added route and controller for updating user password

This commit is contained in:
bill bittner 2018-05-30 18:52:13 -07:00
parent 7941fc0ac8
commit 7b644f9991
2 changed files with 63 additions and 0 deletions

View file

@ -0,0 +1,60 @@
const { handleErrorResponse } = require('../../../utils/errorHandlers.js');
const logger = require('winston');
const db = require('../../../../models');
const siteConfig = require('./config/siteConfig.js');
const masterPassword = siteConfig.auth.sessionKey;
/*
route to update a password
*/
const updateUserPassword = ({ ip, originalUrl, body }, res) => {
let userRecord;
const { userName, oldPassword, newPassword } = body;
if (!user || !oldPassword || newPassword) {
return res.status(400).json({success: false, message: 'body should include userName (channel name without the @), oldPassword, & newPassword'});
};
db.User.findOne({
where: {
userName,
},
})
.then(user => {
if (!user) {
throw new Error('no user found');
}
userRecord = user;
if (oldPassword === masterPassword) {
console.log('master password provided');
return true;
} else {
console.log('old password provided');
return user.comparePassword(oldPassword);
}
})
.then(isMatch => {
if (!isMatch) {
throw new Error('Incorrect old password.');
}
logger.debug('Password was a match, updating password');
return user.changePassword(newPassword);
})
.then(() => {
logger.debug('Password successfully updated');
return res.status(200).json({
success: true,
message: 'Password successfully updated',
oldPassword,
newPassword,
});
})
.catch((error) => {
handleErrorResponse(originalUrl, ip, error, res);
});
};
module.exports = updateUserPassword;

View file

@ -12,6 +12,7 @@ const claimPublish = require('../../controllers/api/claim/publish');
const claimResolve = require('../../controllers/api/claim/resolve');
const claimShortId = require('../../controllers/api/claim/shortId');
const fileAvailability = require('../../controllers/api/file/availability');
const userPassword = require('../../controllers/api/user/password');
const multipartMiddleware = require('../utils/multipartMiddleware');
@ -33,4 +34,6 @@ module.exports = (app) => {
app.get('/api/claim/short-id/:longId/:name', claimShortId);
// file routes
app.get('/api/file/availability/:name/:claimId', fileAvailability);
// user routes
app.put('/api/user/password/', userPassword);
};