validate user stores admin who validates, and fixed change password

2026-02-27 21:16:41 +01:00 · 2017-09-03 17:03:02 +02:00
parent 5384336d57
commit 5f61486a20
3 changed files with 35 additions and 8 deletions
--- a/controllers/adminController.js
+++ b/controllers/adminController.js
@@ -532,6 +532,7 @@ exports.validateUser = function(req, res) {
                    .exec(function(err, user) {
                        if (err) return res.send(500, err.message);
                        user.validated = true;
+                        user.validatedBy = admin._id;

                        user.save(function(err, user) {
                            if (err) return res.send(500, err.message);
@@ -560,6 +561,7 @@ exports.unvalidateUser = function(req, res) {
                    .exec(function(err, user) {
                        if (err) return res.send(500, err.message);
                        user.validated = false;
+                        user.validatedBy = admin._id;

                        user.save(function(err, user) {
                            if (err) return res.send(500, err.message);
--- a/controllers/userController.js
+++ b/controllers/userController.js
@@ -169,6 +169,7 @@ exports.getUserById = function(req, res) {
            _id: req.params.userid
        })
        .lean()
+        .populate('validatedBy', 'username')
        .populate('travels', 'title from to date type')
        .exec(function(err, user) {
            if (err) return res.send(500, err.message);
@@ -575,12 +576,32 @@ exports.doUnfav = function(req, res) {
    });
 };
 exports.changePassword = function(req, res) {
-    //if(req.body.)
-    userModel.update({
-            'token': req.headers['x-access-token']
-        }, req.body,
-        function(err) {
-            if (err) return console.log(err);
-            exports.getUserByToken(req, res);
+    console.log(req.body);
+    userModel.findOne({
+            'token': req.headers['x-access-token'],
+            'password': crypto.createHash('sha256').update(req.body.old).digest('base64')
+        })
+        .exec(function(err, user) {
+            if (err) return res.send(500, err.message);
+            if (!user) {
+                res.json({
+                    success: false,
+                    message: 'User not found.'
+                });
+            } else if (user) {
+                if (req.body.new1 != req.body.new2) {
+                    res.json({
+                        success: false,
+                        message: 'New passwords not match'
+                    });
+                }else{
+                    user.password = crypto.createHash('sha256').update(req.body.new1).digest('base64');
+                    user.save(function(err, user) {
+                        if (err) return res.send(500, err.message);
+
+                        exports.getUserByToken(req, res);
+                    });
+                }
+            }
        });
 };
--- a/models/userModel.js
+++ b/models/userModel.js
@@ -12,10 +12,14 @@ var userSchema = new Schema({
    avatar:   { type: String, default: "img/avatars/racoon.png" },
    faircoinString:   { type: String, default: "faircoin wallet" },
    faircoin:   { type: String, default: "img/faircoinpublickey_sample.png" },
-    email:   { type: String, required: true },
+    email:   { type: String, required: true, select: false },
    phone: { type: String },
    telegram: { type: String },
    validated: { type: Boolean, default: false },
+    validatedBy: {
+        type: mongoose.Schema.Types.ObjectId,
+        ref: 'adminModel'
+    },
    valorations: [{
        user: {
            type: mongoose.Schema.Types.ObjectId,