ashpie/rainbox.email
ashpie
/
rainbox.email
1
0
Fork 0
Code Issues Pull Requests Releases 4 Wiki Activity

Allow users to change their password

This commit is contained in:
Alice Gaudon 2020-11-10 15:05:43 +01:00
parent 0fb544d88b
commit a9f56cd0cf
3 changed files with 45 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -8,12 +8,12 @@ Please feel free to contribute by making issues, bug reports and pull requests.
## /!\ THIS PROJECT STILL LACKS ESSENTIAL FEATURES SUCH AS: /!\
- Change password
- Password recovery (recovery emails are unused yet)
- Quota management
- Editable terms of service
- Complex permissions system
- Redirections (can be manually setup with sql queries)
- [x] ~~Change password~~
- [ ] Password recovery (recovery emails are unused yet)
- [ ] Quota management
- [ ] Editable terms of service
- [ ] Complex permissions system
- [ ] Redirections (can be manually setup with sql queries)
- Probably many others, please make an issue so I can add them to this list
## How does it work?

25
src/controllers/AccountController.ts
View File

@ -12,6 +12,7 @@ import UserMailIdentityComponent from "../models/UserMailIdentityComponent";
import MailIdentity from "../models/MailIdentity";
import UserNameComponent from "../models/UserNameComponent";
import {WhereOperator, WhereTest} from "wms-core/db/ModelQuery";
import UserPasswordComponent from "../models/UserPasswordComponent";
export default class AccountController extends Controller {
public getRoutesPrefix(): string {
@ -20,6 +21,9 @@ export default class AccountController extends Controller {
public routes(): void {
this.get('/', this.getAccount, 'account', RequireAuthMiddleware);
this.post('/change-password', this.postChangePassword, 'change-password', RequireAuthMiddleware);
this.post('/add-recovery-email', this.addRecoveryEmail, 'add-recovery-email', RequireAuthMiddleware);
this.post('/set-main-email', this.postSetMainRecoveryEmail, 'set-main-recovery-email', RequireAuthMiddleware);
this.post('/remove-email', this.postRemoveRecoveryEmail, 'remove-recovery-email', RequireAuthMiddleware);
@ -51,6 +55,27 @@ export default class AccountController extends Controller {
});
}
protected async postChangePassword(req: Request, res: Response): Promise<void> {
await this.validate({
'current_password': new Validator().defined(),
'new_password': new Validator().defined(),
'new_password_confirmation': new Validator().sameAs('new_password', req.body.new_password),
}, req.body);
const user = req.as(RequireAuthMiddleware).getUser();
if (!await user.as(UserPasswordComponent).verifyPassword(req.body.current_password)) {
req.flash('error', 'Invalid current password.');
res.redirectBack(Controller.route('account'));
return;
}
await user.as(UserPasswordComponent).setPassword(req.body.new_password, 'new_password');
await user.save();
req.flash('success', 'Password change successfully.');
res.redirectBack(Controller.route('account'));
}
protected async addRecoveryEmail(req: Request, res: Response): Promise<void> {
await this.validate({
email: new Validator().defined().regexp(EMAIL_REGEX),

14
views/account.njk
View File

@ -11,6 +11,20 @@
<p>Name: {{ user.name }}</p>
</div>
<section class="panel">
<h2><i data-feather="key"></i> Change password</h2>
<form action="{{ route('change-password') }}" method="POST">
{{ macros.field(_locals, 'password', 'current_password', null, 'Current password') }}
{{ macros.field(_locals, 'password', 'new_password', null, 'New password') }}
{{ macros.field(_locals, 'password', 'new_password_confirmation', null, 'New password confirmation') }}
<button type="submit"><i data-feather="save"></i> Save</button>
{{ macros.csrf(getCsrfToken) }}
</form>
</section>
<section class="panel">
<h2><i data-feather="shield"></i> Recovery email addresses</h2>