feat(salix): refs #6427 update recover-password

back/methods/vn-user/recover-passwordSMS.js

@@ -6,13 +6,13 @@ module.exports = Self => {
         accepts: [
 
             {
-                arg: 'recoveryPhone',
+                arg: 'userId',
                 type: 'string',
                 description: 'The recoveryPhone user\'s',
                 required: true
             },
             {
-                arg: 'otp',
+                arg: 'verificationCode',
                 type: 'string',
                 description: 'Code tovalidate operation'
             }
@@ -27,21 +27,21 @@ module.exports = Self => {
         }
     });
 
-    Self.recoverPasswordSMS = async function(recoveryPhone, otp, options) {
+    Self.recoverPasswordSMS = async function(userId, verificationCode, options) {
         const myOptions = {};
 
         if (typeof options == 'object')
             Object.assign(myOptions, options);
 
         const user = await Self.findOne({
-            fields: ['id', 'recoveryPhone', 'email', 'name'],
-            where: {recoveryPhone}
+            fields: ['id', 'userId', 'email', 'name', 'recoveryPhone'],
+            where: {userId}
         });
         if (!user) throw new UserError('Credentials not valid');
 
         try {
-            if (otp) {
-                await Self.validateCode(user.name, otp);
+            if (verificationCode) {
+                await Self.validateCode(user.name, verificationCode);
 
                 return {
                     token: await user.accessTokens.create({})
@@ -51,8 +51,8 @@ module.exports = Self => {
             const code = await authCode(user, myOptions);
 
             if (process.env.NODE_ENV === 'production')
-                await Self.app.models.Sms.send({req: {accessToken: {userId: id}}}, +recoveryPhone, code);
-            return {otp: true};
+                await Self.app.models.Sms.send({req: {accessToken: {userId: id}}}, +userId, code);
+            return {code};
         } catch (err) {
             if (err.code === 'EMAIL_NOT_FOUND')
                 return;

front/salix/components/recover-password/index.html

@@ -1,27 +1,42 @@
 <h5 class="vn-mb-md vn-mt-lg" translate>Recover password</h5>
 <vn-textfield
+disabled="$ctrl.code"
     label="User or recovery email"
     ng-model="$ctrl.user"
     vn-focus>
 </vn-textfield>
 <vn-textfield
-    ng-if="$ctrl.otp"
+    ng-if="$ctrl.code"
     label="Verification code"
-    ng-model="$ctrl.code"
-    vn-name="code"
+    ng-model="$ctrl.verificationCode"
+    vn-name="verificationCode"
     autocomplete="false"
     class="vn-mt-md">
 </vn-textfield>
-<div class="text-secondary" ng-if="$ctrl.user">
-    <span ng-if="$ctrl.isPhone" translate>
+<vn-one>
+    <vn-vertical class="vn-mb-sm">
+<vn-radio
+disabled="$ctrl.code"
+label="Móvil"
+val="sms"
+ng-model="$ctrl.method" >
+</vn-radio>
+<vn-radio
+disabled="$ctrl.code"
+label="Correo de recuperación"
+val="email"
+ng-model="$ctrl.method" >
+</vn-radio></vn-vertical></vn-one>
+<div class="text-secondary" ng-if="$ctrl.method && $ctrl.user">
+    <span ng-if="$ctrl.method ==='sms'" translate>
         We will sent you a sms to recover your password
     </span>
-    <span ng-if="!$ctrl.isPhone  " translate>
+    <span ng-if="$ctrl.method ==='email'  " translate>
         We will sent you an email to recover your password
     </span>
 </div>
 <div class="footer">
-    <vn-submit disabled="!$ctrl.user" label="Recover password" ng-click="$ctrl.submit()"></vn-submit>
+    <vn-submit disabled="!$ctrl.user || !$ctrl.method || ($ctrl.code&&!$ctrl.verificationCode)" label="Recover password" ng-click="$ctrl.submit()"></vn-submit>
     <div class="spinner-wrapper">
         <vn-spinner enable="$ctrl.loading"></vn-spinner>
     </div>

