refs #5472 feat(user): add passExpired

back/methods/vn-user/signIn.js

@@ -27,33 +27,38 @@ module.exports = Self => {
     });
 
     Self.signIn = async function(user, password) {
-        let models = Self.app.models;
+        const models = Self.app.models;
+        const usesEmail = user.indexOf('@') !== -1;
         let token;
-        let usesEmail = user.indexOf('@') !== -1;
 
-        let userInfo = usesEmail
+        const userInfo = usesEmail
             ? {email: user}
             : {username: user};
-        let instance = await Self.findOne({
+        const instance = await Self.findOne({
             fields: ['username', 'password'],
             where: userInfo
         });
 
-        let where = usesEmail
+        const where = usesEmail
             ? {email: user}
             : {name: user};
-        let vnUser = await Self.findOne({
+        const vnUser = await Self.findOne({
-            fields: ['active'],
+            fields: ['active', 'passExpired'],
             where
         });
 
-        let validCredentials = instance
+        const validCredentials = instance
             && await instance.hasPassword(password);
+        const today = Date.vnNew();
+        today.setHours(0, 0, 0, 0);
 
         if (validCredentials) {
             if (!vnUser.active)
                 throw new UserError('User disabled');
 
+            if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime())
+                throw new UserError('Pass expired');
+
             try {
                 await models.Account.sync(instance.username, password);
             } catch (err) {

back/models/vn-user.js

@@ -107,4 +107,33 @@ module.exports = function(Self) {
 
         return email.send();
     });
+
+    Self.remoteMethod('setPassword', {
+        description: 'Reset user\'s password via a password-reset token.',
+        accepts: [
+            {arg: 'id', type: 'any', http: getUserIdFromRequestContext},
+            {arg: 'newPassword', type: 'string', required: true, http: {source: 'form'}},
+            {arg: 'options', type: 'object', http: 'optionsFromRequest'},
+        ],
+        accessScopes: setPasswordScopes,
+        http: {verb: 'POST', path: '/reset-password'},
+    },
+    );
+
+    function getUserIdFromRequestContext(ctx) {
+        const token = ctx.req.accessToken;
+        if (!token) return;
+
+        const hasPrincipalType = 'principalType' in token;
+        if (hasPrincipalType && token.principalType !== UserModel.modelName) {
+            // We have multiple user models related to the same access token model
+            // and the token used to authorize reset-password request was created
+            // for a different user model.
+            const err = new Error(g.f('Access Denied'));
+            err.statusCode = 403;
+            throw err;
+        }
+
+        return token.userId;
+    }
 };

back/models/vn-user.json

@@ -62,7 +62,10 @@
 		},
 		"hasGrant": {
 			"type": "boolean"
-		}
+		},
+        "passExpired": {
+            "type": "date"
+        }
 	},
 	"relations": {
 		"role": {

db/changes/231601/00-userPassExpired.sql

@@ -0,0 +1 @@
+ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;

front/salix/components/reset-password/index.js

@@ -33,7 +33,7 @@ export default class Controller {
 
         const newPassword = this.newPassword;
 
-        this.$http.post('users/reset-password', {newPassword}, {headers})
+        this.$http.post('VnUsers/reset-password', {newPassword}, {headers})
             .then(() => {
                 this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
                 this.$state.go('login');

loopback/locale/en.json

@@ -170,5 +170,6 @@
 	"comercialName": "Comercial",
 	"Added observation": "Added observation",
 	"Comment added to client": "Comment added to client",
-	"This ticket is already a refund": "This ticket is already a refund"
+	"This ticket is already a refund": "This ticket is already a refund",
-}
+    "Pass expired": "The password has expired, change it from Salix"
+}

loopback/locale/es.json

@@ -279,15 +279,16 @@
 	"Comment added to client": "Observación añadida al cliente {{clientFk}}",
 	"Cannot create a new claimBeginning from a different ticket": "No se puede crear una línea de reclamación de un ticket diferente al origen",
 	"company": "Compañía",
-    "country": "País",
+	"country": "País",
-    "clientId": "Id cliente",
+	"clientId": "Id cliente",
-    "clientSocialName": "Cliente",
+	"clientSocialName": "Cliente",
-    "amount": "Importe",
+	"amount": "Importe",
-    "taxableBase": "Base",
+	"taxableBase": "Base",
-    "ticketFk": "Id ticket",
+	"ticketFk": "Id ticket",
-    "isActive": "Activo",
+	"isActive": "Activo",
-    "hasToInvoice": "Facturar",
+	"hasToInvoice": "Facturar",
-    "isTaxDataChecked": "Datos comprobados",
+	"isTaxDataChecked": "Datos comprobados",
-    "comercialId": "Id comercial",
+	"comercialId": "Id comercial",
-    "comercialName": "Comercial"
+	"comercialName": "Comercial",
+	"Pass expired": "La contraseña ha caducado, cambiela desde Salix"
 }