refs #5472 feat(user): add passExpired
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Alex Moreno 2023-04-27 15:18:27 +02:00
parent 099ed2578c
commit 42fc0b62d8
7 changed files with 63 additions and 23 deletions

View File

@ -27,33 +27,38 @@ module.exports = Self => {
});
Self.signIn = async function(user, password) {
let models = Self.app.models;
const models = Self.app.models;
const usesEmail = user.indexOf('@') !== -1;
let token;
let usesEmail = user.indexOf('@') !== -1;
let userInfo = usesEmail
const userInfo = usesEmail
? {email: user}
: {username: user};
let instance = await Self.findOne({
const instance = await Self.findOne({
fields: ['username', 'password'],
where: userInfo
});
let where = usesEmail
const where = usesEmail
? {email: user}
: {name: user};
let vnUser = await Self.findOne({
fields: ['active'],
const vnUser = await Self.findOne({
fields: ['active', 'passExpired'],
where
});
let validCredentials = instance
const validCredentials = instance
&& await instance.hasPassword(password);
const today = Date.vnNew();
today.setHours(0, 0, 0, 0);
if (validCredentials) {
if (!vnUser.active)
throw new UserError('User disabled');
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime())
throw new UserError('Pass expired');
try {
await models.Account.sync(instance.username, password);
} catch (err) {

View File

@ -107,4 +107,33 @@ module.exports = function(Self) {
return email.send();
});
Self.remoteMethod('setPassword', {
description: 'Reset user\'s password via a password-reset token.',
accepts: [
{arg: 'id', type: 'any', http: getUserIdFromRequestContext},
{arg: 'newPassword', type: 'string', required: true, http: {source: 'form'}},
{arg: 'options', type: 'object', http: 'optionsFromRequest'},
],
accessScopes: setPasswordScopes,
http: {verb: 'POST', path: '/reset-password'},
},
);
function getUserIdFromRequestContext(ctx) {
const token = ctx.req.accessToken;
if (!token) return;
const hasPrincipalType = 'principalType' in token;
if (hasPrincipalType && token.principalType !== UserModel.modelName) {
// We have multiple user models related to the same access token model
// and the token used to authorize reset-password request was created
// for a different user model.
const err = new Error(g.f('Access Denied'));
err.statusCode = 403;
throw err;
}
return token.userId;
}
};

View File

@ -62,6 +62,9 @@
},
"hasGrant": {
"type": "boolean"
},
"passExpired": {
"type": "date"
}
},
"relations": {

View File

@ -0,0 +1 @@
ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;

View File

@ -33,7 +33,7 @@ export default class Controller {
const newPassword = this.newPassword;
this.$http.post('users/reset-password', {newPassword}, {headers})
this.$http.post('VnUsers/reset-password', {newPassword}, {headers})
.then(() => {
this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
this.$state.go('login');

View File

@ -170,5 +170,6 @@
"comercialName": "Comercial",
"Added observation": "Added observation",
"Comment added to client": "Comment added to client",
"This ticket is already a refund": "This ticket is already a refund"
"This ticket is already a refund": "This ticket is already a refund",
"Pass expired": "The password has expired, change it from Salix"
}

View File

@ -289,5 +289,6 @@
"hasToInvoice": "Facturar",
"isTaxDataChecked": "Datos comprobados",
"comercialId": "Id comercial",
"comercialName": "Comercial"
"comercialName": "Comercial",
"Pass expired": "La contraseña ha caducado, cambiela desde Salix"
}