1
0
mirror of https://gitlab.com/comunic/comunicapiv2 synced 2024-11-25 23:09:22 +00:00

Can change user password

This commit is contained in:
Pierre HUBERT 2019-12-30 13:20:24 +01:00
parent 184e3f9127
commit 48cb254b9b
3 changed files with 56 additions and 0 deletions

View File

@ -152,10 +152,29 @@ export class AccountController {
* @param h Request handler * @param h Request handler
*/ */
public static async CheckPasswordResetToken(h: RequestHandler) { public static async CheckPasswordResetToken(h: RequestHandler) {
// We just get user ID to check the validity of the token
await this.GetUserIDFromPasswordResetToken(h, "token"); await this.GetUserIDFromPasswordResetToken(h, "token");
h.success("The token is valid."); h.success("The token is valid.");
} }
/**
* Reset user password
*
* @param h Request handler
*/
public static async ResetUserPassword(h: RequestHandler) {
const userID = await this.GetUserIDFromPasswordResetToken(h, "token");
const newPassword = h.postString("password", 3);
// Set new password
await AccountHelper.ChangePassword(userID, newPassword);
// Destroy reset token
await AccountHelper.DestroyPasswordResetTokenForUser(userID);
h.success("Password changed!");
}
/** /**
* Get the user ID associated to a password reset token * Get the user ID associated to a password reset token
* *

View File

@ -53,6 +53,8 @@ export const Routes : Route[] = [
{path: "/account/check_password_reset_token", cb: (h) => AccountController.CheckPasswordResetToken(h), needLogin: false}, {path: "/account/check_password_reset_token", cb: (h) => AccountController.CheckPasswordResetToken(h), needLogin: false},
{path: "/account/reset_user_passwd", cb: (h) => AccountController.ResetUserPassword(h), needLogin: false},
// User controller // User controller
{path: "/user/getInfo", cb: (h) => UserController.GetSingle(h), needLogin: false}, {path: "/user/getInfo", cb: (h) => UserController.GetSingle(h), needLogin: false},

View File

@ -232,6 +232,24 @@ export class AccountHelper {
return token; return token;
} }
/**
* Destroy password reset token for a given user
*
* @param userID Target user ID
*/
public static async DestroyPasswordResetTokenForUser(userID: number) {
await DatabaseHelper.UpdateRows({
table: USER_TABLE,
where: {
ID: userID
},
set: {
password_reset_token: "",
password_reset_token_time_create: 85 // Value too low to be valid
}
});
}
/** /**
* Get the ID of a user from a password reset token * Get the ID of a user from a password reset token
* *
@ -254,6 +272,23 @@ export class AccountHelper {
return -1; return -1;
return result.ID; return result.ID;
}
/**
* Change the password of the user
*
* @param userID Target user ID
* @param password Target password
*/
public static async ChangePassword(userID: number, password: string) {
await DatabaseHelper.UpdateRows({
table: USER_TABLE,
where: {
ID: userID
},
set: {
password: this.CryptPassword(password)
}
});
} }
} }