From 3a42fe7ad797a6f9cf747d2d358015ac992765a7 Mon Sep 17 00:00:00 2001
From: Jules Laplace <julescarbon@gmail.com>
Date: Thu, 14 Dec 2017 19:53:31 +0100
Subject: change password - profile stuff

---
 bucky/util/auth.js | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'bucky/util/auth.js')

diff --git a/bucky/util/auth.js b/bucky/util/auth.js
index 3cc01f0..4556733 100644
--- a/bucky/util/auth.js
+++ b/bucky/util/auth.js
@@ -125,6 +125,20 @@ var auth = module.exports = {
     return user.get('password') === auth.makePassword(user.get('username'), pw);
   },
 
+  changePassword: function(req, res, next) {
+    if (! req.body.oldpassword && ! req.body.newpassword) return next()
+    if (req.body.newpassword !== req.body.newpassword2) {
+      return res.send({ error: 'Passwords don\'t match.' })
+    }
+    if (! auth.validPassword(res.user, req.body.oldpassword)) {
+      return res.send({ error: 'Password is incorrect.' })
+    }
+    var username = req.user.get('username')
+    var newPassword = auth.makePassword(username, req.body.newpassword)
+    res.user.set('password', newPassword)
+    next()
+  },
+
 	verifyLocalUser: function (username, password, done) {
     // handle passwords!!
 		db.getUserByUsername(username).then(function(user){
@@ -143,7 +157,7 @@ var auth = module.exports = {
 	
   checkin: function (req, res) {
     var user = util.sanitizeUser(req.user)
-    res.json(user)
+    res.json({ user: user })
   },
 
 	logout: function (req, res) {
-- 
cgit v1.2.3-70-g09d2