verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

refs #5472 feat: changePassword with passExpired
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Alex Moreno 2023-05-19 14:44:19 +02:00
parent bbc34f04ff
commit c6c15d7c69
5 changed files with 35 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
back/methods/vn-user/signIn.js
View File

@ -49,8 +49,17 @@ module.exports = Self => {
const today = Date.vnNew();
today.setHours(0, 0, 0, 0);
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime())
throw new UserError('Pass expired', 'passExpired', {'id': vnUser.id});
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
const changePasswordToken = await models.AccessToken.create({
scopes: ['change-password'],
userId: vnUser.id
});
throw new UserError('Pass expired', 'passExpired', {
id: vnUser.id,
token: changePasswordToken.id
});
}
const validCredentials = instance
&& await instance.hasPassword(password);

30
back/models/vn-user.js
View File

@ -109,29 +109,19 @@ module.exports = function(Self) {
});
const _setPassword = Self.setPassword;
Self.setPassword = async function(id, newPassword, options, cb) {
console.log('Entry in override SET_PASSWORD');
await Self.rawSql(`CALL account.user_setPassword(?, ?)`,
[id, newPassword]);
await Self.app.models.Account.syncById(id, newPassword);
await _setPassword.call(this, id, newPassword, options, cb);
const user = await Self.findById(id);
await user.updateAttribute('passExpired', null);
return;
Self.setPassword = function(id, newPassword, options, cb) {
Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword])
.then(() => _setPassword.call(this, id, newPassword, options, cb)
.then(() => Self.findById(id).updateAttribute('passExpired', null))
);
};
const _changePassword = Self.changePassword;
Self.changePassword = async function(id, oldPassword, newPassword, options, cb) {
if (options && options.id) id = options.id;
console.log(id, oldPassword, newPassword, options);
await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`,
[id, oldPassword, newPassword]);
console.log('Entry in override CHANGE_PASSWORD');
await _changePassword.call(this, id, oldPassword, newPassword, options, cb);
const user = await Self.findById(id);
await user.updateAttribute('passExpired', null);
Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password'];
Self.changePassword = function(id, oldPassword, newPassword, options, cb) {
Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword])
.then(() => _changePassword.call(this, id, oldPassword, newPassword, options, cb)
.then(() => Self.findById(id).updateAttribute('passExpired', null)));
};
// FIX THIS

4
db/dump/fixtures.sql
View File

@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre
CALL `account`.`role_sync`;
INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`, `passExpired`)
SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', '1999-01-01'
INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`)
SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2'
FROM `account`.`role` WHERE id <> 20
ORDER BY id;

29
front/salix/components/change-password/index.js
View File

@ -15,7 +15,7 @@ export default class Controller {
}
$onInit() {
if (!this.$state.params || !this.$state.params.id)
if (!this.$state.params || !this.$state.params.id || !this.$state.params.token)
this.$state.go('login');
this.$http.get('UserPasswords/findOne')
@ -25,6 +25,7 @@ export default class Controller {
}
submit() {
const id = this.$state.params.id;
const newPassword = this.newPassword;
const oldPassword = this.oldPassword;
@ -34,29 +35,20 @@ export default class Controller {
throw new UserError(`Passwords don't match`);
const headers = {
Authorization: {id: 9},
id: 9
Authorization: this.$state.params.token
};
console.log(this.$state.params.id);
const id = this.$state.params.id;
this.$http.post('VnUsers/change-password',
{
id: 9,
id,
oldPassword,
newPassword,
accessToken: 'hola5',
options: {
id: 9,
accessToken: {id: 9}
}
newPassword
},
{headers, id: 9},
{id: 9})
.then(() => {
this.vnApp.showSuccess(this.$translate.instant('Password updated!'));
this.$state.go('login');
});
{headers}
).then(() => {
this.vnApp.showSuccess(this.$translate.instant('Password updated!'));
this.$state.go('login');
});
}
}
Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$state', '$location'];
@ -68,3 +60,4 @@ ngModule.vnComponent('vnChangePassword', {
id: '<'
}
});

2
front/salix/routes.js
View File

@ -35,7 +35,7 @@ function config($stateProvider, $urlRouterProvider) {
})
.state('change-password', {
parent: 'outLayout',
url: '/change-password?id',
url: '/change-password?id&token',
description: 'Change password',
template: '<vn-change-password></vn-change-password>'
})