From 5f61486a20364400bcd358caf0089373334e7776 Mon Sep 17 00:00:00 2001 From: arnaucode Date: Sun, 3 Sep 2017 17:03:02 +0200 Subject: [PATCH] validate user stores admin who validates, and fixed change password --- controllers/adminController.js | 2 ++ controllers/userController.js | 35 +++++++++++++++++++++++++++------- models/userModel.js | 6 +++++- 3 files changed, 35 insertions(+), 8 deletions(-) diff --git a/controllers/adminController.js b/controllers/adminController.js index 26d36f4..56f312a 100644 --- a/controllers/adminController.js +++ b/controllers/adminController.js @@ -532,6 +532,7 @@ exports.validateUser = function(req, res) { .exec(function(err, user) { if (err) return res.send(500, err.message); user.validated = true; + user.validatedBy = admin._id; user.save(function(err, user) { if (err) return res.send(500, err.message); @@ -560,6 +561,7 @@ exports.unvalidateUser = function(req, res) { .exec(function(err, user) { if (err) return res.send(500, err.message); user.validated = false; + user.validatedBy = admin._id; user.save(function(err, user) { if (err) return res.send(500, err.message); diff --git a/controllers/userController.js b/controllers/userController.js index 051ef15..8cfd313 100644 --- a/controllers/userController.js +++ b/controllers/userController.js @@ -169,6 +169,7 @@ exports.getUserById = function(req, res) { _id: req.params.userid }) .lean() + .populate('validatedBy', 'username') .populate('travels', 'title from to date type') .exec(function(err, user) { if (err) return res.send(500, err.message); @@ -575,12 +576,32 @@ exports.doUnfav = function(req, res) { }); }; exports.changePassword = function(req, res) { - //if(req.body.) - userModel.update({ - 'token': req.headers['x-access-token'] - }, req.body, - function(err) { - if (err) return console.log(err); - exports.getUserByToken(req, res); + console.log(req.body); + userModel.findOne({ + 'token': req.headers['x-access-token'], + 'password': crypto.createHash('sha256').update(req.body.old).digest('base64') + }) + .exec(function(err, user) { + if (err) return res.send(500, err.message); + if (!user) { + res.json({ + success: false, + message: 'User not found.' + }); + } else if (user) { + if (req.body.new1 != req.body.new2) { + res.json({ + success: false, + message: 'New passwords not match' + }); + }else{ + user.password = crypto.createHash('sha256').update(req.body.new1).digest('base64'); + user.save(function(err, user) { + if (err) return res.send(500, err.message); + + exports.getUserByToken(req, res); + }); + } + } }); }; diff --git a/models/userModel.js b/models/userModel.js index 40b461e..3930c93 100644 --- a/models/userModel.js +++ b/models/userModel.js @@ -12,10 +12,14 @@ var userSchema = new Schema({ avatar: { type: String, default: "img/avatars/racoon.png" }, faircoinString: { type: String, default: "faircoin wallet" }, faircoin: { type: String, default: "img/faircoinpublickey_sample.png" }, - email: { type: String, required: true }, + email: { type: String, required: true, select: false }, phone: { type: String }, telegram: { type: String }, validated: { type: Boolean, default: false }, + validatedBy: { + type: mongoose.Schema.Types.ObjectId, + ref: 'adminModel' + }, valorations: [{ user: { type: mongoose.Schema.Types.ObjectId,