banana/definma-api
Archived
2
Fork 0
Code Releases Activity

changed to findById and improved db.loadJson

Browse Source
This commit is contained in:
VLE2FE
2020-04-24 10:53:45 +02:00
parent 4e68267bfd
commit 8bf408138f
7 changed files with 48 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/routes/user.spec.ts
View File

@ -175,7 +175,7 @@ describe('/user/passreset', () => {
});
});
it('changes the user password', done => {
UserModel.find({name: 'janedoe'}).lean().exec( 'find', (err, data) => {
UserModel.find({name: 'janedoe'}).lean().exec( 'find', (err, data: any) => {
if (err) return done(err);
const oldpass = data[0].pass;
supertest(server)
@ -189,8 +189,9 @@ describe('/user/passreset', () => {
.end((err, res) => {
if (err) done(err);
should(res.body).be.eql({status: 'OK'});
UserModel.find({name: 'janedoe'}).lean().exec( 'find', (err, data) => {
UserModel.find({name: 'janedoe'}).lean().exec( (err, data: any) => {
if (err) return done(err);
console.log(data);
should(data[0].pass).not.eql(oldpass);
done();
});

4
src/routes/user.ts
View File

@ -42,13 +42,13 @@ router.post('/user/new', (req, res, next) => {
router.post('/user/passreset', (req, res, next) => {
// check if user/email combo exists
UserModel.find({name: req.body.name, email: req.body.email}).lean().exec( 'find', (err, data) => {
UserModel.find({name: req.body.name, email: req.body.email}).lean().exec( (err, data: any) => {
if (err) next(err);
if (data.length === 1) { // it exists
const newPass = Math.random().toString(36).substring(2);
bcrypt.hash(newPass, 10, (err, hash) => { // password hashing
if (err) next(err);
UserModel.findOneAndUpdate({name: req.body.name, email: req.body.email}, {pass: hash}, err => {
UserModel.findByIdAndUpdate(data[0]._id, {pass: hash}, err => { // write new password
if (err) next(err);
mail(data[0].email, 'Your new password for the DFOP database', 'Hi, <br><br> You requested to reset your password.<br>Your new password is:<br><br>' + newPass + '<br><br>If you did not request a password reset, talk to the sysadmin quickly!<br><br>Have a nice day.<br><br>The DFOP team', err => {
if (err) next(err);