modify password ok
This commit is contained in:
simplonco
@@ -81,7 +81,7 @@
|
||||
- [/] leave room
|
||||
- [/] leave direct impossible
|
||||
- [/] protect room with password
|
||||
- [ ] add and change password in room
|
||||
- [/] add, change, and remove password in room
|
||||
- [ ] make admin
|
||||
- [ ] ban
|
||||
- [ ] mute
|
||||
|
||||
@@ -140,8 +140,11 @@ export class ChatController {
|
||||
|
||||
if (room.protection)
|
||||
{
|
||||
let message = `${req.user.username} changed the password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await this.chatService.addPassword(req.user.username, room, socket);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
}
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
@@ -255,8 +258,56 @@ export class ChatController {
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} changed the password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
room.protection = true;
|
||||
await this.chatService.setPassword(req.user.username, message, room, old_password);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await this.chatService.addPassword(req.user.username, room, socket, old_password);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Post('addpassword')
|
||||
async addPassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} added a password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
room.protection = true;
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Delete('removepassword')
|
||||
async removePassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} removed a new password`;
|
||||
room.allowed_users = [];
|
||||
room.protection = false;
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
|
||||
@@ -206,6 +206,60 @@ export class ChatService {
|
||||
await this.chatroomRepository.save(room_db);
|
||||
}
|
||||
|
||||
async setPassword(username: string, message: string, room: roomDto, old_password?: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
if (room.type === 'direct')
|
||||
{
|
||||
console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'");
|
||||
throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
|
||||
const current_room = await this.getRoomByName(room.name);
|
||||
|
||||
if (!room.password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'NO_PASSWORD', message: 'this room has no password protection'");
|
||||
throw new HttpException({ error: true, code: 'NO_PASSWORD', message: `this room has no password protection` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
if (current_room.protection)
|
||||
{
|
||||
if (room.protection && !old_password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'MISSING_OLD_PASSWORD', message: 'you need to provide the old password to set a new one'");
|
||||
throw new HttpException({ error: true, code: 'MISSING_OLD_PASSWORD', message: `you need to provide the old password to set a new one` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
if (old_password)
|
||||
{
|
||||
const is_match = await bcrypt.compare(old_password, current_room.hash);
|
||||
if (!is_match)
|
||||
{
|
||||
printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`);
|
||||
throw new HttpException({ error: true, code: 'BAD_PASSWORD', message: `you provided a bad password` }, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const saltOrRounds = 10;
|
||||
const password = room.password;
|
||||
let hash: string;
|
||||
if (room.protection)
|
||||
hash = await bcrypt.hash(password, saltOrRounds);
|
||||
|
||||
// add password to chatroom
|
||||
current_room.allowed_users = room.allowed_users;
|
||||
current_room.protection = room.protection;
|
||||
if (room.protection)
|
||||
current_room.hash = hash;
|
||||
else
|
||||
delete current_room.hash;
|
||||
current_room.messages.push({ name: "SERVER", message: message });
|
||||
await this.chatroomRepository.save(current_room);
|
||||
|
||||
printCaller("-- out ");
|
||||
}
|
||||
|
||||
|
||||
/* ADDERS *************************************************
|
||||
*/
|
||||
@@ -252,57 +306,6 @@ export class ChatService {
|
||||
return room;
|
||||
}
|
||||
|
||||
async addPassword(username: string, room: roomDto, socket:socketDto, old_password?: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
if (room.type === 'direct')
|
||||
{
|
||||
console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'");
|
||||
throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
|
||||
const current_room = await this.getRoomByName(room.name);
|
||||
|
||||
let message = `${username} set a new password`;
|
||||
|
||||
if (current_room.protection)
|
||||
{
|
||||
if (!old_password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'MISSING_OLD_PASSWORD', message: 'you need to provide the old password to set a new one'");
|
||||
throw new HttpException({ error: true, code: 'MISSING_OLD_PASSWORD', message: `you need to provide the old password to set a new one` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
const is_match = await bcrypt.compare(old_password, current_room.hash);
|
||||
if (!is_match)
|
||||
{
|
||||
printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`);
|
||||
throw new HttpException({ error: true, code: 'BAD_PASSWORD', message: `you provided a bad password` }, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
|
||||
const saltOrRounds = 10;
|
||||
const password = room.password;
|
||||
let hash = await bcrypt.hash(password, saltOrRounds);
|
||||
|
||||
// add password to chatroom
|
||||
if (!current_room.allowed_users.includes(username))
|
||||
current_room.allowed_users.push(username);
|
||||
current_room.protection = true;
|
||||
current_room.hash = hash;
|
||||
current_room.messages.push({ name: "SERVER", message: message });
|
||||
