Skip to content

Commit

Permalink
Merge pull request #45 from vnma0/pwd-route
Browse files Browse the repository at this point in the history
Move change password route
  • Loading branch information
enbugging authored Feb 27, 2019
2 parents 9982746 + b0ca5d9 commit 571f95b
Showing 1 changed file with 26 additions and 21 deletions.
47 changes: 26 additions & 21 deletions src/routes/users.js
Original file line number Diff line number Diff line change
Expand Up @@ -17,27 +17,32 @@ router.get("/", (req, res) => {
res.redirect(req.baseUrl + "/" + req.user._id);
});

router
.route("/:userid")
.all((req, res, next) => {
if (req.user._id !== req.params.userid) res.sendStatus(403);
else next();
})
.get((req, res) => {
const userId = req.user._id;
readUserByID(userId).then(
(docs) => {
res.send(docs);
},
(err) => {
res.status(400).json(err.message);
}
const verifyUserId = (req, res, next) => {
if (req.user._id !== req.params.userid) res.sendStatus(403);
else next();
};

router.get("/:userid", verifyUserId, (req, res) => {
const userId = req.user._id;
readUserByID(userId).then(
(docs) => {
res.send(docs);
},
(err) => {
res.status(400).json(err.message);
}
);
});

router.put("/:userid/password", verifyUserId, (req, res) => {
// Allow changing password only
const user = req.user;
const form = req.body;
if (form.password === form.newPassword)
res.status(400).send(
"New password cannot be the same with old password"
);
})
.put((req, res) => {
// Allow changing password only
const user = req.user;
const form = req.body;
else
updateUserPassword(user._id, form.password, form.newPassword)
.then((docs) => {
// Logout after successfully changing password
Expand All @@ -47,6 +52,6 @@ router
.catch((err) => {
res.status(400).json(err.message);
});
});
});

module.exports = router;

0 comments on commit 571f95b

Please sign in to comment.