From c64aa8fa2e047a7a11eae4035423910da586638b Mon Sep 17 00:00:00 2001
From: Pitu <seligmannkevin@gmail.com>
Date: Sun, 29 Jan 2017 22:30:00 -0300
Subject: [PATCH] Added change password for users

---
 controllers/authController.js | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/controllers/authController.js b/controllers/authController.js
index 86f92fd..464cb7d 100644
--- a/controllers/authController.js
+++ b/controllers/authController.js
@@ -61,4 +61,28 @@ authController.register = function(req, res, next){
 
 }
 
+authController.changePassword = function(req, res, next){
+
+	let token = req.headers.token
+	if(token === undefined) return res.status(401).json({ success: false, description: 'No token provided' })
+
+	db.table('users').where('token', token).then((user) => {
+		if(user.length === 0) return res.status(401).json({ success: false, description: 'Invalid token'})
+		
+		let password = req.body.password
+		if(password === undefined) return res.json({ success: false, description: 'No password provided' })
+		if(password.length < 6 || password.length > 64)
+			return res.json({ success: false, description: 'Password must have 6-64 characters' })
+
+		bcrypt.hash(password, saltRounds, function(err, hash) {
+			if(err) return res.json({ success: false, description: 'Error generating password hash (╯°□°）╯︵ ┻━┻' })
+
+			db.table('users').where('id', user.id).update({password: hash}).then(() => {
+				return res.json({ success: true})
+			}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
+		})
+	}).catch(function(error) { console.log(error); res.json({success: false, description: 'error'}) })
+
+}
+
 module.exports = authController
\ No newline at end of file