diff options
| author | syuilo <syuilotan@yahoo.co.jp> | 2017-12-10 02:45:32 +0900 |
|---|---|---|
| committer | syuilo <syuilotan@yahoo.co.jp> | 2017-12-10 02:45:32 +0900 |
| commit | d0cfe112e11c52acaeebb42c3229a37af23c846a (patch) | |
| tree | ff032473cc4a83c6b8d9c9baf6d38e82eef94eec /src/api/endpoints | |
| parent | :+1: (diff) | |
| download | sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.tar.gz sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.tar.bz2 sharkey-d0cfe112e11c52acaeebb42c3229a37af23c846a.zip | |
#973
Diffstat (limited to 'src/api/endpoints')
| -rw-r--r-- | src/api/endpoints/i/2fa/unregister.ts | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/api/endpoints/i/2fa/unregister.ts b/src/api/endpoints/i/2fa/unregister.ts new file mode 100644 index 0000000000..6bee6a26f2 --- /dev/null +++ b/src/api/endpoints/i/2fa/unregister.ts @@ -0,0 +1,28 @@ +/** + * Module dependencies + */ +import $ from 'cafy'; +import * as bcrypt from 'bcryptjs'; +import User from '../../../models/user'; + +module.exports = async (params, user) => new Promise(async (res, rej) => { + // Get 'password' parameter + const [password, passwordErr] = $(params.password).string().$; + if (passwordErr) return rej('invalid password param'); + + // Compare password + const same = await bcrypt.compare(password, user.password); + + if (!same) { + return rej('incorrect password'); + } + + await User.update(user._id, { + $set: { + two_factor_secret: null, + two_factor_enabled: false + } + }); + + res(); +}); |