#973

author: syuilo <syuilotan@yahoo.co.jp> 2017-12-10 02:45:32 +0900
committer: syuilo <syuilotan@yahoo.co.jp> 2017-12-10 02:45:32 +0900
commit: d0cfe112e11c52acaeebb42c3229a37af23c846a (patch)
tree: ff032473cc4a83c6b8d9c9baf6d38e82eef94eec /src/api/endpoints/i/2fa/unregister.ts
parent: :+1: (diff)
download: sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.tar.gz
sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.tar.bz2
sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.zip
1 files changed, 28 insertions, 0 deletions
diff --git a/src/api/endpoints/i/2fa/unregister.ts b/src/api/endpoints/i/2fa/unregister.ts
new file mode 100644
index 0000000000..6bee6a26f2
--- /dev/null
+++ b/src/api/endpoints/i/2fa/unregister.ts
@@ -0,0 +1,28 @@
+/**
+ * Module dependencies
+ */
+import $ from 'cafy';
+import * as bcrypt from 'bcryptjs';
+import User from '../../../models/user';
+
+module.exports = async (params, user) => new Promise(async (res, rej) => {
+	// Get 'password' parameter
+	const [password, passwordErr] = $(params.password).string().$;
+	if (passwordErr) return rej('invalid password param');
+
+	// Compare password
+	const same = await bcrypt.compare(password, user.password);
+
+	if (!same) {
+		return rej('incorrect password');
+	}
+
+	await User.update(user._id, {
+		$set: {
+			two_factor_secret: null,
+			two_factor_enabled: false
+		}
+	});
+
+	res();
+});
author	syuilo <syuilotan@yahoo.co.jp>	2017-12-10 02:45:32 +0900
committer	syuilo <syuilotan@yahoo.co.jp>	2017-12-10 02:45:32 +0900
commit	d0cfe112e11c52acaeebb42c3229a37af23c846a (patch)
tree	ff032473cc4a83c6b8d9c9baf6d38e82eef94eec /src/api/endpoints/i/2fa/unregister.ts
parent	:+1: (diff)
download	sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.tar.gz sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.tar.bz2 sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.zip