69 lines
1.9 KiB
JavaScript
69 lines
1.9 KiB
JavaScript
const UserError = require('vn-loopback/util/user-error');
|
|
const authCode = require('../../models/authCode');
|
|
module.exports = Self => {
|
|
Self.remoteMethod('recoverPasswordSMS', {
|
|
description: 'Send SMS to the user',
|
|
accepts: [
|
|
{
|
|
arg: 'id',
|
|
type: 'string',
|
|
description: 'The user id',
|
|
required: true
|
|
},
|
|
{
|
|
arg: 'phone',
|
|
type: 'string',
|
|
description: 'The phone user\'s recovery',
|
|
required: true
|
|
},
|
|
{
|
|
arg: 'otp',
|
|
type: 'string',
|
|
description: 'Code tovalidate operation'
|
|
}
|
|
],
|
|
returns: {
|
|
type: 'Object',
|
|
root: true
|
|
},
|
|
http: {
|
|
path: `/recoverPasswordSMS`,
|
|
verb: 'POST'
|
|
}
|
|
});
|
|
|
|
Self.recoverPasswordSMS = async function(id, phone, otp, options) {
|
|
const myOptions = {};
|
|
|
|
if (typeof options == 'object')
|
|
Object.assign(myOptions, options);
|
|
|
|
const user = await Self.findOne({
|
|
fields: ['id', 'recoveryPhone', 'email', 'name'],
|
|
where: {id, recoveryPhone: phone}
|
|
});
|
|
if (!user) throw new UserError('Credentials not valid');
|
|
|
|
try {
|
|
if (otp) {
|
|
await Self.validateCode(user.name, otp);
|
|
|
|
return {
|
|
token: await user.accessTokens.create({})
|
|
};
|
|
}
|
|
|
|
const code = await authCode(user, myOptions);
|
|
|
|
if (process.env.NODE_ENV === 'production')
|
|
await Self.app.models.Sms.send({req: {accessToken: {userId: id}}}, +phone, code);
|
|
return {otp: true};
|
|
} catch (err) {
|
|
if (err.code === 'EMAIL_NOT_FOUND')
|
|
return;
|
|
else
|
|
throw err;
|
|
}
|
|
};
|
|
};
|