spee.ch/server/controllers/api/user/password/index.js

69 lines
1.8 KiB
JavaScript
Raw Normal View History

const { handleErrorResponse } = require('../../../utils/errorHandlers.js');
const logger = require('winston');
const db = require('../../../../models');
const { masterPassword } = require('@private/authConfig.json');
/*
route to update a password
*/
const updateUserPassword = ({ ip, originalUrl, body }, res) => {
let userRecord;
const { userName, oldPassword, newPassword } = body;
2018-05-31 18:38:11 +02:00
2018-05-31 18:36:45 +02:00
if (!masterPassword) {
return res.status(400).json({
success: false,
message: 'no master password set in site config',
});
}
if (!userName || !oldPassword || !newPassword) {
return res.status(400).json({
success: false,
message: 'body should include userName (channel name without the @), oldPassword, & newPassword',
});
}
db.User.findOne({
where: {
userName,
},
})
.then(user => {
userRecord = user;
if (!userRecord) {
throw new Error('no user found');
}
if (oldPassword === masterPassword) {
logger.debug('master password provided');
return true;
} else {
logger.debug('old password provided');
return userRecord.comparePassword(oldPassword);
}
})
.then(isMatch => {
if (!isMatch) {
throw new Error('Incorrect old password.');
}
logger.debug('Password was a match, updating password');
return userRecord.changePassword(newPassword);
})
.then(() => {
logger.debug('Password successfully updated');
return res.status(200).json({
success: true,
message: 'Password successfully updated',
oldPassword,
newPassword,
});
})
.catch((error) => {
handleErrorResponse(originalUrl, ip, error, res);
});
};
module.exports = updateUserPassword;