verdnatura/salix
verdnatura
/
salix
3
5
Fork 1
Code Issues Pull Requests 66 Releases Wiki Activity

refs #5762 feat: multiplatform recover-password and change-password #1673

Merged
alexm merged 6 commits from 5762-recoverPassword-multiplatform into dev 2023-08-09 13:14:55 +00:00
Conversation 0 Commits 6 Files Changed 8 +39 -37
8 changed files with 39 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
back/methods/vn-user/recover-password.js
View File

@ -7,6 +7,11 @@ module.exports = Self => {
type: 'string', type: 'string',
description: 'The user name or email', description: 'The user name or email',
required: true required: true
},
{
arg: 'app',
type: 'string',
description: 'The directory for mail'
} }
], ],
http: { http: {
@ -15,7 +20,7 @@ module.exports = Self => {
} }
}); });
Self.recoverPassword = async function(user) { Self.recoverPassword = async function(user, app) {
const models = Self.app.models; const models = Self.app.models;
const usesEmail = user.indexOf('@') !== -1; const usesEmail = user.indexOf('@') !== -1;
@ -29,7 +34,7 @@ module.exports = Self => {
} }
try { try {
await Self.resetPassword({email: user, emailTemplate: 'recover-password'}); await Self.resetPassword({email: user, emailTemplate: 'recover-password', app});
} catch (err) { } catch (err) {
if (err.code === 'EMAIL_NOT_FOUND') if (err.code === 'EMAIL_NOT_FOUND')
return; return;

10
back/methods/vn-user/sign-in.js
View File

@ -53,19 +53,13 @@ module.exports = Self => {
return Self.validateLogin(user, password); return Self.validateLogin(user, password);
}; };
Self.passExpired = async(vnUser, myOptions) => { Self.passExpired = async vnUser => {
const today = Date.vnNew(); const today = Date.vnNew();
today.setHours(0, 0, 0, 0); today.setHours(0, 0, 0, 0);
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) { if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
const $ = Self.app.models;
const changePasswordToken = await $.AccessToken.create({
scopes: ['changePassword'],
userId: vnUser.id
}, myOptions);
const err = new UserError('Pass expired', 'passExpired'); const err = new UserError('Pass expired', 'passExpired');
changePasswordToken.twoFactor = vnUser.twoFactor ? true : false; err.details = {userId: vnUser.id, twoFactor: vnUser.twoFactor ? true : false};
err.details = {token: changePasswordToken};
throw err; throw err;
} }
}; };

12
back/models/vn-user.js
View File

@ -96,11 +96,21 @@ module.exports = function(Self) {
const headers = httpRequest.headers; const headers = httpRequest.headers;
const origin = headers.origin; const origin = headers.origin;
const defaultHash = '/reset-password?access_token=$token$';
const recoverHashes = {
hedera: 'verificationToken=$token$'
};
const app = info.options?.app;
let recoverHash = app ? recoverHashes[app] : defaultHash;
recoverHash = recoverHash.replace('$token$', info.accessToken.id);
const user = await Self.app.models.VnUser.findById(info.user.id); const user = await Self.app.models.VnUser.findById(info.user.id);
const params = { const params = {
recipient: info.email, recipient: info.email,
lang: user.lang, lang: user.lang,
url: `${origin}/#!/reset-password?access_token=${info.accessToken.id}` url: origin + '/#!' + recoverHash
}; };
const options = Object.assign({}, info.options); const options = Object.assign({}, info.options);

14
front/salix/components/change-password/index.js
View File

@ -15,9 +15,6 @@ export default class Controller {
} }
$onInit() { $onInit() {
if (!this.$state.params.id)
this.$state.go('login');
this.$http.get('UserPasswords/findOne') this.$http.get('UserPasswords/findOne')
.then(res => { .then(res => {
this.passRequirements = res.data; this.passRequirements = res.data;
@ -25,7 +22,7 @@ export default class Controller {
} }
submit() { submit() {
const userId = this.$state.params.userId; const userId = parseInt(this.$state.params.userId);
const oldPassword = this.oldPassword; const oldPassword = this.oldPassword;
const newPassword = this.newPassword; const newPassword = this.newPassword;
const repeatPassword = this.repeatPassword; const repeatPassword = this.repeatPassword;
@ -36,18 +33,13 @@ export default class Controller {
if (newPassword != this.repeatPassword) if (newPassword != this.repeatPassword)
throw new UserError(`Passwords don't match`); throw new UserError(`Passwords don't match`);
const headers = {
Authorization: this.$state.params.id
};
this.$http.patch('Accounts/change-password', this.$http.patch('Accounts/change-password',
{ {
id: userId, userId,
oldPassword, oldPassword,
newPassword, newPassword,
code code
}, }
{headers}
).then(() => { ).then(() => {
this.vnApp.showSuccess(this.$translate.instant('Password updated!')); this.vnApp.showSuccess(this.$translate.instant('Password updated!'));
this.$state.go('login'); this.$state.go('login');

