Move logic out of User and Classes controllers
into RestWriter
This commit is contained in:
Arthur Cinader
@@ -9,15 +9,6 @@ var RestQuery = require('../RestQuery');
|
|||||||
var Auth = require('../Auth');
|
var Auth = require('../Auth');
|
||||||
|
|
||||||
export class UserController extends AdaptableController {
|
export class UserController extends AdaptableController {
|
||||||
// Add token delete operations to a rest update object
|
|
||||||
static addClearPasswordResetTokenToRestObject(restObject) {
|
|
||||||
const addOps = {
|
|
||||||
_perishable_token: { __op: 'Delete' },
|
|
||||||
_perishable_token_expires_at: { __op: 'Delete' },
|
|
||||||
};
|
|
||||||
return Object.assign({}, restObject, addOps);
|
|
||||||
}
|
|
||||||
|
|
||||||
constructor(adapter, appId, options = {}) {
|
constructor(adapter, appId, options = {}) {
|
||||||
super(adapter, appId, options);
|
super(adapter, appId, options);
|
||||||
}
|
}
|
||||||
@@ -305,7 +296,7 @@ function updateUserPassword(userId, password, config) {
|
|||||||
Auth.master(config),
|
Auth.master(config),
|
||||||
'_User',
|
'_User',
|
||||||
{ objectId: userId },
|
{ objectId: userId },
|
||||||
UserController.addClearPasswordResetTokenToRestObject({ password })
|
{ password: password }
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -95,6 +95,9 @@ RestWrite.prototype.execute = function() {
|
|||||||
.then(() => {
|
.then(() => {
|
||||||
return this.runBeforeTrigger();
|
return this.runBeforeTrigger();
|
||||||
})
|
})
|
||||||
|
.then(() => {
|
||||||
|
return this.deleteEmailRestTokenIfNeeded();
|
||||||
|
})
|
||||||
.then(() => {
|
.then(() => {
|
||||||
return this.validateSchema();
|
return this.validateSchema();
|
||||||
})
|
})
|
||||||
@@ -745,6 +748,22 @@ RestWrite.prototype.createSessionToken = function() {
|
|||||||
return createSession();
|
return createSession();
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Delete email reset tokens if user is changing password or email.
|
||||||
|
RestWrite.prototype.deleteEmailRestTokenIfNeeded = function() {
|
||||||
|
if (this.className !== '_User' || this.query === null) {
|
||||||
|
// null query means create
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ('password' in this.data || 'email' in this.data) {
|
||||||
|
const addOps = {
|
||||||
|
_perishable_token: { __op: 'Delete' },
|
||||||
|
_perishable_token_expires_at: { __op: 'Delete' },
|
||||||
|
};
|
||||||
|
this.data = Object.assign(this.data, addOps);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
RestWrite.prototype.destroyDuplicatedSessions = function() {
|
RestWrite.prototype.destroyDuplicatedSessions = function() {
|
||||||
// Only for _Session, and at creation time
|
// Only for _Session, and at creation time
|
||||||
if (this.className != '_Session' || this.query) {
|
if (this.className != '_Session' || this.query) {
|
||||||
|
|||||||
@@ -105,27 +105,14 @@ export class ClassesRouter extends PromiseRouter {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
// always clear password reset token on email address change
|
|
||||||
beforeUpdate(req) {
|
|
||||||
const { body } = req;
|
|
||||||
if (this.className(req) === '_User' && 'email' in body) {
|
|
||||||
const { userController } = req.config;
|
|
||||||
return userController.constructor.addClearPasswordResetTokenToRestObject(
|
|
||||||
body
|
|
||||||
);
|
|
||||||
}
|
|
||||||
return body;
|
|
||||||
}
|
|
||||||
|
|
||||||
handleUpdate(req) {
|
handleUpdate(req) {
|
||||||
const body = this.beforeUpdate(req);
|
|
||||||
const where = { objectId: req.params.objectId };
|
const where = { objectId: req.params.objectId };
|
||||||
return rest.update(
|
return rest.update(
|
||||||
req.config,
|
req.config,
|
||||||
req.auth,
|
req.auth,
|
||||||
this.className(req),
|
this.className(req),
|
||||||
where,
|
where,
|
||||||
body,
|
req.body,
|
||||||
req.info.clientSDK
|
req.info.clientSDK
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user