diff --git a/RestControllers/SettingsController.php b/RestControllers/SettingsController.php index 625afdc..55f7dcd 100644 --- a/RestControllers/SettingsController.php +++ b/RestControllers/SettingsController.php @@ -157,6 +157,30 @@ class SettingsController { return array("success" => "The security settings of the user have been successfully saved !"); } + /** + * Update user password + * + * @url POST /settings/update_password + */ + public function updatePassword(){ + + //User login required + user_login_required(); + + //Check the old password + check_post_password(userID, "oldPassword"); + + //Get and save the new password + $newPassword = postString("newPassword"); + + //Try to save password + if(!components()->account->set_new_user_password(userID, $newPassword)) + Rest_fatal_error(500, "Could not update user password!"); + + //Success + return array("success" => "The password has been updated !"); + } + /** * Turn a GeneralSettings object into a valid API object * diff --git a/classes/components/AccountComponent.php b/classes/components/AccountComponent.php index c379de1..b53f85e 100644 --- a/classes/components/AccountComponent.php +++ b/classes/components/AccountComponent.php @@ -224,6 +224,25 @@ class AccountComponent { return CS::get()->db->count(self::USER_TABLE, $sql_conds, $values) > 0; } + /** + * Update user password + * + * @param int $userID Target user ID + * @param string $password The new password to set to the user + * @return bool TRUE in case of success / FALSE else + */ + public function set_new_user_password(int $userID, string $password) : bool { + + //Crypt the password + $password = $this->cryptPassword($password); + + //Prepare database update + $modif = array("password" => $password); + + //Perform the request + return CS::get()->db->updateDB(self::USER_TABLE, "ID = ?", $modif, array($userID)); + } + /** * Crypt user password *