modify password ok
This commit is contained in:
simplonco
@@ -140,8 +140,11 @@ export class ChatController {
|
||||
|
||||
if (room.protection)
|
||||
{
|
||||
let message = `${req.user.username} changed the password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await this.chatService.addPassword(req.user.username, room, socket);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
}
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
@@ -255,8 +258,56 @@ export class ChatController {
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} changed the password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
room.protection = true;
|
||||
await this.chatService.setPassword(req.user.username, message, room, old_password);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await this.chatService.addPassword(req.user.username, room, socket, old_password);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Post('addpassword')
|
||||
async addPassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} added a password`;
|
||||
room.allowed_users = [req.user.username];
|
||||
room.protection = true;
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
printCaller("- out ");
|
||||
}
|
||||
|
||||
@UseGuards(AuthenticateGuard)
|
||||
@UseGuards(TwoFactorGuard)
|
||||
@Delete('removepassword')
|
||||
async removePassword(@Body() room: roomDto, @Req() req, @Res() res): Promise<void>
|
||||
{
|
||||
printCaller("- in ");
|
||||
|
||||
let message = `${req.user.username} removed a new password`;
|
||||
room.allowed_users = [];
|
||||
room.protection = false;
|
||||
await this.chatService.setPassword(req.user.username, message, room);
|
||||
|
||||
// inform other connected users
|
||||
let socket: socketDto = this.chatGateway.sockets.get(req.user.username);
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
const ret_room = this.format_room(room);
|
||||
res.status(HttpStatus.OK).json({ room: ret_room });
|
||||
|
||||
@@ -206,6 +206,60 @@ export class ChatService {
|
||||
await this.chatroomRepository.save(room_db);
|
||||
}
|
||||
|
||||
async setPassword(username: string, message: string, room: roomDto, old_password?: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
if (room.type === 'direct')
|
||||
{
|
||||
console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'");
|
||||
throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
|
||||
const current_room = await this.getRoomByName(room.name);
|
||||
|
||||
if (!room.password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'NO_PASSWORD', message: 'this room has no password protection'");
|
||||
throw new HttpException({ error: true, code: 'NO_PASSWORD', message: `this room has no password protection` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
if (current_room.protection)
|
||||
{
|
||||
if (room.protection && !old_password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'MISSING_OLD_PASSWORD', message: 'you need to provide the old password to set a new one'");
|
||||
throw new HttpException({ error: true, code: 'MISSING_OLD_PASSWORD', message: `you need to provide the old password to set a new one` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
if (old_password)
|
||||
{
|
||||
const is_match = await bcrypt.compare(old_password, current_room.hash);
|
||||
if (!is_match)
|
||||
{
|
||||
printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`);
|
||||
throw new HttpException({ error: true, code: 'BAD_PASSWORD', message: `you provided a bad password` }, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const saltOrRounds = 10;
|
||||
const password = room.password;
|
||||
let hash: string;
|
||||
if (room.protection)
|
||||
hash = await bcrypt.hash(password, saltOrRounds);
|
||||
|
||||
// add password to chatroom
|
||||
current_room.allowed_users = room.allowed_users;
|
||||
current_room.protection = room.protection;
|
||||
if (room.protection)
|
||||
current_room.hash = hash;
|
||||
else
|
||||
delete current_room.hash;
|
||||
current_room.messages.push({ name: "SERVER", message: message });
|
||||
await this.chatroomRepository.save(current_room);
|
||||
|
||||
printCaller("-- out ");
|
||||
}
|
||||
|
||||
|
||||
/* ADDERS *************************************************
|
||||
*/
|
||||
@@ -252,57 +306,6 @@ export class ChatService {
|
||||
return room;
|
||||
}
|
||||
|
||||
async addPassword(username: string, room: roomDto, socket:socketDto, old_password?: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
if (room.type === 'direct')
|
||||
{
|
||||
console.log("throw error: error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: 'you cannot set a password in a direct message room'");
|
||||
throw new HttpException({ error: true, code: 'DIRECT_PASSWORD_FORBIDDEN', message: `you cannot set a password in a direct message room` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
|
||||
const current_room = await this.getRoomByName(room.name);
|
||||
|
||||
let message = `${username} set a new password`;
|
||||
|
||||
if (current_room.protection)
|
||||
{
|
||||
if (!old_password)
|
||||
{
|
||||
console.log("throw error: error: true, code: 'MISSING_OLD_PASSWORD', message: 'you need to provide the old password to set a new one'");
|
||||
throw new HttpException({ error: true, code: 'MISSING_OLD_PASSWORD', message: `you need to provide the old password to set a new one` }, HttpStatus.FORBIDDEN);
|
||||
}
|
||||
const is_match = await bcrypt.compare(old_password, current_room.hash);
|
||||
if (!is_match)
|
||||
{
|
||||
printCaller(`throw error: error: true, code: 'BAD_PASSWORD', message: 'you provided a bad password'`);
|
||||
throw new HttpException({ error: true, code: 'BAD_PASSWORD', message: `you provided a bad password` }, HttpStatus.BAD_REQUEST);
|
||||
}
|
||||
}
|
||||
|
||||
const saltOrRounds = 10;
|
||||
const password = room.password;
|
||||
let hash = await bcrypt.hash(password, saltOrRounds);
|
||||
|
||||
// add password to chatroom
|
||||
if (!current_room.allowed_users.includes(username))
|
||||
current_room.allowed_users.push(username);
|
||||
current_room.protection = true;
|
||||
current_room.hash = hash;
|
||||
current_room.messages.push({ name: "SERVER", message: message });
|
||||
await this.chatroomRepository.save(current_room);
|
||||
|
||||
console.log("current_room:", current_room);
|
||||
const all_rooms = await this.getAllRooms();
|
||||
console.log("all_rooms:", all_rooms);
|
||||
|
||||
// inform other connected users
|
||||
await socket.to(socket.room).emit('message', "SERVER", message);
|
||||
|
||||
printCaller("-- out ");
|
||||
}
|
||||
|
||||
async addMessageToRoom(room_name: string, username: string, message: string): Promise<void>
|
||||
{
|
||||
printCaller("-- in ");
|
||||
|
||||
Reference in New Issue
Block a user