From 6df71a73d59cb8c6544a223327131f02de9e3438 Mon Sep 17 00:00:00 2001
From: Richard Fernando Heise Ferreira <rfhf19@inf.ufpr.br>
Date: Mon, 3 Feb 2020 11:18:19 -0300
Subject: [PATCH] Issue #63: Add route to change password
---
CHANGELOG.md | 8 ++++-
package.json | 2 +-
src/api/controllers/form.spec.ts | 2 +-
src/api/controllers/user.spec.ts | 38 +++++++++++++++++++-
src/api/controllers/user.ts | 59 ++++++++++++++++++++++++++++++++
src/main.ts | 1 +
6 files changed, 106 insertions(+), 4 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2fbcc98..c354f63 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,12 +4,18 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## 1.1.9 - 03-02-2020
+### Added
+- Route to change an user's password #63 (Richard Heise)
+## Changed
+- Delete route now has the token validation
+
## 1.1.8 - 30-01-2020
### Added
- Route to assign users to forms #60 (Richard Heise)
## Changed
- Route to write a form now has an extra stage in the waterfall
-- THis stage assigns the user to a form by ID
+- This stage assigns the user to a form by ID
## 1.1.7 - 29-01-2020
### Added
diff --git a/package.json b/package.json
index c65f3c2..4925080 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "form-creator-api",
- "version": "1.1.8",
+ "version": "1.1.9",
"description": "RESTful API used to manage and answer forms.",
"main": "index.js",
"scripts": {
diff --git a/src/api/controllers/form.spec.ts b/src/api/controllers/form.spec.ts
index de86a1a..a413be6 100644
--- a/src/api/controllers/form.spec.ts
+++ b/src/api/controllers/form.spec.ts
@@ -87,7 +87,7 @@ describe("Initial test User", () => {
expect(res.body.message).to.be.equal("Authentication successful.");
testToken = res.body.token;
})
- .end(done);
+ .end(done);
});
})
diff --git a/src/api/controllers/user.spec.ts b/src/api/controllers/user.spec.ts
index 593c169..3787cd1 100644
--- a/src/api/controllers/user.spec.ts
+++ b/src/api/controllers/user.spec.ts
@@ -165,6 +165,24 @@ describe ("API data controller", () => {
})
.end(done);
});
+
+ it("Should respond 200 when changing an user's password", (done) => {
+
+ request(server)
+ .put("/user/changePassword")
+ .set("Authorization", "bearer " + testToken)
+ .send({
+ hash: "changed_pw_hashing"
+ })
+ .expect(200)
+
+ .expect((res: any) => {
+ expect(res.body).to.be.an("object");
+ expect(res.body.message).to.be.an("string");
+ expect(res.body.message).to.be.eql("Password changed with sucess.");
+ })
+ .end(done);
+ });
it("Should respond 200 when deleting an user from the database", (done) => {
@@ -197,7 +215,6 @@ describe ("API data controller", () => {
.end(done);
});
-
it("Should respond 500 when failing to delete an user by incompatible ID", (done) => {
request(server)
@@ -212,4 +229,23 @@ describe ("API data controller", () => {
})
.end(done);
});
+
+ it("Should respond 500 when failing to change a password", (done) => {
+
+ request(server)
+ .put("/user/changePassword")
+ .set("Authorization", "bearer "+ testToken)
+ .send({
+ hash: "changed_pw_hashing"
+ })
+ .expect(500)
+
+ .expect((res: any) => {
+ expect(res.body).to.be.an("object");
+ expect(res.body.message).to.be.an("string");
+ expect(res.body.message).to.be.eql("Some error has ocurred. Check error property for details.")
+ expect(res.body.error).to.be.eql("Bad amount of ids returned: found '0' should be 1");
+ })
+ .end(done);
+ });
});
diff --git a/src/api/controllers/user.ts b/src/api/controllers/user.ts
index 772c5d1..8c3585c 100644
--- a/src/api/controllers/user.ts
+++ b/src/api/controllers/user.ts
@@ -172,4 +172,63 @@ export class UserCtrl {
});
});
}
+
+ public static changePassword (req: Request, res: Response, next: NextFunction) {
+
+ let newUser: User;
+
+ waterfall ([
+ (callback: (err: Error, password?: string) => void) => {
+ bcrypt.hash(req.body.hash, 10, (err: Error, hashedPw: string) => {
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ callback(null, hashedPw);
+ });
+ },
+ (password: string, callback: (err: Error, user?: User) => void) => {
+ req.db.user.read(Object(req.userData).id, (err: Error, user?: User) => {
+
+ if (err) {
+ callback(err);
+ return;
+ }
+
+ try {
+ newUser = new User(OptHandler.User(user, password));
+ } catch (err) {
+ callback(err);
+ return;
+ }
+ callback(null, newUser);
+ });
+ },
+ (user: User, callback: (err: Error) => void) => {
+ req.db.user.update(user, (err: Error) => {
+ if (err) {
+ callback(err);
+ return;
+ } else {
+ res.json({
+ message: "Password changed with sucess."
+ });
+ callback(null);
+ return;
+ }
+ });
+ }
+
+ ], (error: Error) => {
+ if (error) {
+ res.status(500).json({
+ message: "Some error has ocurred. Check error property for details.",
+ error: error.message
+ });
+ return;
+ }
+ return;
+ });
+ }
}
\ No newline at end of file
diff --git a/src/main.ts b/src/main.ts
index 569a1c3..67b1f27 100755
--- a/src/main.ts
+++ b/src/main.ts
@@ -58,6 +58,7 @@ app.post("/answer/:id", AnswerCtrl.write);
app.post("/user/signUp", UserCtrl.signUp);
app.post("/user/signIn", UserCtrl.signIn);
app.delete("/user/deleteData/:id", tokenValidation(), UserCtrl.deleteData);
+app.put("/user/changePassword", tokenValidation(), UserCtrl.changePassword);
// Listening
--
GitLab