127.0.0.1:8000 budget / master server / routes / api / account / update.js
master

Tree @master (Download .tar.gz)

update.js @masterraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
const utils = require('../../../utils');
const bcrypt = require('bcrypt');

module.exports = {
    post: {
        "username": function(req, res) {
            utils.validate.keys(req.body, [
                'username'
            ]).then(function() {
                req.body.username = req.body.username.trim();
                if (!req.body.username) {
                    return Promise.reject("Could not update username: Username cannot be empty");
                }
                return utils.query("UPDATE users" + utils.set_where({
                    username: req.body.username
                }, {
                    user_id: req.user.user_id
                })).catch(utils.handle_err.sql(res));
            }).then(function(result) {
                res.send(utils.ok({
                    message: result.changedRows ? "Username Updated" : "Username Unchanged"
                }));
            }).catch(utils.handle_err.res(res, "Could not update username"));
        },
        "password": function(req, res) {
            utils.validate.keys(req.body, [
                'current_password',
                ['new_password', utils.validate.password, "New password not strong enough"]
            ]).then(function() {
                if (utils.validate.password(req.body.new_password)) {
                    return bcrypt.compare(req.body.current_password, req.user.password);
                }
                return utils.reject("New password not good enough");
            }).then(function(passwords_match) {
                if (passwords_match) {
                    return bcrypt.hash(req.body.new_password, 10);
                }
                return utils.reject("Current password incorrect");
            }).then(function(hashword) {
                return utils.query("UPDATE users" + utils.set_where({
                    password: hashword
                }, {
                    user_id: req.user.user_id
                })).catch(utils.handle_err.sql(res));
            }).then(function(result) {
                res.send(utils.ok({
                    message: result.changedRows ? "Password Updated" : "Password Unchanged"
                }));
            }).catch(utils.handle_err.res(res, "Could not update password"));
        }
    }
}