52 lines
1.6 KiB
JavaScript
52 lines
1.6 KiB
JavaScript
const UserError = require('vn-loopback/util/user-error');
|
|
|
|
module.exports = Self => {
|
|
Self.remoteMethod('changePassword', {
|
|
description: 'Changes the user password',
|
|
accepts: [
|
|
{
|
|
arg: 'userId',
|
|
type: 'integer',
|
|
description: 'The user id',
|
|
required: true
|
|
}, {
|
|
arg: 'oldPassword',
|
|
type: 'string',
|
|
description: 'The old password',
|
|
required: true
|
|
}, {
|
|
arg: 'newPassword',
|
|
type: 'string',
|
|
description: 'The new password',
|
|
required: true
|
|
}, {
|
|
arg: 'code',
|
|
type: 'string',
|
|
description: 'The 2FA code'
|
|
}
|
|
],
|
|
http: {
|
|
path: `/change-password`,
|
|
verb: 'PATCH'
|
|
}
|
|
});
|
|
|
|
Self.changePassword = async function(userId, oldPassword, newPassword, code, options) {
|
|
const myOptions = {};
|
|
if (typeof options == 'object')
|
|
Object.assign(myOptions, options);
|
|
|
|
const {VnUser} = Self.app.models;
|
|
const user = await VnUser.findById(userId, {fields: ['name', 'twoFactor']}, myOptions);
|
|
await user.hasPassword(oldPassword);
|
|
|
|
if (oldPassword == newPassword)
|
|
throw new UserError(`You can not use the same password`);
|
|
|
|
if (user.twoFactor)
|
|
await VnUser.validateCode(user.name, code, myOptions);
|
|
|
|
await VnUser.changePassword(userId, oldPassword, newPassword, myOptions);
|
|
};
|
|
};
|