From 80e9d8a11eced0cd6aae75c8c6715c26fae4ea94 Mon Sep 17 00:00:00 2001
From: lesion <lesion@autistici.org>
Date: Tue, 28 Jun 2022 13:34:30 +0200
Subject: [PATCH] do not set recover_code during user registration

---
 server/api/controller/user.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/server/api/controller/user.js b/server/api/controller/user.js
index 5221d208..7affed42 100644
--- a/server/api/controller/user.js
+++ b/server/api/controller/user.js
@@ -80,7 +80,6 @@ const userController = {
     if (!settingsController.settings.allow_registration) { return res.sendStatus(404) }
     const n_users = await User.count()
     try {
-      req.body.recover_code = crypto.randomBytes(16).toString('hex')
 
       // the first registered user will be an active admin
       if (n_users === 0) {
@@ -104,7 +103,7 @@ const userController = {
       res.sendStatus(200)
     } catch (e) {
       log.error('Registration error:', e)
-      res.status(404).json(e)
+      res.status(400).json(e)
     }
   },