jan 27, 2024 · f35eb89 · f35eb89
1 parent ab847a5
commit f35eb89
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/src/auth/lib/activated/is-activated.guard.ts b/src/auth/lib/activated/is-activated.guard.ts
@@ -1,9 +1,4 @@
-import {
-	CanActivate,
-	ExecutionContext,
-	ForbiddenException,
-	Injectable
-} from '@nestjs/common';
+import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import { Request } from 'express';
 import { SecurityUserDto } from '@/users/dto';
@@ -31,7 +26,7 @@ export class IsActivatedGuard implements CanActivate {
 		const user = (req as any).user as SecurityUserDto;
 
 		if (!user) {
-			throw new ForbiddenException('User is not activated');
+			return true;
 		}
 
 		return this.usersService.isActivated({ id: user.id, });

diff --git a/src/auth/services/auth/auth.service.ts b/src/auth/services/auth/auth.service.ts
@@ -1,4 +1,5 @@
 import {
+	BadRequestException,
 	ConflictException,
 	ForbiddenException,
 	Injectable,
@@ -76,13 +77,17 @@ export class AuthService {
 
 		const user = await this.usersService.getInsecure({ email, });
 
+		if (!user.activated) {
+			throw new BadRequestException('User is not activated');
+		}
+
 		const isValidPassword = await compare(password, user.password);
 
 		if (!isValidPassword) {
 			throw new ForbiddenException('Incorrect password');
 		}
 
-		user.password = undefined;
+		delete user.password;
 
 		const tokens = await this.#generateTokens(user);