diff options
| author | Pitu <[email protected]> | 2019-03-02 22:36:16 +0900 |
|---|---|---|
| committer | Pitu <[email protected]> | 2019-03-02 22:36:16 +0900 |
| commit | 99bc74875edb44b4e679b17158511474cd575e10 (patch) | |
| tree | 66df28d187b6c4a8fb74afca52869d48a664e30e /src/api | |
| parent | Removed google analytics (diff) | |
| download | host.fuwn.me-99bc74875edb44b4e679b17158511474cd575e10.tar.xz host.fuwn.me-99bc74875edb44b4e679b17158511474cd575e10.zip | |
Various password fixes
Diffstat (limited to 'src/api')
| -rw-r--r-- | src/api/routes/user/changePasswordPOST.js | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/api/routes/user/changePasswordPOST.js b/src/api/routes/user/changePasswordPOST.js index d73cff3..9cd621e 100644 --- a/src/api/routes/user/changePasswordPOST.js +++ b/src/api/routes/user/changePasswordPOST.js @@ -14,6 +14,12 @@ class changePasswordPOST extends Route { if (!password || !newPassword) return res.status(401).json({ message: 'Invalid body provided' }); if (password === newPassword) return res.status(400).json({ message: 'Passwords have to be different' }); + /* + Checks if the password is right + */ + const comparePassword = await bcrypt.compare(password, user.password); + if (!comparePassword) return res.status(401).json({ message: 'Current password is incorrect' }); + if (newPassword.length < 6 || newPassword.length > 64) { return res.status(400).json({ message: 'Password must have 6-64 characters' }); } |