Parcourir la source

Add ability to change password from account page.

Lee Morgan il y a 5 ans
Parent
commit
a071b58889

+ 41 - 1
controllers/merchantData.js

@@ -210,7 +210,47 @@ module.exports = {
                 if(err.name === "ValidationError"){
                     return res.json(err.errors[Object.keys(err.errors)[0]].properties.message);
                 }
-                return res.json("ERROR: UNABLE TO UPDATE YOUR PASSWORD");
+                return res.json("ERROR: UNABLE TO UPDATE DATA");
             });
+    },
+
+    /*
+    PUT: Update merchant password with current password
+    req.body = {
+        current: String (current merchant password),
+        new: String (new password),
+        confirm: String (new password again for confirmation)
+    }
+    response = {redirect: String (link to redirect to)}
+    */
+    changePassword: function(req, res){
+        if(req.body.new !== req.body.confirm){
+            return res.json("PASSWORDS DO NOT MATCH");
+        }
+
+        bcrypt.compare(req.body.current, res.locals.merchant.password, (err, result)=>{
+            if(result === true){
+                let salt = bcrypt.genSaltSync(10);
+                let hash = bcrypt.hashSync(req.body.new, salt);
+
+                res.locals.merchant.password = hash;
+
+                let newExpiration = new Date();
+                newExpiration.setDate(newExpiration.getDate() + 90);
+                res.locals.merchant.session.sessionId = helper.generateId(25);
+                res.locals.merchant.session.expiration = newExpiration;
+
+                res.locals.merchant.save()
+                    .then((merchant)=>{
+                        req.session.error = "PLEASE LOG IN";
+                        return res.json({redirect: `http://${process.env.SITE}/login`});
+                    })
+                    .catch((err)=>{
+                        return res.json("ERROR: UNABLE TO UPDATE PASSWORD");
+                    });
+            }else{
+                return res.json("INCORRECT PASSWORD");
+            }
+        });
     }
 }

+ 1 - 0
middleware.js

@@ -12,6 +12,7 @@ module.exports = {
                 if(merchant === null){
                     throw "no merchant";
                 }
+                
     
                 if(merchant.session.date < new Date()){
                     let newExpiration = new Date();

+ 1 - 0
routes.js

@@ -27,6 +27,7 @@ module.exports = function(app){
     app.put("/merchant/ingredients/update", session, merchantData.updateIngredientQuantities); //also updates some data in ingredients
     app.post("/merchant/password", merchantData.updatePassword); //TODO: change to work with session
     app.put("/merchant/update", session, merchantData.updateData);
+    app.put("/merchant/password", session, merchantData.changePassword);
 
     //Ingredients
     app.post("/ingredients/create", session, ingredientData.createIngredient);  //also adds to merchant

+ 34 - 1
views/dashboardPage/bundle.js

@@ -3015,7 +3015,40 @@ let account = {
     },
 
     updatePassword: function(){
-        console.log("updating password");
+        let data = {
+            current: document.getElementById("accountCurrentPassword").value,
+            new: document.getElementById("accountNewPassword").value,
+            confirm: document.getElementById("accountConfirmPassword").value
+        }
+        
+        if(data.new !== data.confirm){
+            return controller.createBanner("PASSWORDS DO NOT MATCH");
+        }
+
+        let loader = document.getElementById("loaderContainer");
+        loader.style.display = "flex";
+
+        fetch("/merchant/password", {
+            method: "put",
+            headers: {
+                "Content-Type": "application/json;charset=utf-8"
+            },
+            body: JSON.stringify(data)
+        })
+            .then(response => response.json())
+            .then((response)=>{
+                if(typeof(response) === "string"){
+                    controller.createBanner(response, "error");
+                }else{
+                    window.location.href = response.redirect;
+                }
+            })
+            .catch((err)=>{
+                controller.createBanner("SOMETHING WENT WRONG. PLEASE REFRESH THE PAGE", "error");
+            })
+            .finally(()=>{
+                loader.style.display = "none";
+            });
     }
 }
 

+ 4 - 0
views/dashboardPage/dashboard.css

@@ -608,6 +608,10 @@ ACCOUNT STRAND
             margin: 5px;
         }
 
+        #changePasswordBox p{
+            color: red;
+        }
+
         #accountButtonBox{
             margin: 0;
         }

+ 2 - 0
views/dashboardPage/ejs/strands/account.ejs

@@ -32,6 +32,8 @@
 
                 <button id="changePasswordButton" class="button">CHANGE PASSWORD</button>
             </div>
+
+            <p>* This will log you out of all current sessions</p>
         </div>
     </div>
 </div>

+ 34 - 1
views/dashboardPage/js/strands/account.js

@@ -61,7 +61,40 @@ let account = {
     },
 
     updatePassword: function(){
-        console.log("updating password");
+        let data = {
+            current: document.getElementById("accountCurrentPassword").value,
+            new: document.getElementById("accountNewPassword").value,
+            confirm: document.getElementById("accountConfirmPassword").value
+        }
+        
+        if(data.new !== data.confirm){
+            return controller.createBanner("PASSWORDS DO NOT MATCH");
+        }
+
+        let loader = document.getElementById("loaderContainer");
+        loader.style.display = "flex";
+
+        fetch("/merchant/password", {
+            method: "put",
+            headers: {
+                "Content-Type": "application/json;charset=utf-8"
+            },
+            body: JSON.stringify(data)
+        })
+            .then(response => response.json())
+            .then((response)=>{
+                if(typeof(response) === "string"){
+                    controller.createBanner(response, "error");
+                }else{
+                    window.location.href = response.redirect;
+                }
+            })
+            .catch((err)=>{
+                controller.createBanner("SOMETHING WENT WRONG. PLEASE REFRESH THE PAGE", "error");
+            })
+            .finally(()=>{
+                loader.style.display = "none";
+            });
     }
 }