refs #5472 feat(user): add passExpired
gitea/salix/pipeline/head There was a failure building this commit
Details
gitea/salix/pipeline/head There was a failure building this commit
Details
This commit is contained in:
parent
099ed2578c
commit
42fc0b62d8
|
@ -27,33 +27,38 @@ module.exports = Self => {
|
|||
});
|
||||
|
||||
Self.signIn = async function(user, password) {
|
||||
let models = Self.app.models;
|
||||
const models = Self.app.models;
|
||||
const usesEmail = user.indexOf('@') !== -1;
|
||||
let token;
|
||||
let usesEmail = user.indexOf('@') !== -1;
|
||||
|
||||
let userInfo = usesEmail
|
||||
const userInfo = usesEmail
|
||||
? {email: user}
|
||||
: {username: user};
|
||||
let instance = await Self.findOne({
|
||||
const instance = await Self.findOne({
|
||||
fields: ['username', 'password'],
|
||||
where: userInfo
|
||||
});
|
||||
|
||||
let where = usesEmail
|
||||
const where = usesEmail
|
||||
? {email: user}
|
||||
: {name: user};
|
||||
let vnUser = await Self.findOne({
|
||||
fields: ['active'],
|
||||
const vnUser = await Self.findOne({
|
||||
fields: ['active', 'passExpired'],
|
||||
where
|
||||
});
|
||||
|
||||
let validCredentials = instance
|
||||
const validCredentials = instance
|
||||
&& await instance.hasPassword(password);
|
||||
const today = Date.vnNew();
|
||||
today.setHours(0, 0, 0, 0);
|
||||
|
||||
if (validCredentials) {
|
||||
if (!vnUser.active)
|
||||
throw new UserError('User disabled');
|
||||
|
||||
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime())
|
||||
throw new UserError('Pass expired');
|
||||
|
||||
try {
|
||||
await models.Account.sync(instance.username, password);
|
||||
} catch (err) {
|
||||
|
|
|
@ -107,4 +107,33 @@ module.exports = function(Self) {
|
|||
|
||||
return email.send();
|
||||
});
|
||||
|
||||
Self.remoteMethod('setPassword', {
|
||||
description: 'Reset user\'s password via a password-reset token.',
|
||||
accepts: [
|
||||
{arg: 'id', type: 'any', http: getUserIdFromRequestContext},
|
||||
{arg: 'newPassword', type: 'string', required: true, http: {source: 'form'}},
|
||||
{arg: 'options', type: 'object', http: 'optionsFromRequest'},
|
||||
],
|
||||
accessScopes: setPasswordScopes,
|
||||
http: {verb: 'POST', path: '/reset-password'},
|
||||
},
|
||||
);
|
||||
|
||||
function getUserIdFromRequestContext(ctx) {
|
||||
const token = ctx.req.accessToken;
|
||||
if (!token) return;
|
||||
|
||||
const hasPrincipalType = 'principalType' in token;
|
||||
if (hasPrincipalType && token.principalType !== UserModel.modelName) {
|
||||
// We have multiple user models related to the same access token model
|
||||
// and the token used to authorize reset-password request was created
|
||||
// for a different user model.
|
||||
const err = new Error(g.f('Access Denied'));
|
||||
err.statusCode = 403;
|
||||
throw err;
|
||||
}
|
||||
|
||||
return token.userId;
|
||||
}
|
||||
};
|
||||
|
|
|
@ -62,6 +62,9 @@
|
|||
},
|
||||
"hasGrant": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"passExpired": {
|
||||
"type": "date"
|
||||
}
|
||||
},
|
||||
"relations": {
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
|
|
@ -33,7 +33,7 @@ export default class Controller {
|
|||
|
||||
const newPassword = this.newPassword;
|
||||
|
||||
this.$http.post('users/reset-password', {newPassword}, {headers})
|
||||
this.$http.post('VnUsers/reset-password', {newPassword}, {headers})
|
||||
.then(() => {
|
||||
this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
|
||||
this.$state.go('login');
|
||||
|
|
|
@ -170,5 +170,6 @@
|
|||
"comercialName": "Comercial",
|
||||
"Added observation": "Added observation",
|
||||
"Comment added to client": "Comment added to client",
|
||||
"This ticket is already a refund": "This ticket is already a refund"
|
||||
"This ticket is already a refund": "This ticket is already a refund",
|
||||
"Pass expired": "The password has expired, change it from Salix"
|
||||
}
|
|
@ -289,5 +289,6 @@
|
|||
"hasToInvoice": "Facturar",
|
||||
"isTaxDataChecked": "Datos comprobados",
|
||||
"comercialId": "Id comercial",
|
||||
"comercialName": "Comercial"
|
||||
"comercialName": "Comercial",
|
||||
"Pass expired": "La contraseña ha caducado, cambiela desde Salix"
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue