reset password
parent
e286bb9923
commit
fb47d7d0bd
|
|
@ -273,6 +273,72 @@ export async function Login(req: Request, res: Response) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function ForgotPassword(req: Request, res: Response) {
|
||||||
|
try {
|
||||||
|
let { email, recaptcha } = req.body;
|
||||||
|
|
||||||
|
// validate request
|
||||||
|
|
||||||
|
if (!email || !recaptcha || (await isEmailValid(email))) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
email = email.toLowerCase();
|
||||||
|
|
||||||
|
// validate recaptcha
|
||||||
|
|
||||||
|
const recaptchaValid = await verifyCaptcha(
|
||||||
|
recaptcha,
|
||||||
|
req.headers["x-real-ip"] as string
|
||||||
|
);
|
||||||
|
|
||||||
|
if (!recaptchaValid) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if user exists
|
||||||
|
|
||||||
|
const user = await User.findOne({
|
||||||
|
where: {
|
||||||
|
email: email,
|
||||||
|
},
|
||||||
|
attributes: ["user_id", "language"],
|
||||||
|
});
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
return res.status(400).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
|
||||||
|
// create email verification
|
||||||
|
|
||||||
|
const emailVerificationId = newEmailVerificationId();
|
||||||
|
const state = EMAIL_VERIFICATION_STATE.PENDING_FORGOT_PASSWORD;
|
||||||
|
|
||||||
|
await EmailVerification.create({
|
||||||
|
email_verification_id: emailVerificationId,
|
||||||
|
user_id: user.user_id,
|
||||||
|
state: state,
|
||||||
|
});
|
||||||
|
|
||||||
|
rabbitmq.sendEmail(
|
||||||
|
email,
|
||||||
|
"dashboardForgotPasswordEmailVerification",
|
||||||
|
user.language,
|
||||||
|
{
|
||||||
|
emailVerificationUrl: getEmailVerificationUrl(
|
||||||
|
state,
|
||||||
|
emailVerificationId
|
||||||
|
),
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
res.status(200).send({ msg: "success" });
|
||||||
|
} catch (error) {
|
||||||
|
logger.error(error);
|
||||||
|
res.status(500).send({ err: "invalid request" });
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
export async function Logout(req: Request, res: Response) {
|
export async function Logout(req: Request, res: Response) {
|
||||||
try {
|
try {
|
||||||
const session = await getUserSession(req);
|
const session = await getUserSession(req);
|
||||||
|
|
@ -951,6 +1017,62 @@ export async function VerifyEmail(req: Request, res: Response) {
|
||||||
|
|
||||||
res.status(200).send({ msg: "email changed" });
|
res.status(200).send({ msg: "email changed" });
|
||||||
return;
|
return;
|
||||||
|
} else if (
|
||||||
|
emailVerification.state ===
|
||||||
|
EMAIL_VERIFICATION_STATE.PENDING_FORGOT_PASSWORD
|
||||||
|
) {
|
||||||
|
const { password } = req.body;
|
||||||
|
|
||||||
|
if (!password) {
|
||||||
|
return res.status(200).send({ status: "actionRequired" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const user = await User.findOne({
|
||||||
|
where: {
|
||||||
|
user_id: emailVerification.user_id,
|
||||||
|
},
|
||||||
|
attributes: ["password"],
|
||||||
|
});
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
return res.status(401).send({ err: "unauthorized" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const decodedPassword = decodeBase64(password);
|
||||||
|
|
||||||
|
const hashedPassword = await hashPassword(decodedPassword);
|
||||||
|
|
||||||
|
// update user password
|
||||||
|
|
||||||
|
await User.update(
|
||||||
|
{
|
||||||
|
password: hashedPassword,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
where: {
|
||||||
|
user_id: emailVerification.user_id,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
// delete email verification
|
||||||
|
|
||||||
|
await EmailVerification.destroy({
|
||||||
|
where: {
|
||||||
|
email_verification_id: emailVerificationId,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
// delete all sessions of this user by deleting all sessions with this user_id
|
||||||
|
|
||||||
|
await Session.destroy({
|
||||||
|
where: {
|
||||||
|
user_id: emailVerification.user_id,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
res.status(200).send({ msg: "password changed" });
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
res.status(400).send({ err: "invalid request" });
|
res.status(400).send({ err: "invalid request" });
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@ import { sessionProtection } from "../middleware/authMiddleware";
|
||||||
|
|
||||||
router.post("/auth/signup", userController.SignUp);
|
router.post("/auth/signup", userController.SignUp);
|
||||||
router.post("/auth/login", userController.Login);
|
router.post("/auth/login", userController.Login);
|
||||||
|
router.post("/auth/forgot-password", userController.ForgotPassword);
|
||||||
router.delete("/auth/logout", sessionProtection, userController.Logout);
|
router.delete("/auth/logout", sessionProtection, userController.Logout);
|
||||||
router.get("/", sessionProtection, userController.GetUser);
|
router.get("/", sessionProtection, userController.GetUser);
|
||||||
router.post("/auth/check/email", userController.IsEmailAvailable);
|
router.post("/auth/check/email", userController.IsEmailAvailable);
|
||||||
|
|
|
||||||
|
|
@ -75,6 +75,7 @@ export const ACCOUNT_DEMO_DAYS = Number(
|
||||||
export enum EMAIL_VERIFICATION_STATE {
|
export enum EMAIL_VERIFICATION_STATE {
|
||||||
PENDING_EMAIL_VERIFICATION = 0, // account is created but email is not verified yet
|
PENDING_EMAIL_VERIFICATION = 0, // account is created but email is not verified yet
|
||||||
PENDING_USER_PROFILE_EMAIL_CHANGE_VERIFICATION = 1, // user wants to change email, new email is not verified yet
|
PENDING_USER_PROFILE_EMAIL_CHANGE_VERIFICATION = 1, // user wants to change email, new email is not verified yet
|
||||||
|
PENDING_FORGOT_PASSWORD = 2, // user has requested a password reset, email is used to change password
|
||||||
}
|
}
|
||||||
|
|
||||||
export const DASHBOARD_URL = process.env.DASHBOARD_URL as string;
|
export const DASHBOARD_URL = process.env.DASHBOARD_URL as string;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue