mirror of
https://gitlab.com/comunic/comunicapiv2
synced 2024-11-23 22:09:23 +00:00
148 lines
3.4 KiB
TypeScript
148 lines
3.4 KiB
TypeScript
import { RequestHandler } from "../entities/RequestHandler";
|
|
import { AccountHelper } from "../helpers/AccountHelper";
|
|
import { UserHelper } from "../helpers/UserHelper";
|
|
|
|
/**
|
|
* Account controller
|
|
*
|
|
* @author Pierre HUBERT
|
|
*/
|
|
|
|
export class AccountController {
|
|
|
|
/**
|
|
* Attempt to login user
|
|
*
|
|
* @param handler
|
|
*/
|
|
public static async LoginUser(handler: RequestHandler) {
|
|
|
|
// Get post data
|
|
const email = handler.postEmail("userMail");
|
|
const password = handler.postString("userPassword");
|
|
|
|
// TODO : add limits
|
|
|
|
// Authenticate user
|
|
const tokens = await AccountHelper.LoginUser(email, password, handler.getClientInfo());
|
|
|
|
if(tokens == null) {
|
|
// TODO : add limits
|
|
|
|
handler.error(401, "Invalid e-mail address / password !");
|
|
}
|
|
|
|
// Success
|
|
handler.send({
|
|
success: "User signed in!",
|
|
tokens: {
|
|
token1: tokens.token1,
|
|
token2: tokens.token2
|
|
}
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Disconnect user
|
|
*
|
|
* @param handler
|
|
*/
|
|
public static async LogoutUser(handler: RequestHandler) {
|
|
|
|
await AccountHelper.DestroyUserTokens(handler.getClientInfo(),
|
|
handler.getUserId());
|
|
|
|
handler.success("User has been disconnected!");
|
|
}
|
|
|
|
/**
|
|
* Get current user ID
|
|
*
|
|
* @param handler
|
|
*/
|
|
public static CurrentUserID(handler: RequestHandler) {
|
|
handler.send({
|
|
userID: handler.getUserId()
|
|
});
|
|
}
|
|
|
|
/**
|
|
* Check out whether an email is associated to an account
|
|
* or not
|
|
*
|
|
* @param h Request handler
|
|
*/
|
|
public static async ExistsMail(h: RequestHandler) {
|
|
const email = h.postEmail("email");
|
|
|
|
h.send({
|
|
exists: await AccountHelper.ExistsEmail(email)
|
|
})
|
|
}
|
|
|
|
/**
|
|
* Check if an account associated with an email address has
|
|
* setup security questions or not
|
|
*
|
|
* @param h Request handler
|
|
*/
|
|
public static async HasSecurityQuestions(h: RequestHandler) {
|
|
const userID = await h.postUserIdFromEmail("email");
|
|
const settings = await UserHelper.GetUserInfo(userID);
|
|
|
|
h.send({
|
|
defined: settings.hasSecurityQuestions
|
|
})
|
|
}
|
|
|
|
/**
|
|
* Get the security questions of a user, in order to reset its
|
|
* password
|
|
*
|
|
* @param h Request handler
|
|
*/
|
|
public static async GetSecurityQuestions(h: RequestHandler) {
|
|
const userID = await h.postUserIdFromEmail("email");
|
|
const settings = await UserHelper.GetUserInfo(userID);
|
|
|
|
if(!settings.hasSecurityQuestions)
|
|
h.error(401, "Specified user has not setup security questions !");
|
|
|
|
h.send({
|
|
questions: [
|
|
settings.security_question_1,
|
|
settings.security_question_2
|
|
]
|
|
})
|
|
}
|
|
|
|
/**
|
|
* Check the answer given by the user
|
|
*
|
|
* @param h Request handler
|
|
*/
|
|
public static async CheckSecurityAnswers(h: RequestHandler) {
|
|
const userID = await h.postUserIdFromEmail("email");
|
|
const settings = await UserHelper.GetUserInfo(userID);
|
|
|
|
if(!settings.hasSecurityQuestions)
|
|
h.error(401, "Specified user has not setup security questions !");
|
|
|
|
// Get the answers of the user
|
|
const answers = h.postString("answers", 3).split("&")
|
|
.map((e) => decodeURIComponent(e).toLowerCase().trim());
|
|
|
|
if(answers.length != 2)
|
|
h.error(401, "Please specify two security answers !");
|
|
|
|
// Check the answers
|
|
if(answers[0] != settings.security_answer_1.toLowerCase().trim() ||
|
|
answers[1] != settings.security_answer_2.toLowerCase().trim())
|
|
h.error(401, "Specified ecurity answers are invalid!");
|
|
|
|
// If we get there, security answers are valid, we can create a password reset token
|
|
h.send({
|
|
reset_token: await AccountHelper.GenerateNewPasswordResetToken(userID)
|
|
});
|
|
}
|
|
} |