From c6c15d7c69ed4f9ee8b60f0d6deadaf4a1d817cf Mon Sep 17 00:00:00 2001
From: alexm <alexm@verdnatura.es>
Date: Fri, 19 May 2023 14:44:19 +0200
Subject: [PATCH] refs #5472 feat: changePassword with passExpired

---
 back/methods/vn-user/signIn.js                | 13 ++++++--
 back/models/vn-user.js                        | 30 +++++++------------
 db/dump/fixtures.sql                          |  4 +--
 .../salix/components/change-password/index.js | 29 +++++++-----------
 front/salix/routes.js                         |  2 +-
 5 files changed, 35 insertions(+), 43 deletions(-)

diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js
index 8b14bd12d..a9abfe693 100644
--- a/back/methods/vn-user/signIn.js
+++ b/back/methods/vn-user/signIn.js
@@ -49,8 +49,17 @@ module.exports = Self => {
 
         const today = Date.vnNew();
         today.setHours(0, 0, 0, 0);
-        if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime())
-            throw new UserError('Pass expired', 'passExpired', {'id': vnUser.id});
+
+        if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
+            const changePasswordToken = await models.AccessToken.create({
+                scopes: ['change-password'],
+                userId: vnUser.id
+            });
+            throw new UserError('Pass expired', 'passExpired', {
+                id: vnUser.id,
+                token: changePasswordToken.id
+            });
+        }
 
         const validCredentials = instance
             && await instance.hasPassword(password);
diff --git a/back/models/vn-user.js b/back/models/vn-user.js
index f20ca9152..ba02d72fb 100644
--- a/back/models/vn-user.js
+++ b/back/models/vn-user.js
@@ -109,29 +109,19 @@ module.exports = function(Self) {
     });
 
     const _setPassword = Self.setPassword;
-    Self.setPassword = async function(id, newPassword, options, cb) {
-        console.log('Entry in override SET_PASSWORD');
-        await Self.rawSql(`CALL account.user_setPassword(?, ?)`,
-            [id, newPassword]);
-        await Self.app.models.Account.syncById(id, newPassword);
-        await _setPassword.call(this, id, newPassword, options, cb);
-        const user = await Self.findById(id);
-        await user.updateAttribute('passExpired', null);
-        return;
+    Self.setPassword = function(id, newPassword, options, cb) {
+        Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword])
+            .then(() => _setPassword.call(this, id, newPassword, options, cb)
+                .then(() => Self.findById(id).updateAttribute('passExpired', null))
+            );
     };
 
     const _changePassword = Self.changePassword;
-    Self.changePassword = async function(id, oldPassword, newPassword, options, cb) {
-        if (options && options.id) id = options.id;
-        console.log(id, oldPassword, newPassword, options);
-
-        await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`,
-            [id, oldPassword, newPassword]);
-        console.log('Entry in override CHANGE_PASSWORD');
-        await _changePassword.call(this, id, oldPassword, newPassword, options, cb);
-
-        const user = await Self.findById(id);
-        await user.updateAttribute('passExpired', null);
+    Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password'];
+    Self.changePassword = function(id, oldPassword, newPassword, options, cb) {
+        Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword])
+            .then(() => _changePassword.call(this, id, oldPassword, newPassword, options, cb)
+                .then(() => Self.findById(id).updateAttribute('passExpired', null)));
     };
 
     // FIX THIS
diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql
index 40c33fc13..1dc608e05 100644
--- a/db/dump/fixtures.sql
+++ b/db/dump/fixtures.sql
@@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre
 
 CALL `account`.`role_sync`;
 
-INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`, `passExpired`)
-    SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', '1999-01-01'
+INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`)
+    SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2'
         FROM `account`.`role` WHERE id <> 20
             ORDER BY id;
 
diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js
index 9178540a0..3d660e894 100644
--- a/front/salix/components/change-password/index.js
+++ b/front/salix/components/change-password/index.js
@@ -15,7 +15,7 @@ export default class Controller {
     }
 
     $onInit() {
-        if (!this.$state.params || !this.$state.params.id)
+        if (!this.$state.params || !this.$state.params.id || !this.$state.params.token)
             this.$state.go('login');
 
         this.$http.get('UserPasswords/findOne')
@@ -25,6 +25,7 @@ export default class Controller {
     }
 
     submit() {
+        const id = this.$state.params.id;
         const newPassword = this.newPassword;
         const oldPassword = this.oldPassword;
 
@@ -34,29 +35,20 @@ export default class Controller {
             throw new UserError(`Passwords don't match`);
 
         const headers = {
-            Authorization: {id: 9},
-            id: 9
+            Authorization: this.$state.params.token
         };
 
-        console.log(this.$state.params.id);
-        const id = this.$state.params.id;
         this.$http.post('VnUsers/change-password',
             {
-                id: 9,
+                id,
                 oldPassword,
-                newPassword,
-                accessToken: 'hola5',
-                options: {
-                    id: 9,
-                    accessToken: {id: 9}
-                }
+                newPassword
             },
-            {headers, id: 9},
-            {id: 9})
-            .then(() => {
-                this.vnApp.showSuccess(this.$translate.instant('Password updated!'));
-                this.$state.go('login');
-            });
+            {headers}
+        ).then(() => {
+            this.vnApp.showSuccess(this.$translate.instant('Password updated!'));
+            this.$state.go('login');
+        });
     }
 }
 Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$state', '$location'];
@@ -68,3 +60,4 @@ ngModule.vnComponent('vnChangePassword', {
         id: '<'
     }
 });
+
diff --git a/front/salix/routes.js b/front/salix/routes.js
index 58b866731..1419f359c 100644
--- a/front/salix/routes.js
+++ b/front/salix/routes.js
@@ -35,7 +35,7 @@ function config($stateProvider, $urlRouterProvider) {
         })
         .state('change-password', {
             parent: 'outLayout',
-            url: '/change-password?id',
+            url: '/change-password?id&token',
             description: 'Change password',
             template: '<vn-change-password></vn-change-password>'
         })