front/salix/components/recover-password/index.js

@@ -12,11 +12,6 @@ export default class Controller {
             $state,
             $location
         });
-        $scope.$watch('$ctrl.user', function(nuevoValor) {
-            let isPhone = /^[\d+]+$/ig.test(nuevoValor ?? '');
-            // Evaluo si el valor introducido es un número y se marca o desmarca el checkbox de revibir por sms
-            $scope.$ctrl.isPhone = isPhone;
-        });
     }
 
     goToLogin() {
@@ -29,28 +24,34 @@ export default class Controller {
         else
             this.$location.path('/reset-password').search('access_token', token.id);
     }
-    goToOTP(otp) {
-        this.otp = true;
-        this.$state.params.otp = otp;
-        this.code = null;
+    goToOTP(code) {
+        this.code = true;
+        this.$state.params.verificationCode = code;
+        // this.code = null;
+    }
+    methodsAvailables() {
+        return {
+            'email': {
+                url: 'VnUsers/recoverPassword', data: {user: this.user}
+            },
+            'sms': {
+                url: 'VnUsers/recoverPasswordSMS', data: {userId: this.user, verificationCode: this.verificationCode}
+            },
+        };
     }
 
     submit() {
-        if (!this.user || (this.sms) || (this.otp && !this.code))
+        if (!this.user || (this.sms) || (this.code && !this.code))
             throw new UserError(`Credentials not valid`);
-
-        if (this.isPhone || this.otp) {
-            this.$http.post('VnUsers/recoverPasswordSMS', {recoveryPhone: this.user, otp: this.code})
-                .then(({data}) => {
-                    data.otp && this.goToOTP(data.otp);
+        const method = this.methodsAvailables()[this.method];
+        this.$http.post(method.url, method.data)
+            .then(({data}) => {
+                if (this.method && this.code) {
                     data.token && this.goToChangePassword(data);
-                });
-        } else {
-            this.$http.post('VnUsers/recoverPassword', {user: this.user})
-                .then(() => {
-                    this.goToLogin();
-                });
-        }
+                    !data.token && this.goToLogin();
+                } else
+                    data.code && this.goToOTP(data.code);
+            });
     }
 }
 Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$state', '$location'];

front/salix/components/recover-password/locale/es.yml

@@ -3,7 +3,7 @@ We will sent you an email to recover your password: Te enviaremos un correo para
 We will sent you a sms to recover your password: Te enviaremos un sms para restablecer tu contraseña
 We will sent you a item to recover your password: Te enviaremos un {{mode}} para restablecer tu contraseña
 Notification sent!: ¡Notificación enviada!
-User or recovery email: Usuario, móvil o email recuperación
+User or recovery email: Usuario
 User's phone: Móvil del usuario
 User's id: Id del usuario
 Credentials not valid: Credenciales no válidas

modules/worker/back/models/worker.js

@@ -49,11 +49,7 @@ module.exports = Self => {
         const userId = ctx.options.accessToken.userId;
         const isOwner = instanceId === userId;
         const phoneHasChanged = !!ctx.data.user?.recoveryPhone;
-        try {
-            await Self.app.models.VnUser.userSecurity(ctx, ctx.where.id);
-        } catch (error) {
-            throw new UserError('Phone can\'t be updated');
-        }
+
         if (!isOwner) {
             if (phoneHasChanged) {
                 const {recoveryPhone} = ctx.data.user;
@@ -64,14 +60,4 @@ module.exports = Self => {
         }
         delete ctx.data.user;
     });
-//   async function checkModifyPermission(ctx) {
-//         const instanceId = ctx.currentInstance.id;
-//         const userId = ctx.options.accessToken.userId;
-//         try {
-//             if (instanceId === userId) return true;
-//             return
-//         } catch (error) {
-//             throw new UserError(error);
-//         }
-//     }
 };