diff options
| author | Akihiko Odaki <nekomanma@pixiv.co.jp> | 2018-03-29 01:20:40 +0900 |
|---|---|---|
| committer | Akihiko Odaki <nekomanma@pixiv.co.jp> | 2018-03-29 01:54:41 +0900 |
| commit | 90f8fe7e538bb7e52d2558152a0390e693f39b11 (patch) | |
| tree | 0f830887053c8f352b1cd0c13ca715fd14c1f030 /src/server/api/endpoints/i/change_password.ts | |
| parent | Implement remote account resolution (diff) | |
| download | misskey-90f8fe7e538bb7e52d2558152a0390e693f39b11.tar.gz misskey-90f8fe7e538bb7e52d2558152a0390e693f39b11.tar.bz2 misskey-90f8fe7e538bb7e52d2558152a0390e693f39b11.zip | |
Introduce processor
Diffstat (limited to 'src/server/api/endpoints/i/change_password.ts')
| -rw-r--r-- | src/server/api/endpoints/i/change_password.ts | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/src/server/api/endpoints/i/change_password.ts b/src/server/api/endpoints/i/change_password.ts new file mode 100644 index 0000000000..88fb36b1fb --- /dev/null +++ b/src/server/api/endpoints/i/change_password.ts @@ -0,0 +1,42 @@ +/** + * Module dependencies + */ +import $ from 'cafy'; +import * as bcrypt from 'bcryptjs'; +import User from '../../models/user'; + +/** + * Change password + * + * @param {any} params + * @param {any} user + * @return {Promise<any>} + */ +module.exports = async (params, user) => new Promise(async (res, rej) => { + // Get 'current_password' parameter + const [currentPassword, currentPasswordErr] = $(params.current_password).string().$; + if (currentPasswordErr) return rej('invalid current_password param'); + + // Get 'new_password' parameter + const [newPassword, newPasswordErr] = $(params.new_password).string().$; + if (newPasswordErr) return rej('invalid new_password param'); + + // Compare password + const same = await bcrypt.compare(currentPassword, user.account.password); + + if (!same) { + return rej('incorrect password'); + } + + // Generate hash of password + const salt = await bcrypt.genSalt(8); + const hash = await bcrypt.hash(newPassword, salt); + + await User.update(user._id, { + $set: { + 'account.password': hash + } + }); + + res(); +}); |