+
+ return res
+ .json({
+ avatar: avatar.toFormattedJSON()
+ })
+ .end()
+}
+
+async function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+ const body: UserUpdate = req.body
+ const user = res.locals.user as UserModel
+ const roleChanged = body.role !== undefined && body.role !== user.role
+
+ if (body.email !== undefined) user.email = body.email
+ if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
+ if (body.role !== undefined) user.role = body.role
+
+ await user.save()
+
+ // Destroy user token to refresh rights
+ if (roleChanged) {
+ await OAuthTokenModel.deleteUserToken(user.id)
+ }
+
+ // Don't need to send this update to followers, these attributes are not propagated
+
+ return res.sendStatus(204)
+}
+
+async function askResetUserPassword (req: express.Request, res: express.Response, next: express.NextFunction) {
+ const user = res.locals.user as UserModel
+
+ const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id)
+ const url = CONFIG.WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString
+ await Emailer.Instance.addForgetPasswordEmailJob(user.email, url)
+
+ return res.status(204).end()
+}
+
+async function resetUserPassword (req: express.Request, res: express.Response, next: express.NextFunction) {
+ const user = res.locals.user as UserModel
+ user.password = req.body.password
+
+ await user.save()
+
+ return res.status(204).end()