127.0.0.1:8000 watch-together / master server / routes / api / account / update.js
master

Tree @master (Download .tar.gz)

update.js @masterraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
const utils = require('../../../utils');
const snippets = require('../../../utils/snippets');
const bcrypt = require('bcrypt');

module.exports = {
    post: {
        "display-name": function(req, res) {
            utils.validate.keys(req.body, [
                'display_name'
            ]).then(function() {
                req.body.display_name = req.body.display_name.trim();
                if (!req.body.display_name) {
                    return utils.reject("Could not update username: Username cannot be empty");
                }
                return utils.query("UPDATE users" + utils.set_where({
                    display_name: req.body.display_name
                }, {
                    user_id: req.user.user_id
                })).catch(utils.handle_err.sql(res));
            }).then(function(result) {
                res.send(utils.ok({
                    message: result.changedRows ? "Username Updated" : "Username Unchanged"
                }));
            }).catch(utils.handle_err.res(res, "Could not update username"));
        },
        "password": function(req, res) {
            utils.validate.keys(req.body, [
                'current_password',
                ['new_password', utils.validate.password, "New password not strong enough"]
            ]).then(function() {
                if (utils.validate.password(req.body.new_password)) {
                    return bcrypt.compare(req.body.current_password, req.user.password);
                }
                return utils.reject("New password not good enough");
            }).then(function(passwords_match) {
                if (passwords_match) {
                    return bcrypt.hash(req.body.new_password, 10);
                }
                return utils.reject("Current password incorrect");
            }).then(function(hashword) {
                return utils.query("UPDATE users" + utils.set_where({
                    password: hashword
                }, {
                    user_id: req.user.user_id
                })).catch(utils.handle_err.sql(res));
            }).then(function(result) {
                res.send(utils.ok({
                    message: result.changedRows ? "Password Updated" : "Password Unchanged"
                }));

                if (result.changedRows) {
                    return snippets.generate_token_and_send_email(res,
                        "password_reset", "reset_id",
                        req.body.email, "send_password_changed_email"
                    );
                }
            }).catch(utils.handle_err.res(res, "Could not update password"));
        }
    }
}