password reset live

author: kimdahey <claire_kim1@brown.edu> 2019-12-05 11:57:15 -0500
committer: kimdahey <claire_kim1@brown.edu> 2019-12-05 11:57:15 -0500
commit: 88a716d8b7abb0255feea5bc32843ba68910eff5 (patch)
tree: 0008bbaf477522545102726d444aa2fb277c10c7 /src/server/ApiManagers/UserManager.ts
parent: 70583fa47bd9920d1823d381708c81283534d6ce (diff)
1 files changed, 49 insertions, 0 deletions
diff --git a/src/server/ApiManagers/UserManager.ts b/src/server/ApiManagers/UserManager.ts
index 0f7d14320..7e8ceb189 100644
--- a/src/server/ApiManagers/UserManager.ts
+++ b/src/server/ApiManagers/UserManager.ts
@@ -2,6 +2,8 @@ import ApiManager, { Registration } from "./ApiManager";
 import { Method } from "../RouteManager";
 import { Database } from "../database";
 import { msToTime } from "../ActionUtilities";
+import * as bcrypt from "bcrypt-nodejs";
+import { Opt } from "../../new_fields/Doc";
 
 export const timeMap: { [id: string]: number } = {};
 interface ActivityUnit {
@@ -37,6 +39,53 @@ export default class UserManager extends ApiManager {
         });
 
         register({
+            method: Method.POST,
+            subscription: '/internalResetPassword',
+            onValidation: async ({ user, req, res }) => {
+                const result: any = {};
+                const { curr_pass, new_pass, new_confirm } = req.body;
+                // perhaps should assert whether curr password is entered correctly
+                const validated = await new Promise<Opt<boolean>>(resolve => {
+                    bcrypt.compare(curr_pass, user.password, (err, passwords_match) => {
+                        if (err) {
+                            result.error = "Incorrect current password";
+                            res.send(result);
+                            resolve(undefined);
+                        } else {
+                            resolve(passwords_match);
+                        }
+                    });
+                });
+
+                if (validated === undefined) {
+                    return;
+                }
+
+                req.assert("new_pass", "Password must be at least 4 characters long").len({ min: 4 });
+                req.assert("new_confirm", "Passwords do not match").equals(new_pass);
+
+                // was there error in validating new passwords?
+                if (req.validationErrors()) {
+                    // was there error?
+                    result.error = req.validationErrors();
+                }
+
+                user.password = new_pass;
+                user.passwordResetToken = undefined;
+                user.passwordResetExpires = undefined;
+
+                user.save(err => {
+                    if (err) {
+                        result.error = "saving";
+                    }
+                });
+
+                res.send(result);
+            }
+        });
+
+
+        register({
             method: Method.GET,
             subscription: "/activity",
             onValidation: ({ res }) => {
author	kimdahey <claire_kim1@brown.edu>	2019-12-05 11:57:15 -0500
committer	kimdahey <claire_kim1@brown.edu>	2019-12-05 11:57:15 -0500
commit	88a716d8b7abb0255feea5bc32843ba68910eff5 (patch)
tree	0008bbaf477522545102726d444aa2fb277c10c7 /src/server/ApiManagers/UserManager.ts
parent	70583fa47bd9920d1823d381708c81283534d6ce (diff)