From ee1b86e36c2c8a035163f83123c42f3a2da3a411 Mon Sep 17 00:00:00 2001
From: les <lesion@autistici.org>
Date: Wed, 2 Oct 2019 21:04:24 +0200
Subject: [PATCH] [fix] password recovery

---
 server/api/controller/user.js | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/server/api/controller/user.js b/server/api/controller/user.js
index edcb25de..5c02f4f1 100644
--- a/server/api/controller/user.js
+++ b/server/api/controller/user.js
@@ -184,12 +184,7 @@ const userController = {
     if (!recover_code) { return res.sendStatus(400) }
     const user = await User.findOne({ where: { recover_code: { [Op.eq]: recover_code } } })
     if (!user) { return res.sendStatus(400) }
-    try {
-      await user.update({ recover_code: '' })
       res.sendStatus(200)
-    } catch (e) {
-      res.sendStatus(400)
-    }
   },
 
   async updatePasswordWithRecoverCode (req, res) {
@@ -198,10 +193,8 @@ const userController = {
     if (!recover_code || !password) { return res.sendStatus(400) }
     const user = await User.findOne({ where: { recover_code: { [Op.eq]: recover_code } } })
     if (!user) { return res.sendStatus(400) }
-    user.recover_code = ''
-    user.password = password
     try {
-      await user.save()
+      await user.update({ recover_code: '', password })
       res.sendStatus(200)
     } catch (e) {
       res.sendStatus(400)