diff options
Diffstat (limited to 'server/controllers/api')
-rw-r--r-- | server/controllers/api/users.ts | 39 |
1 files changed, 37 insertions, 2 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts index 79bb2665d..05639fbec 100644 --- a/server/controllers/api/users.ts +++ b/server/controllers/api/users.ts | |||
@@ -6,17 +6,23 @@ import { UserCreate, UserRight, UserRole, UserUpdate, UserUpdateMe, UserVideoRat | |||
6 | import { unlinkPromise } from '../../helpers/core-utils' | 6 | import { unlinkPromise } from '../../helpers/core-utils' |
7 | import { retryTransactionWrapper } from '../../helpers/database-utils' | 7 | import { retryTransactionWrapper } from '../../helpers/database-utils' |
8 | import { logger } from '../../helpers/logger' | 8 | import { logger } from '../../helpers/logger' |
9 | import { createReqFiles, getFormattedObjects } from '../../helpers/utils' | 9 | import { createReqFiles, generateRandomString, getFormattedObjects } from '../../helpers/utils' |
10 | import { AVATAR_MIMETYPE_EXT, AVATARS_SIZE, CONFIG, sequelizeTypescript } from '../../initializers' | 10 | import { AVATAR_MIMETYPE_EXT, AVATARS_SIZE, CONFIG, sequelizeTypescript } from '../../initializers' |
11 | import { updateActorAvatarInstance } from '../../lib/activitypub' | 11 | import { updateActorAvatarInstance } from '../../lib/activitypub' |
12 | import { sendUpdateUser } from '../../lib/activitypub/send' | 12 | import { sendUpdateUser } from '../../lib/activitypub/send' |
13 | import { Emailer } from '../../lib/emailer' | ||
14 | import { EmailPayload } from '../../lib/job-queue/handlers/email' | ||
15 | import { Redis } from '../../lib/redis' | ||
13 | import { createUserAccountAndChannel } from '../../lib/user' | 16 | import { createUserAccountAndChannel } from '../../lib/user' |
14 | import { | 17 | import { |
15 | asyncMiddleware, authenticate, ensureUserHasRight, ensureUserRegistrationAllowed, paginationValidator, setDefaultSort, | 18 | asyncMiddleware, authenticate, ensureUserHasRight, ensureUserRegistrationAllowed, paginationValidator, setDefaultSort, |
16 | setDefaultPagination, token, usersAddValidator, usersGetValidator, usersRegisterValidator, usersRemoveValidator, usersSortValidator, | 19 | setDefaultPagination, token, usersAddValidator, usersGetValidator, usersRegisterValidator, usersRemoveValidator, usersSortValidator, |
17 | usersUpdateMeValidator, usersUpdateValidator, usersVideoRatingValidator | 20 | usersUpdateMeValidator, usersUpdateValidator, usersVideoRatingValidator |
18 | } from '../../middlewares' | 21 | } from '../../middlewares' |
19 | import { usersUpdateMyAvatarValidator, videosSortValidator } from '../../middlewares/validators' | 22 | import { |
23 | usersAskResetPasswordValidator, usersResetPasswordValidator, usersUpdateMyAvatarValidator, | ||
24 | videosSortValidator | ||
25 | } from '../../middlewares/validators' | ||
20 | import { AccountVideoRateModel } from '../../models/account/account-video-rate' | 26 | import { AccountVideoRateModel } from '../../models/account/account-video-rate' |
21 | import { UserModel } from '../../models/account/user' | 27 | import { UserModel } from '../../models/account/user' |
22 | import { OAuthTokenModel } from '../../models/oauth/oauth-token' | 28 | import { OAuthTokenModel } from '../../models/oauth/oauth-token' |
@@ -106,6 +112,16 @@ usersRouter.delete('/:id', | |||
106 | asyncMiddleware(removeUser) | 112 | asyncMiddleware(removeUser) |
107 | ) | 113 | ) |
108 | 114 | ||
115 | usersRouter.post('/ask-reset-password', | ||
116 | asyncMiddleware(usersAskResetPasswordValidator), | ||
117 | asyncMiddleware(askResetUserPassword) | ||
118 | ) | ||
119 | |||
120 | usersRouter.post('/:id/reset-password', | ||
121 | asyncMiddleware(usersResetPasswordValidator), | ||
122 | asyncMiddleware(resetUserPassword) | ||
123 | ) | ||
124 | |||
109 | usersRouter.post('/token', token, success) | 125 | usersRouter.post('/token', token, success) |
110 | // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route | 126 | // TODO: Once https://github.com/oauthjs/node-oauth2-server/pull/289 is merged, implement revoke token route |
111 | 127 | ||
@@ -307,6 +323,25 @@ async function updateUser (req: express.Request, res: express.Response, next: ex | |||
307 | return res.sendStatus(204) | 323 | return res.sendStatus(204) |
308 | } | 324 | } |
309 | 325 | ||
326 | async function askResetUserPassword (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
327 | const user = res.locals.user as UserModel | ||
328 | |||
329 | const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) | ||
330 | const url = CONFIG.WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString | ||
331 | await Emailer.Instance.addForgetPasswordEmailJob(user.email, url) | ||
332 | |||
333 | return res.status(204).end() | ||
334 | } | ||
335 | |||
336 | async function resetUserPassword (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
337 | const user = res.locals.user as UserModel | ||
338 | user.password = req.body.password | ||
339 | |||
340 | await user.save() | ||
341 | |||
342 | return res.status(204).end() | ||
343 | } | ||
344 | |||
310 | function success (req: express.Request, res: express.Response, next: express.NextFunction) { | 345 | function success (req: express.Request, res: express.Response, next: express.NextFunction) { |
311 | res.end() | 346 | res.end() |
312 | } | 347 | } |