validate user stores admin who validates, and fixed change password

7 years ago · 5f61486a20
3 changed files with 35 additions and 8 deletions
--- a/controllers/adminController.js
+++ b/controllers/adminController.js
@ -532,6 +532,7 @@ exports.validateUser = function(req, res) {
                    .exec(function(err, user) {
                        if (err) return res.send(500, err.message);
                        user.validated = true;
                        user.validatedBy = admin._id;

                        user.save(function(err, user) {
                            if (err) return res.send(500, err.message);
@ -560,6 +561,7 @@ exports.unvalidateUser = function(req, res) {
                    .exec(function(err, user) {
                        if (err) return res.send(500, err.message);
                        user.validated = false;
                        user.validatedBy = admin._id;

                        user.save(function(err, user) {
                            if (err) return res.send(500, err.message);
--- a/controllers/userController.js
+++ b/controllers/userController.js
@ -169,6 +169,7 @@ exports.getUserById = function(req, res) {
            _id: req.params.userid
        })
        .lean()
        .populate('validatedBy', 'username')
        .populate('travels', 'title from to date type')
        .exec(function(err, user) {
            if (err) return res.send(500, err.message);
@ -575,12 +576,32 @@ exports.doUnfav = function(req, res) {
    });
 };
 exports.changePassword = function(req, res) {
    //if(req.body.)
    userModel.update({
            'token': req.headers['x-access-token']
        }, req.body,
        function(err) {
            if (err) return console.log(err);
            exports.getUserByToken(req, res);
    console.log(req.body);
    userModel.findOne({
            'token': req.headers['x-access-token'],
            'password': crypto.createHash('sha256').update(req.body.old).digest('base64')
        })
        .exec(function(err, user) {
            if (err) return res.send(500, err.message);
            if (!user) {
                res.json({
                    success: false,
                    message: 'User not found.'
                });
            } else if (user) {
                if (req.body.new1 != req.body.new2) {
                    res.json({
                        success: false,
                        message: 'New passwords not match'
                    });
                }else{
                    user.password = crypto.createHash('sha256').update(req.body.new1).digest('base64');
                    user.save(function(err, user) {
                        if (err) return res.send(500, err.message);

                        exports.getUserByToken(req, res);
                    });
                }
            }
        });
 };
--- a/models/userModel.js
+++ b/models/userModel.js
@ -12,10 +12,14 @@ var userSchema = new Schema({
    avatar:   { type: String, default: "img/avatars/racoon.png" },
    faircoinString:   { type: String, default: "faircoin wallet" },
    faircoin:   { type: String, default: "img/faircoinpublickey_sample.png" },
    email:   { type: String, required: true },
    email:   { type: String, required: true, select: false },
    phone: { type: String },
    telegram: { type: String },
    validated: { type: Boolean, default: false },
    validatedBy: {
        type: mongoose.Schema.Types.ObjectId,
        ref: 'adminModel'
    },
    valorations: [{
        user: {
            type: mongoose.Schema.Types.ObjectId,