2
front/salix/components/login/index.js
View File

@ -36,7 +36,7 @@ export default class Controller {
const err = req.data?.error; const err = req.data?.error;
if (err?.code == 'passExpired') if (err?.code == 'passExpired')
this.$state.go('change-password', err.details.token); this.$state.go('change-password', err.details);
this.loading = false; this.loading = false;
this.password = ''; this.password = '';

2
front/salix/routes.js
View File

@ -45,7 +45,7 @@ function config($stateProvider, $urlRouterProvider) {
}) })
.state('change-password', { .state('change-password', {
parent: 'outLayout', parent: 'outLayout',
url: '/change-password?id&userId&twoFactor', url: '/change-password?userId&twoFactor',
description: 'Change password', description: 'Change password',
template: '<vn-change-password></vn-change-password>' template: '<vn-change-password></vn-change-password>'
}) })

13
modules/account/back/methods/account/change-password.js
View File

@ -1,12 +1,15 @@
const UserError = require('vn-loopback/util/user-error'); const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('changePassword', { Self.remoteMethod('changePassword', {
description: 'Changes the user password', description: 'Changes the user password',
accessType: 'WRITE',
accessScopes: ['changePassword'],
accepts: [ accepts: [
{ {
arg: 'userId',
type: 'integer',
description: 'The user id',
required: true
}, {
arg: 'oldPassword', arg: 'oldPassword',
type: 'string', type: 'string',
description: 'The old password', description: 'The old password',
@ -28,9 +31,7 @@ module.exports = Self => {
} }
}); });
Self.changePassword = async function(ctx, oldPassword, newPassword, code, options) { Self.changePassword = async function(userId, oldPassword, newPassword, code, options) {
const userId = ctx.req.accessToken.userId;
const myOptions = {}; const myOptions = {};
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);

14
modules/account/back/methods/account/specs/change-password.spec.js
View File

@ -1,7 +1,7 @@
const {models} = require('vn-loopback/server/server'); const {models} = require('vn-loopback/server/server');
describe('account changePassword()', () => { describe('account changePassword()', () => {
const ctx = {req: {accessToken: {userId: 70}}}; const userId = 70;
const unauthCtx = { const unauthCtx = {
req: { req: {
headers: {}, headers: {},
@ -20,7 +20,7 @@ describe('account changePassword()', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.changePassword(ctx, 'wrongPassword', 'nightmare.9999', null, options); await models.Account.changePassword(userId, 'wrongPassword', 'nightmare.9999', null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
await tx.rollback(); await tx.rollback();
@ -37,8 +37,8 @@ describe('account changePassword()', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.changePassword(ctx, 'nightmare', 'nightmare.9999', null, options); await models.Account.changePassword(userId, 'nightmare', 'nightmare.9999', null, options);
await models.Account.changePassword(ctx, 'nightmare.9999', 'nightmare.9999', null, options); await models.Account.changePassword(userId, 'nightmare.9999', 'nightmare.9999', null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
await tx.rollback(); await tx.rollback();
@ -54,7 +54,7 @@ describe('account changePassword()', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.changePassword(ctx, 'nightmare', 'nightmare.9999', null, options); await models.Account.changePassword(userId, 'nightmare', 'nightmare.9999', null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
await tx.rollback(); await tx.rollback();
@ -86,8 +86,8 @@ describe('account changePassword()', () => {
} }
try { try {
const authCode = await models.AuthCode.findOne({where: {userFk: 70}}, options); const authCode = await models.AuthCode.findOne({where: {userFk: userId}}, options);
await models.Account.changePassword(ctx, 'nightmare', 'nightmare.9999', authCode.code, options); await models.Account.changePassword(userId, 'nightmare', 'nightmare.9999', authCode.code, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
await tx.rollback(); await tx.rollback();