fix(api): fixed being able to override user (#98)

This commit is contained in:
diced 2021-09-08 20:56:47 -07:00
commit ece3e16459
No known key found for this signature in database
GPG key ID: 85AB64C74535D76E

View file

@ -16,10 +16,20 @@ async function handler(req: NextApiReq, res: NextApiRes) {
});
}
if (req.body.username) await prisma.user.update({
where: { id: user.id },
data: { username: req.body.username }
});
if (req.body.username) {
const existing = await prisma.user.findFirst({
where: {
username: req.body.username
}
});
if (existing && user.username !== req.body.username) {
return res.forbid('Username is already taken');
}
await prisma.user.update({
where: { id: user.id },
data: { username: req.body.username }
});
}
if (req.body.embedTitle) await prisma.user.update({
where: { id: user.id },