1 files changed, 18 insertions, 16 deletions

diff --git a/src/server/authentication/AuthenticationManager.ts b/src/server/authentication/AuthenticationManager.ts
index 5bc6e96b4..b1b84c300 100644
--- a/src/server/authentication/AuthenticationManager.ts
+++ b/src/server/authentication/AuthenticationManager.ts
@@ -8,6 +8,7 @@ import * as nodemailer from 'nodemailer';
 import * as c from 'crypto';
 import { emptyFunction, Utils } from '../../Utils';
 import { MailOptions } from 'nodemailer/lib/stream-transport';
+import { check, validationResult } from 'express-validator';
 
 /**
  * GET /signup
@@ -30,14 +31,14 @@ export let getSignup = (req: Request, res: Response) => {
  */
 export let postSignup = (req: Request, res: Response, next: NextFunction) => {
     const email = req.body.email as String;
-    req.assert('email', 'Email is not valid').isEmail();
-    req.assert('password', 'Password must be at least 4 characters long').len({ min: 4 });
-    req.assert('confirmPassword', 'Passwords do not match').equals(req.body.password);
-    req.sanitize('email').normalizeEmail({ gmail_remove_dots: false });
+    check('email', 'Email is not valid').isEmail().run(req);
+    check('password', 'Password must be at least 4 characters long').isLength({ min: 4 }).run(req);
+    check('confirmPassword', 'Passwords do not match').equals(req.body.password).run(req);
+    check('email').normalizeEmail({ gmail_remove_dots: false }).run(req);
 
-    const errors = req.validationErrors();
+    const errors = validationResult(req).array();
 
-    if (errors) {
+    if (errors.length) {
         return res.redirect('/signup');
     }
 
@@ -108,12 +109,12 @@ export let postLogin = (req: Request, res: Response, next: NextFunction) => {
         req.body.email = 'guest';
         req.body.password = 'guest';
     } else {
-        req.assert('email', 'Email is not valid').isEmail();
-        req.assert('password', 'Password cannot be blank').notEmpty();
-        req.sanitize('email').normalizeEmail({ gmail_remove_dots: false });
+        check('email', 'Email is not valid').isEmail().run(req);
+        check('password', 'Password cannot be blank').notEmpty().run(req);
+        check('email').normalizeEmail({ gmail_remove_dots: false }).run(req);
     }
 
-    if (req.validationErrors()) {
+    if (validationResult(req).array().length) {
         req.flash('errors', 'Unable to login at this time. Please try again.');
         return res.redirect('/signup');
     }
@@ -143,9 +144,10 @@ export let postLogin = (req: Request, res: Response, next: NextFunction) => {
  * and destroys the user's current session.
  */
 export let getLogout = (req: Request, res: Response) => {
-    req.logout(emptyFunction);
-    req.session?.destroy(err => err && console.log(err));
-    res.redirect('/login');
+    req.logout(err => {
+        if (err) console.log(err);
+        else res.redirect('/login');
+    });
 };
 
 export let getForgot = function (req: Request, res: Response) {
@@ -235,10 +237,10 @@ export let postReset = function (req: Request, res: Response) {
                     .then(user => {
                         if (!user) return res.redirect('back');
 
-                        req.assert('password', 'Password must be at least 4 characters long').len({ min: 4 });
-                        req.assert('confirmPassword', 'Passwords do not match').equals(req.body.password);
+                        check('password', 'Password must be at least 4 characters long').isLength({ min: 4 }).run(req);
+                        check('confirmPassword', 'Passwords do not match').equals(req.body.password).run(req);
 
-                        if (req.validationErrors()) return res.redirect('back');
+                        if (validationResult(req).array().length) return res.redirect('back');
 
                         user.password = req.body.password;
                         user.passwordResetToken = undefined;