Allow users to change their password
This commit is contained in:
parent
0fb544d88b
commit
a9f56cd0cf
12
README.md
12
README.md
|
@ -8,12 +8,12 @@ Please feel free to contribute by making issues, bug reports and pull requests.
|
|||
|
||||
## /!\ THIS PROJECT STILL LACKS ESSENTIAL FEATURES SUCH AS: /!\
|
||||
|
||||
- Change password
|
||||
- Password recovery (recovery emails are unused yet)
|
||||
- Quota management
|
||||
- Editable terms of service
|
||||
- Complex permissions system
|
||||
- Redirections (can be manually setup with sql queries)
|
||||
- [x] ~~Change password~~
|
||||
- [ ] Password recovery (recovery emails are unused yet)
|
||||
- [ ] Quota management
|
||||
- [ ] Editable terms of service
|
||||
- [ ] Complex permissions system
|
||||
- [ ] Redirections (can be manually setup with sql queries)
|
||||
- Probably many others, please make an issue so I can add them to this list
|
||||
|
||||
## How does it work?
|
||||
|
|
|
@ -12,6 +12,7 @@ import UserMailIdentityComponent from "../models/UserMailIdentityComponent";
|
|||
import MailIdentity from "../models/MailIdentity";
|
||||
import UserNameComponent from "../models/UserNameComponent";
|
||||
import {WhereOperator, WhereTest} from "wms-core/db/ModelQuery";
|
||||
import UserPasswordComponent from "../models/UserPasswordComponent";
|
||||
|
||||
export default class AccountController extends Controller {
|
||||
public getRoutesPrefix(): string {
|
||||
|
@ -20,6 +21,9 @@ export default class AccountController extends Controller {
|
|||
|
||||
public routes(): void {
|
||||
this.get('/', this.getAccount, 'account', RequireAuthMiddleware);
|
||||
|
||||
this.post('/change-password', this.postChangePassword, 'change-password', RequireAuthMiddleware);
|
||||
|
||||
this.post('/add-recovery-email', this.addRecoveryEmail, 'add-recovery-email', RequireAuthMiddleware);
|
||||
this.post('/set-main-email', this.postSetMainRecoveryEmail, 'set-main-recovery-email', RequireAuthMiddleware);
|
||||
this.post('/remove-email', this.postRemoveRecoveryEmail, 'remove-recovery-email', RequireAuthMiddleware);
|
||||
|
@ -51,6 +55,27 @@ export default class AccountController extends Controller {
|
|||
});
|
||||
}
|
||||
|
||||
protected async postChangePassword(req: Request, res: Response): Promise<void> {
|
||||
await this.validate({
|
||||
'current_password': new Validator().defined(),
|
||||
'new_password': new Validator().defined(),
|
||||
'new_password_confirmation': new Validator().sameAs('new_password', req.body.new_password),
|
||||
}, req.body);
|
||||
|
||||
const user = req.as(RequireAuthMiddleware).getUser();
|
||||
if (!await user.as(UserPasswordComponent).verifyPassword(req.body.current_password)) {
|
||||
req.flash('error', 'Invalid current password.');
|
||||
res.redirectBack(Controller.route('account'));
|
||||
return;
|
||||
}
|
||||
|
||||
await user.as(UserPasswordComponent).setPassword(req.body.new_password, 'new_password');
|
||||
await user.save();
|
||||
|
||||
req.flash('success', 'Password change successfully.');
|
||||
res.redirectBack(Controller.route('account'));
|
||||
}
|
||||
|
||||
protected async addRecoveryEmail(req: Request, res: Response): Promise<void> {
|
||||
await this.validate({
|
||||
email: new Validator().defined().regexp(EMAIL_REGEX),
|
||||
|
|
|
@ -11,6 +11,20 @@
|
|||
<p>Name: {{ user.name }}</p>
|
||||
</div>
|
||||
|
||||
<section class="panel">
|
||||
<h2><i data-feather="key"></i> Change password</h2>
|
||||
|
||||
<form action="{{ route('change-password') }}" method="POST">
|
||||
{{ macros.field(_locals, 'password', 'current_password', null, 'Current password') }}
|
||||
{{ macros.field(_locals, 'password', 'new_password', null, 'New password') }}
|
||||
{{ macros.field(_locals, 'password', 'new_password_confirmation', null, 'New password confirmation') }}
|
||||
|
||||
<button type="submit"><i data-feather="save"></i> Save</button>
|
||||
|
||||
{{ macros.csrf(getCsrfToken) }}
|
||||
</form>
|
||||
</section>
|
||||
|
||||
<section class="panel">
|
||||
<h2><i data-feather="shield"></i> Recovery email addresses</h2>
|
||||
|
||||
|
|
Loading…
Reference in New Issue