Add controller and route for password reset
This commit is contained in:
parent
fc2666364d
commit
4d27c3b889
@ -1,4 +1,10 @@
|
|||||||
|
import { URL } from 'url';
|
||||||
|
|
||||||
|
import express from 'express';
|
||||||
|
|
||||||
import * as userService from '../services/user';
|
import * as userService from '../services/user';
|
||||||
|
import * as passwordResetService from '../services/passwordReset';
|
||||||
|
import { TokenVerificationError } from '../services/passwordReset';
|
||||||
|
|
||||||
function createUser(req, res) {
|
function createUser(req, res) {
|
||||||
const user = req.body;
|
const user = req.body;
|
||||||
@ -58,8 +64,42 @@ function deleteCurrentUser(req, res) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async function resetPassword(req: express.Request, res: express.Response) {
|
||||||
|
throw new Error('adsd');
|
||||||
|
if(req.body == undefined || (req.body.email == undefined && req.body.token == undefined)) {
|
||||||
|
return res.send({ error: 'Expected an email address or password reset token in the request body' });
|
||||||
|
}
|
||||||
|
|
||||||
|
if(req.body.email != undefined) {
|
||||||
|
// first stage: send reset token to email address
|
||||||
|
|
||||||
|
// this relies on the API being on the same hostname as the frontend
|
||||||
|
const { origin } = new URL(req.protocol + '://' + req.headers.host);
|
||||||
|
await passwordResetService.sendPasswordResetToken(req.body.email, origin);
|
||||||
|
|
||||||
|
return res.status(202).send({ success: true });
|
||||||
|
} else if (req.body.token != undefined) {
|
||||||
|
// second stage: verify token and reset password
|
||||||
|
if (req.body.password == undefined) {
|
||||||
|
return res.send({ error: 'Expected a new password' });
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
await passwordResetService.resetPassword(req.body.token, req.body.password);
|
||||||
|
} catch (err) {
|
||||||
|
if (err instanceof TokenVerificationError) {
|
||||||
|
return res.send({ error: 'Could not verify token' });
|
||||||
|
}
|
||||||
|
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
|
|
||||||
|
return res.send({ success: true });
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
createUser,
|
createUser,
|
||||||
getCurrentUser,
|
getCurrentUser,
|
||||||
deleteCurrentUser,
|
deleteCurrentUser,
|
||||||
|
resetPassword
|
||||||
};
|
};
|
@ -2,6 +2,11 @@ import express from 'express';
|
|||||||
|
|
||||||
import userController from '../controllers/userController';
|
import userController from '../controllers/userController';
|
||||||
|
|
||||||
|
const asyncMiddleware = fn =>
|
||||||
|
(req, res, next) => {
|
||||||
|
Promise.resolve(fn(req, res, next))
|
||||||
|
.catch(next);
|
||||||
|
};
|
||||||
|
|
||||||
const router = express.Router();
|
const router = express.Router();
|
||||||
|
|
||||||
@ -11,4 +16,6 @@ router.route('/me')
|
|||||||
.get(userController.getCurrentUser)
|
.get(userController.getCurrentUser)
|
||||||
.delete(userController.deleteCurrentUser);
|
.delete(userController.deleteCurrentUser);
|
||||||
|
|
||||||
|
router.put('/password', asyncMiddleware(userController.resetPassword));
|
||||||
|
|
||||||
export default router;
|
export default router;
|
Loading…
Reference in New Issue
Block a user