diff options
| author | syuilo <syuilotan@yahoo.co.jp> | 2018-11-02 12:49:08 +0900 |
|---|---|---|
| committer | syuilo <syuilotan@yahoo.co.jp> | 2018-11-02 12:49:08 +0900 |
| commit | a7e6b766be6b30b37839beb13f31d96b141cc25a (patch) | |
| tree | b6bf96ae808260f0aa94767835d59d25f7f889a7 /src/server/api/endpoints/i/change_password.ts | |
| parent | Update src/server/api/endpoints/meta.ts (diff) | |
| download | misskey-a7e6b766be6b30b37839beb13f31d96b141cc25a.tar.gz misskey-a7e6b766be6b30b37839beb13f31d96b141cc25a.tar.bz2 misskey-a7e6b766be6b30b37839beb13f31d96b141cc25a.zip | |
Resolve #2623
Diffstat (limited to 'src/server/api/endpoints/i/change_password.ts')
| -rw-r--r-- | src/server/api/endpoints/i/change_password.ts | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/src/server/api/endpoints/i/change_password.ts b/src/server/api/endpoints/i/change_password.ts index dc0f060c08..818637e224 100644 --- a/src/server/api/endpoints/i/change_password.ts +++ b/src/server/api/endpoints/i/change_password.ts @@ -1,23 +1,30 @@ import $ from 'cafy'; import * as bcrypt from 'bcryptjs'; import User, { ILocalUser } from '../../../../models/user'; +import getParams from '../../get-params'; export const meta = { requireCredential: true, - secure: true + + secure: true, + + params: { + currentPassword: { + validator: $.str + }, + + newPassword: { + validator: $.str + } + } }; export default async (params: any, user: ILocalUser) => new Promise(async (res, rej) => { - // Get 'currentPasword' parameter - const [currentPassword, currentPasswordErr] = $.str.get(params.currentPasword); - if (currentPasswordErr) return rej('invalid currentPasword param'); - - // Get 'newPassword' parameter - const [newPassword, newPasswordErr] = $.str.get(params.newPassword); - if (newPasswordErr) return rej('invalid newPassword param'); + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); // Compare password - const same = await bcrypt.compare(currentPassword, user.password); + const same = await bcrypt.compare(ps.currentPassword, user.password); if (!same) { return rej('incorrect password'); @@ -25,7 +32,7 @@ export default async (params: any, user: ILocalUser) => new Promise(async (res, // Generate hash of password const salt = await bcrypt.genSalt(8); - const hash = await bcrypt.hash(newPassword, salt); + const hash = await bcrypt.hash(ps.newPassword, salt); await User.update(user._id, { $set: { |