From b51cb55504e07ee791106fc99287a13a9f83286e Mon Sep 17 00:00:00 2001
From: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>
Date: Thu, 12 Aug 2021 01:49:43 +0200
Subject: [PATCH] :bug: fix login undelete/undisable

---
 package-lock.json        | Bin 686195 -> 686195 bytes
 package.json             |   2 +-
 src/routes/auth/login.ts |  21 +++++++--------------
 3 files changed, 8 insertions(+), 15 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index d183ca94e23335b07ef91d9834c3bcb0bbcd9932..d8e2d01d52467e76d41282ad5f3bafa40d3e374b 100644
GIT binary patch
delta 282
zcmezTLG$wm%?Y0wEjNBy7Bl(aI)lllVl}2OJi?+7T9g<bRcc`wVQ8M4=U0+wlH(Ym
zt(|G=o#kqgub*!c8Cn`(5R{jtUFsGRURG9O8W`vuS>~Kvk!&8Eo}F41Y@B9V7VMgw
zn&YKk5tZYWRpuIO5-^!DL}9Z1687f4xc0s{Mj&PaVrC#_+1?k&`n-=0ZkXOUk4<K}
fzZM(&=DxU-jO}_KSb>-gh}nUdW4qo5PS*|qUO#G6

delta 276
zcmezTLG$wm%?Y0wEjE5x7Bju^39G^6Q?VM;6{Xk|LXASb^-BwK(vzIBi`|@yOmp4B
z3SA7NOkGlvgM&S?w1acJlZ;b597A)AeA6;RO^fo4Ow!XV%nhQFUG&qVQd5gll7fsY
zT~h;sG9y#+B21jCJhdk$Zc%UUi)-(TV+3L*AZ7+)mhF9Utk3&U9S}wn2Lw(xv}IG;
b+!uF}v0d*2D-g2*F*^`*Y}fn1>DmDRg0y66

diff --git a/package.json b/package.json
index d225dba6a..80e57e511 100644
--- a/package.json
+++ b/package.json
@@ -33,7 +33,7 @@
 	},
 	"homepage": "https://github.com/fosscord/fosscord-api#readme",
 	"dependencies": {
-		"@fosscord/server-util": "^1.3.48",
+		"@fosscord/server-util": "^1.3.49",
 		"@types/jest": "^26.0.22",
 		"@types/json-schema": "^7.0.7",
 		"ajv": "^8.4.0",
diff --git a/src/routes/auth/login.ts b/src/routes/auth/login.ts
index 8d1a8df30..6c4e5e3ec 100644
--- a/src/routes/auth/login.ts
+++ b/src/routes/auth/login.ts
@@ -47,27 +47,20 @@ router.post(
 
 		const user = await UserModel.findOne(
 			{ $or: query },
-			{
-				user_data: {
-					hash: true
-				},
-				id: true,
-				user_settings: {
-					locale: true,
-					theme: true
-				}
-			}
+			{ user_data: { hash: true }, id: true, disabled: true, deleted: true, user_settings: { locale: true, theme: true } }
 		)
 			.exec()
 			.catch((e) => {
 				throw FieldErrors({ login: { message: req.t("auth:login.INVALID_LOGIN"), code: "INVALID_LOGIN" } });
 			});
 
-		if (user.disabled && undelete) {
+		if (undelete) {
 			// undelete refers to un'disable' here
-			await UserModel.updateOne({ id: req.user_id }, { disabled: false }).exec();
-		} else if (user.disabled) {
-			return res.status(400).json({ message: req.t("auth:login.ACCOUNT_DISABLED"), code: 20013 });
+			if (user.disabled) await UserModel.updateOne({ id: user.id }, { disabled: false }).exec();
+			if (user.deleted) await UserModel.updateOne({ id: user.id }, { deleted: false }).exec();
+		} else {
+			if (user.deleted) return res.status(400).json({ message: "This account is scheduled for deletion.", code: 20011 });
+			if (user.disabled) return res.status(400).json({ message: req.t("auth:login.ACCOUNT_DISABLED"), code: 20013 });
 		}
 
 		// the salt is saved in the password refer to bcrypt docs