your profile and change password
parent
c09245eaef
commit
edfd6b08f3
|
|
@ -24,6 +24,7 @@ import {
|
||||||
saveSession,
|
saveSession,
|
||||||
} from "../utils/utils";
|
} from "../utils/utils";
|
||||||
import Store from "../models/store";
|
import Store from "../models/store";
|
||||||
|
import Session from "../models/session";
|
||||||
|
|
||||||
export async function SignUp(req: Request, res: Response) {
|
export async function SignUp(req: Request, res: Response) {
|
||||||
try {
|
try {
|
||||||
|
|
@ -102,7 +103,7 @@ export async function SignUp(req: Request, res: Response) {
|
||||||
account_name: accountName,
|
account_name: accountName,
|
||||||
username: username,
|
username: username,
|
||||||
password: hashedPassword,
|
password: hashedPassword,
|
||||||
language: language,
|
language: language,
|
||||||
analytics_enabled: USER_ANALYTICS_ENABLED_DEFAULT,
|
analytics_enabled: USER_ANALYTICS_ENABLED_DEFAULT,
|
||||||
})
|
})
|
||||||
.then((user) => {
|
.then((user) => {
|
||||||
|
|
@ -329,7 +330,7 @@ export async function GetUserProfileSettings(req: Request, res: Response) {
|
||||||
where: {
|
where: {
|
||||||
user_id: session.user_id,
|
user_id: session.user_id,
|
||||||
},
|
},
|
||||||
attributes: ["language", "analytics_enabled"],
|
attributes: ["language", "analytics_enabled", "username", "account_name"],
|
||||||
});
|
});
|
||||||
|
|
||||||
res.status(200).json(user);
|
res.status(200).json(user);
|
||||||
|
|
@ -341,9 +342,14 @@ export async function GetUserProfileSettings(req: Request, res: Response) {
|
||||||
|
|
||||||
export async function UpdateUserProfileSettings(req: Request, res: Response) {
|
export async function UpdateUserProfileSettings(req: Request, res: Response) {
|
||||||
try {
|
try {
|
||||||
const { language, analyticsEnabled } = req.body;
|
const { language, analyticsEnabled, username, accountName } = req.body;
|
||||||
|
|
||||||
if (!language && analyticsEnabled === undefined) {
|
if (
|
||||||
|
!language &&
|
||||||
|
analyticsEnabled === undefined &&
|
||||||
|
!username &&
|
||||||
|
!accountName
|
||||||
|
) {
|
||||||
return res.status(400).send({ err: "invalid request" });
|
return res.status(400).send({ err: "invalid request" });
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -371,6 +377,22 @@ export async function UpdateUserProfileSettings(req: Request, res: Response) {
|
||||||
user.analytics_enabled = analyticsEnabled;
|
user.analytics_enabled = analyticsEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (username) {
|
||||||
|
if (!isUsernameValid(username)) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
user.username = username;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (accountName) {
|
||||||
|
if (!isAccountNameValid(accountName)) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
user.account_name = accountName;
|
||||||
|
}
|
||||||
|
|
||||||
await user.save();
|
await user.save();
|
||||||
|
|
||||||
res.status(200).send({ msg: "user profile settings updated" });
|
res.status(200).send({ msg: "user profile settings updated" });
|
||||||
|
|
@ -379,3 +401,72 @@ export async function UpdateUserProfileSettings(req: Request, res: Response) {
|
||||||
res.status(500).send({ err: "invalid request" });
|
res.status(500).send({ err: "invalid request" });
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function UpdateUserProfilePassword(req: Request, res: Response) {
|
||||||
|
try {
|
||||||
|
const { currentPassword, newPassword } = req.body;
|
||||||
|
|
||||||
|
if (!currentPassword || !newPassword) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const session = await getUserSession(req);
|
||||||
|
|
||||||
|
if (!session) {
|
||||||
|
return res.status(401).send({ err: "unauthorized" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const user = await User.findOne({
|
||||||
|
where: {
|
||||||
|
user_id: session.user_id,
|
||||||
|
},
|
||||||
|
attributes: ["password"],
|
||||||
|
});
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
return res.status(401).send({ err: "unauthorized" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const decodedCurrentPassword = decodeBase64(currentPassword);
|
||||||
|
|
||||||
|
const match = await matchPassword(decodedCurrentPassword, user.password);
|
||||||
|
|
||||||
|
if (!match) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const decodedPassword = decodeBase64(newPassword);
|
||||||
|
|
||||||
|
if (!isPasswordValid(decodedPassword)) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const hashedPassword = await hashPassword(decodedPassword);
|
||||||
|
|
||||||
|
// update user password
|
||||||
|
|
||||||
|
await User.update(
|
||||||
|
{
|
||||||
|
password: hashedPassword,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
where: {
|
||||||
|
user_id: session.user_id,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
// delete all sessions of this user by deleting all sessions with this user_id
|
||||||
|
|
||||||
|
await Session.destroy({
|
||||||
|
where: {
|
||||||
|
user_id: session.user_id,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
res.status(200).send({ msg: "user password updated" });
|
||||||
|
} catch (error) {
|
||||||
|
logger.error(error);
|
||||||
|
res.status(500).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -65,13 +65,12 @@ router.get(
|
||||||
pass: process.env.TERMIN_PLANNER_AUTHORIZATION_PASSWORD as string,
|
pass: process.env.TERMIN_PLANNER_AUTHORIZATION_PASSWORD as string,
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
.then(() => {
|
.then(() => {})
|
||||||
res.redirect(process.env.PASSPORT_SUCCESS_REDIRECT_URL as string);
|
|
||||||
})
|
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
logger.info("err %s", err);
|
logger.info("err %s", err);
|
||||||
res.redirect(process.env.PASSPORT_FAILURE_REDIRECT_URL as string);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
res.redirect(process.env.PASSPORT_SUCCESS_REDIRECT_URL as string);
|
||||||
})
|
})
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
logger.error(err);
|
logger.error(err);
|
||||||
|
|
|
||||||
|
|
@ -19,5 +19,10 @@ router.post(
|
||||||
sessionProtection,
|
sessionProtection,
|
||||||
userController.UpdateUserProfileSettings
|
userController.UpdateUserProfileSettings
|
||||||
);
|
);
|
||||||
|
router.post(
|
||||||
|
"/profile/password",
|
||||||
|
sessionProtection,
|
||||||
|
userController.UpdateUserProfilePassword
|
||||||
|
);
|
||||||
|
|
||||||
export default router;
|
export default router;
|
||||||
|
|
|
||||||
|
|
@ -42,6 +42,7 @@ export const USER_ANALYTICS_ENABLED_DEFAULT = true;
|
||||||
|
|
||||||
export const VALID_LANGUAGE_CODES = ["en", "de"];
|
export const VALID_LANGUAGE_CODES = ["en", "de"];
|
||||||
|
|
||||||
|
// TODO: outdated
|
||||||
export const Roles = {
|
export const Roles = {
|
||||||
// admin of the whole system independent of stores
|
// admin of the whole system independent of stores
|
||||||
Admin: "admin",
|
Admin: "admin",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue