verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

refs #5472 refactor(changePassword): convert in async
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Alex Moreno 2023-05-22 09:17:40 +02:00
parent c6c15d7c69
commit ddab59a10c
5 changed files with 69 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
back/methods/vn-user/signIn.js
View File

@ -50,17 +50,6 @@ module.exports = Self => {
const today = Date.vnNew();
today.setHours(0, 0, 0, 0);
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
const changePasswordToken = await models.AccessToken.create({
scopes: ['change-password'],
userId: vnUser.id
});
throw new UserError('Pass expired', 'passExpired', {
id: vnUser.id,
token: changePasswordToken.id
});
}
const validCredentials = instance
&& await instance.hasPassword(password);
@ -68,6 +57,17 @@ module.exports = Self => {
if (!vnUser.active)
throw new UserError('User disabled');
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
const changePasswordToken = await models.AccessToken.create({
scopes: ['change-password'],
userId: vnUser.id
});
throw new UserError('Pass expired', 'passExpired', {
id: vnUser.id,
token: changePasswordToken.id
});
}
try {
await models.Account.sync(instance.username, password);
} catch (err) {

61
back/models/vn-user.js
View File

@ -1,6 +1,7 @@
const vnModel = require('vn-loopback/common/models/vn-model');
const LoopBackContext = require('loopback-context');
const {Email} = require('vn-print');
const UserError = require('vn-loopback/util/user-error');
module.exports = function(Self) {
vnModel(Self);
@ -109,22 +110,62 @@ module.exports = function(Self) {
});
const _setPassword = Self.setPassword;
Self.setPassword = function(id, newPassword, options, cb) {
Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword])
.then(() => _setPassword.call(this, id, newPassword, options, cb)
.then(() => Self.findById(id).updateAttribute('passExpired', null))
);
Self.setPassword = async function(id, newPassword, options, cb) {
const myOptions = {};
let tx;
if (typeof options == 'object')
Object.assign(myOptions, options);
if (!myOptions.transaction) {
tx = await Self.beginTransaction({});
myOptions.transaction = tx;
}
options = myOptions;
try {
await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options);
await _setPassword.call(this, id, newPassword, options, options);
const user = await Self.findById(id, null, options);
await user.updateAttribute('passExpired', null, options);
if (tx) await tx.commit();
return;
} catch (e) {
if (tx) await tx.rollback();
console.error('Error changing password, contact with informatica', e);
throw new UserError(e);
}
};
const _changePassword = Self.changePassword;
Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password'];
Self.changePassword = function(id, oldPassword, newPassword, options, cb) {
Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword])
.then(() => _changePassword.call(this, id, oldPassword, newPassword, options, cb)
.then(() => Self.findById(id).updateAttribute('passExpired', null)));
Self.changePassword = async function(id, oldPassword, newPassword, options, cb) {
const myOptions = {};
let tx;
if (typeof options == 'object')
Object.assign(myOptions, options);
if (!myOptions.transaction) {
tx = await Self.beginTransaction({});
myOptions.transaction = tx;
}
options = myOptions;
try {
await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword], options);
await _changePassword.call(this, id, oldPassword, newPassword, options);
const user = await Self.findById(id, null, options);
await user.updateAttribute('passExpired', null, options);
if (tx) await tx.commit();
return;
} catch (error) {
if (tx) await tx.rollback();
console.error('Error changing password, contact with informatica', error);
throw new UserError(error.sqlMessage || 'Error changing password, contact with informatica');
}
};
// FIX THIS
Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
if (!ctx.args || !ctx.args.data.email) return;
const models = Self.app.models;

7
back/models/vn-user.json
View File

@ -13,10 +13,6 @@
"type": "number",
"id": true
},
"name": {
"type": "string",
"required": true
},
"username": {
"type": "string",
"mysql": {
@ -42,9 +38,6 @@
"lang": {
"type": "string"
},
"bcryptPassword": {
"type": "string"
},
"active": {
"type": "boolean"
},

3
modules/account/back/methods/account/change-password.js
View File

@ -28,6 +28,7 @@ module.exports = Self => {
});
Self.changePassword = async function(id, oldPassword, newPassword) {
await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword);
const response = await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword);
console.log(response);
};
};

9
modules/account/back/methods/account/specs/change-password.spec.js
View File

@ -1,12 +1,13 @@
const {models} = require('vn-loopback/server/server');
fdescribe('account changePassword()', () => {
it('should throw an error when old password is wrong', async() => {
fit('should throw an error when old password is wrong', async() => {
let err;
await models.Account.changePassword(1, 'wrongPassword', 'nightmare.9999')
.catch(error => err = error.sqlMessage);
await models.Account.changePassword(1, 'wrongPassword2', 'nightmare.9999')
.catch(error => {
err = error.sqlMessage;
});
expect(err).toBeDefined();
expect(err).toEqual('Invalid password');
});