47 lines
1.5 KiB
JavaScript
47 lines
1.5 KiB
JavaScript
const bcrypt = require('bcrypt');
|
|
const moment = require('moment');
|
|
const Route = require('../../structures/Route');
|
|
const log = require('../../utils/Log');
|
|
|
|
class changePasswordPOST extends Route {
|
|
constructor() {
|
|
super('/user/password/change', 'post');
|
|
}
|
|
|
|
async run(req, res, db, user) {
|
|
if (!req.body) return res.status(400).json({ message: 'No body provided' });
|
|
const { password, newPassword } = req.body;
|
|
if (!password || !newPassword) return res.status(401).json({ message: 'Invalid body provided' });
|
|
if (password === newPassword) return res.status(400).json({ message: 'Passwords have to be different' });
|
|
|
|
/*
|
|
Checks if the password is right
|
|
*/
|
|
const comparePassword = await bcrypt.compare(password, user.password);
|
|
if (!comparePassword) return res.status(401).json({ message: 'Current password is incorrect' });
|
|
|
|
if (newPassword.length < 6 || newPassword.length > 64) {
|
|
return res.status(400).json({ message: 'Password must have 6-64 characters' });
|
|
}
|
|
|
|
let hash;
|
|
try {
|
|
hash = await bcrypt.hash(newPassword, 10);
|
|
} catch (error) {
|
|
log.error('Error generating password hash');
|
|
log.error(error);
|
|
return res.status(401).json({ message: 'There was a problem processing your account' });
|
|
}
|
|
|
|
const now = moment.utc().toDate();
|
|
await db.table('users').where('id', user.id).update({
|
|
password: hash,
|
|
passwordEditedAt: now
|
|
});
|
|
|
|
return res.json({ message: 'The password was changed successfully' });
|
|
}
|
|
}
|
|
|
|
module.exports = changePasswordPOST;
|