await this.chatroomRepository.save(current_room);
|
||||
|
||||
console.log("current_room:", current_room);
|
||||
const all_rooms = await this.getAllRooms();
|
||||
console.log("all_rooms:", all_rooms);
|
||||
|
||||
// inform other connected users
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
printCaller("-- out ");
|
||||
}
|
||||
|
||||
async addMessageToRoom(room_name: string, username: string, message: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
@@ -67,6 +67,9 @@
|
||||
<RoomsetLayout back={layouts[1]} />
|
||||
|
||||
{:else if $layout === "password"}
|
||||
<PasswordLayout back={layouts[1]} />
|
||||
|
||||
{:else if $layout === "add_password"}
|
||||
<PasswordLayout back={layouts[1]} mode="add" />
|
||||
|
||||
{:else if $layout === "change_password"}
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
<script lang="ts">
|
||||
|
||||
import { layout, current_room } from './Store_chat';
|
||||
import { change_room, send_password } from './Request_rooms';
|
||||
import { change_room, validate_password, change_password, add_password, remove_password } from './Request_rooms';
|
||||
import { FetchResponse } from './Types_chat';
|
||||
import Button from './Element_button.svelte';
|
||||
import Warning from './Element_warning.svelte';
|
||||
|
||||
export let back = "";
|
||||
export let mode = "add";
|
||||
export let mode = "validate";
|
||||
|
||||
let password_state = "";
|
||||
if (mode === 'change')
|
||||
@@ -16,6 +16,7 @@
|
||||
password_state = "current";
|
||||
|
||||
let room_password: string;
|
||||
let room_old_password: string;
|
||||
let response: FetchResponse;
|
||||
let show_error = false;
|
||||
|
||||
@@ -31,12 +32,21 @@
|
||||
let room = {
|
||||
name: $current_room.name,
|
||||
type: $current_room.type,
|
||||
protection: true,
|
||||
password: room_password,
|
||||
};
|
||||
room.protection = true;
|
||||
if (mode === 'remove')
|
||||
room.protection = false;
|
||||
|
||||
// send password
|
||||
response = await send_password(room);
|
||||
if (mode === 'validate')
|
||||
response = await validate_password(room);
|
||||
if (mode === 'add')
|
||||
response = await add_password(room);
|
||||
if (mode === 'change')
|
||||
response = await change_password(room, room_old_password);
|
||||
if (mode === 'remove')
|
||||
response = await remove_password(room);
|
||||
|
||||
// go to room
|
||||
if (response.status >= 300 || response.error)
|
||||
@@ -72,8 +82,8 @@
|
||||
<Warning content={response.message}/>
|
||||
{/if}
|
||||
{#if mode === 'change'}
|
||||
<label for="chat_pswd"><p>enter old password :</p></label>
|
||||
<input id="chat_pswd" bind:value={room_password} type="password" placeholder="minimum 8 characters" minlength="8" name="password" required>
|
||||
<label for="chat_old_pswd"><p>enter old password :</p></label>
|
||||
<input id="chat_old_pswd" bind:value={room_old_password} type="password" placeholder="minimum 8 characters" minlength="8" name="old_password" required>
|
||||
{/if}
|
||||
<label for="chat_pswd"><p>enter {password_state} password :</p></label>
|
||||
<input id="chat_pswd" bind:value={room_password} type="password" placeholder="minimum 8 characters" minlength="8" name="password" required>
|
||||
|
||||
@@ -60,7 +60,7 @@
|
||||
remove password
|
||||
</Button>
|
||||
{:else}
|
||||
<Button new_layout="password">
|
||||
<Button new_layout="add_password">
|
||||
add password
|
||||
</Button>
|
||||
{/if}
|
||||
|
||||
@@ -60,14 +60,52 @@ console.log("room returned from change:", response.room);
|
||||
layout.set("room");
|
||||
}
|
||||
|
||||
export async function validate_password(room: Room)
|
||||
{
|
||||
console.log("in validate_password");
|
||||
|
||||
export async function send_password(room: Room)
|
||||
console.log("room sent to validate password:", room);
|
||||
let response: FetchResponse = await fetch_chat_request('passwordauth', FetchMethod.POST, room);
|
||||
console.log("room returned from validate password:", response.room);
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
export async function add_password(room: Room)
|
||||
{
|
||||
console.log("in add_password");
|
||||
|
||||
console.log("room sent to add password:", room);
|
||||
let response: FetchResponse = await fetch_chat_request('addpassword', FetchMethod.POST, room);
|
||||
console.log("room returned from add password:", response.room);
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
export async function change_password(room: Room, old_password: string)
|
||||
{
|
||||
console.log("in send_password");
|
||||
|
||||
console.log("room sent to set password:", room);
|
||||
let response: FetchResponse = await fetch_chat_request('passwordauth', FetchMethod.POST, room);
|
||||
console.log("room returned from set password:", response.room);
|
||||
let request_body =
|
||||
{
|
||||
room: room,
|
||||
old_password: old_password,
|
||||
}
|
||||
|
||||
console.log("room sent to change password:", room);
|
||||
let response: FetchResponse = await fetch_chat_request('changepassword', FetchMethod.POST, request_body);
|
||||
console.log("room returned from change password:", response.room);
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
export async function remove_password(room: Room)
|
||||
{
|
||||
console.log("in send_password");
|
||||
|
||||
console.log("room sent to remove password:", room);
|
||||
let response: FetchResponse = await fetch_chat_request('removepassword', FetchMethod.DELETE, room);
|
||||
console.log("room returned from remove password:", response.room);
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
@@ -28,6 +28,6 @@ export enum FetchMethod
|
||||
{
|
||||
POST = 'POST',
|
||||
GET = 'GET',
|
||||
LEAVE = 'LEAVE',
|
||||
DELETE = 'DELETE',
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user