pw reset done

2025-11-25 13:24:24 +00:00 · 2023-08-10 13:54:17 +02:00
parent dfda842c7b
commit 0735224dd1
10 changed files with 148 additions and 14 deletions
--- a/src/server/backend/api/getHandler.js
+++ b/src/server/backend/api/getHandler.js
@@ -38,6 +38,8 @@ class GETHandler {
                }
            } else if ( call === 'getName' ) {
                resolve( { 'name': settings.name } );
+            } else {
+                reject( { 'code': 404, 'message': 'Route not found' } );
            }
        } );
    }
--- a/src/server/backend/api/postHandler.js
+++ b/src/server/backend/api/postHandler.js
@@ -10,6 +10,7 @@
 const path = require( 'path' );
 const db = require( '../db/db.js' );
 const fs = require( 'fs' );
+const pwHandler = require( '../credentials/pwdmanager.js' );

 class POSTHandler {
    constructor () {
@@ -153,6 +154,18 @@ class POSTHandler {
                    console.error( error );
                    reject( { 'code': 500, 'message': 'ERR_DB' } );
                } );
+            } else if ( call === 'resetPW' ) {
+                pwHandler.resetPassword( data.email ).then( () => {
+                    resolve( 'ok' );
+                } ).catch( error => {
+                    if ( error.code ) {
+                        reject( error );
+                    } else {
+                        reject( { 'code': 500, 'message': error } );
+                    }
+                } );
+            } else {
+                reject( { 'code': 404, 'message': 'Route not found' } );
            }
        } );
    }
--- a/src/server/backend/credentials/2fa.js
+++ b/src/server/backend/credentials/2fa.js
@@ -65,13 +65,7 @@ class TwoFA {
        else return 'invalid';
    }

-    generatePwdChangeToken () {
-        // TODO: Gen token and store in store
-        return 'test';
-    }
-
    async generateTwoFAMail ( token, ip, domain, pageName ) {
-        const tok = this.generatePwdChangeToken();
        const app = createSSRApp( {
            data() {
                return {
@@ -79,7 +73,6 @@ class TwoFA {
                    ip: ip,
                    host: domain,
                    pageName: pageName,
-                    pwdChangeToken: tok,
                };
            },
            template: '' + fs.readFileSync( path.join( __dirname + '/twoFAMail.html' ) )
--- a/src/server/backend/credentials/pwdmanager.js
+++ b/src/server/backend/credentials/pwdmanager.js
@@ -15,6 +15,15 @@
 // import and init
 const bcrypt = require( 'bcrypt' );
 const db = require( '../db/db.js' );
+const mm = require( '../mail/mailSender.js' );
+const mailManager = new mm();
+const fs = require( 'fs' );
+const path = require( 'path' );
+const token = require( '../token.js' );
+let createSSRApp = require( 'vue' ).createSSRApp;
+let renderToString = require( 'vue/server-renderer' ).renderToString;
+
+const settings = JSON.parse( fs.readFileSync( path.join( __dirname + '/../../config/settings.config.json' ) ) );

 module.exports.checkpassword = function checkpassword ( email, password ) {
    return new Promise( resolve => {
@@ -38,4 +47,33 @@ module.exports.hashPassword = ( password ) => {
    return new Promise( resolve => {
        resolve( bcrypt.hashSync( password, 10 ) );
    } );
+};
+
+module.exports.resetPassword = ( email ) => {
+    return new Promise( ( resolve, reject ) => { 
+        db.checkDataAvailability( 'users', 'email', email ).then( dat => {
+            if ( dat ) {
+                const newPW = token.generateToken( 20 );
+                this.hashPassword( newPW ).then( hash => {
+                    ( async () => {
+                        db.writeDataSimple( 'users', 'email', email, { 'pass': hash } );
+                        const app = createSSRApp( {
+                            data() {
+                                return {
+                                    password: newPW,
+                                    host: settings.yourDomain
+                                };
+                            },
+                            template: '' + fs.readFileSync( path.join( __dirname + '/../../ui/en/signup/pwReset.html' ) )
+                        } );
+                        
+                        mailManager.sendMail( email, await renderToString( app ), 'Password reset', settings.mailSender );
+                        resolve( 'ok' );
+                    } )();
+                } );
+            } else {
+                reject( { 'code': 404, 'message': 'ERR_USER_NOT_FOUND' } );
+            }
+        } );
+    } );
 };
--- a/src/server/backend/credentials/twoFAMail.html
+++ b/src/server/backend/credentials/twoFAMail.html
@@ -62,7 +62,7 @@
        <div class="content">
            <img :src="host + '/otherAssets/logo.png'" alt="Logo" class="logo">
            <h1>Welcome back!</h1>
-            <p>It looks like someone is trying to sign in to your account at {{ pageName }}. If it was you, please click the button below to confirm the login. If not, please <a :href="host + '/account/changePassword?token=' + pwdChangeToken">change</a> your password immediately.</p>
+            <p>It looks like someone is trying to sign in to your account at {{ pageName }}. If it was you, please click the button below to confirm the login. If not, please change your password immediately.</p>
            <p class="ip">Logging in from IP {{ ip }}.</p>
            <a :href="host + '/user/2fa?token=' + token" class="verify">Verify</a>
        </div>