blob: 82bce409c7170aeef9e3a200089d36642cd5a9ff (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
const bcrypt = require('bcrypt');
const moment = require('moment');
const Route = require('../../structures/Route');
const log = require('../../utils/Log');
class changePasswordPOST extends Route {
constructor() {
super('/user/password/change', 'post');
}
async run(req, res, db, user) {
if (!req.body) return res.status(400).json({ message: 'No body provided' });
const { password, newPassword } = req.body;
if (!password || !newPassword) return res.status(401).json({ message: 'Invalid body provided' });
if (password === newPassword) return res.status(400).json({ message: 'Passwords have to be different' });
/*
Checks if the password is right
*/
const comparePassword = await bcrypt.compare(password, user.password);
if (!comparePassword) return res.status(401).json({ message: 'Current password is incorrect' });
if (newPassword.length < 6 || newPassword.length > 64) {
return res.status(400).json({ message: 'Password must have 6-64 characters' });
}
let hash;
try {
hash = await bcrypt.hash(newPassword, 10);
} catch (error) {
log.error('Error generating password hash');
log.error(error);
return res.status(401).json({ message: 'There was a problem processing your account' });
}
const now = moment.utc().toDate();
await db.table('users').where('id', user.id).update({
password: hash,
passwordEditedAt: now
});
return res.json({ message: 'The password was changed successfully' });
}
}
module.exports = changePasswordPOST;
|