change password form working

author: Jules Laplace <julescarbon@gmail.com> 2018-05-14 18:54:22 +0200
committer: Jules Laplace <julescarbon@gmail.com> 2018-05-14 18:54:22 +0200
commit: e79bdedb819415792eea49de7483885046d2a368 (patch)
tree: 9931fa389c1459347593155dd09a7c2cf3ecc009 /bucky/util/auth.js
parent: afd20e776ba207be9c4a00d29cb61dd3ea760eef (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/bucky/util/auth.js b/bucky/util/auth.js
index 624c898..16368cf 100644
--- a/bucky/util/auth.js
+++ b/bucky/util/auth.js
@@ -163,6 +163,19 @@ var auth = module.exports = {
     res.user.set('password', newPassword)
     res.user.save().then(() => next()).catch(err => res.send({ error: err }))
   },
+  changePasswordDangerously: function(req, res, next){
+    if (! req.body.password && ! req.body.newpassword) return next()
+    if (req.body.newpassword !== req.body.newpassword2) {
+      return res.send({ error: 'Passwords don\'t match.' })
+    }
+    if (! auth.validPassword(req.user, req.body.password)) {
+      return res.send({ error: 'Password is incorrect.' })
+    }
+    var username = res.user.get('username')
+    var newPassword = auth.makePassword(username, req.body.newpassword)
+    res.user.set('password', newPassword)
+    res.user.save().then(() => next()).catch(err => res.send({ error: err }))
+  },
 
 	verifyLocalUser: function (username, password, done) {
     // handle passwords!!
author	Jules Laplace <julescarbon@gmail.com>	2018-05-14 18:54:22 +0200
committer	Jules Laplace <julescarbon@gmail.com>	2018-05-14 18:54:22 +0200
commit	e79bdedb819415792eea49de7483885046d2a368 (patch)
tree	9931fa389c1459347593155dd09a7c2cf3ecc009 /bucky/util/auth.js
parent	afd20e776ba207be9c4a00d29cb61dd3ea760eef (diff)