From b96f0f22b5b17a27d9ed84d494a904ea26d4746d Mon Sep 17 00:00:00 2001 From: alexm Date: Thu, 15 Jun 2023 15:16:51 +0200 Subject: [PATCH] refs #5475 feat(account_changePassword) --- back/models/vn-user.js | 27 +++++++++---------- .../back/methods/account/change-password.js | 16 +++++++++-- 2 files changed, 27 insertions(+), 16 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 75490ccf8..e282fe97e 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -1,7 +1,6 @@ const vnModel = require('vn-loopback/common/models/vn-model'); const LoopBackContext = require('loopback-context'); const {Email} = require('vn-print'); -const UserError = require('vn-loopback/util/user-error'); module.exports = function(Self) { vnModel(Self); @@ -156,21 +155,21 @@ module.exports = function(Self) { Self.sharedClass._methods.find(method => method.name == 'changePassword') .accessScopes = ['change-password']; - Self.sharedClass._methods.find(method => method.name == 'changePassword').accepts.splice(3, 0, { - arg: 'verificationCode', - type: 'string' - }); - const _changePassword = Self.changePassword; - Self.changePassword = async(userId, oldPassword, newPassword, verificationCode, options, cb) => { - if (oldPassword == newPassword) - throw new UserError(`You can't use the same password`); + // Self.sharedClass._methods.find(method => method.name == 'changePassword').accepts.splice(3, 0, { + // arg: 'verificationCode', + // type: 'string' + // }); + // const _changePassword = Self.changePassword; + // Self.changePassword = async(userId, oldPassword, newPassword, verificationCode, options, cb) => { + // if (oldPassword == newPassword) + // throw new UserError(`You can't use the same password`); - const user = await this.findById(userId, {fields: ['name', 'twoFactor']}); - if (user.twoFactor) - await Self.validateCode(user.name, verificationCode); + // const user = await this.findById(userId, {fields: ['name', 'twoFactor']}); + // if (user.twoFactor) + // await Self.validateCode(user.name, verificationCode); - await _changePassword.call(this, userId, oldPassword, newPassword, options, cb); - }; + // await _changePassword.call(this, userId, oldPassword, newPassword, options, cb); + // }; const _prototypeChangePassword = Self.prototype.ChangePassword; Self.prototype.changePassword = async function(oldPassword, newPassword, options, cb) { diff --git a/modules/account/back/methods/account/change-password.js b/modules/account/back/methods/account/change-password.js index c6f08a232..b8c1c3d48 100644 --- a/modules/account/back/methods/account/change-password.js +++ b/modules/account/back/methods/account/change-password.js @@ -19,6 +19,10 @@ module.exports = Self => { type: 'string', description: 'The new password', required: true + }, { + arg: 'verificationCode', + type: 'string', + description: 'The 2FA code' } ], http: { @@ -27,7 +31,15 @@ module.exports = Self => { } }); - Self.changePassword = async function(id, oldPassword, newPassword) { - await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword); + Self.changePassword = async function(id, oldPassword, newPassword, verificationCode) { + const {vnUser} = Self.app.models; + if (oldPassword == newPassword) + throw new UserError(`You can't use the same password`); + + const user = await vnUser.findById(id, {fields: ['name', 'twoFactor']}); + if (user.twoFactor) + await vnUser.validateCode(user.name, verificationCode); + + await vnUser.changePassword(id, oldPassword, newPassword); }; };