Ajax password reset (#5332)
* adapted public api route for use with ajax
* Elegant error handling
* Fixed error return
* Public API error flow redone, tests
* Fixed code to pre-build form
* Public API change password return params
* Reverted errors in resetPassword
* Fixed querystring call
* Success test on ajax password reset
* Added few more routes to tests for coverage
* More tests and redone error return slightly
* Updated error text
* Console logs removal, renamed test, added {} to if
* Wrong error sent
* Revert changes
* Revert "Revert changes"
This reverts commit 68ee2c44bf2411ca8b56b039a4d490a7e2f99ae9.
* real revert of {}
* nits and test fix
* fix tests
* throw proper error
This commit is contained in:
moonion
Diamond Lewis
@@ -90,7 +90,7 @@ export class UserController extends AdaptableController {
|
||||
)
|
||||
.then(results => {
|
||||
if (results.length != 1) {
|
||||
throw undefined;
|
||||
throw 'Failed to reset password: username / email / token is invalid';
|
||||
}
|
||||
|
||||
if (
|
||||
@@ -246,7 +246,7 @@ export class UserController extends AdaptableController {
|
||||
return this.checkResetTokenValidity(username, token)
|
||||
.then(user => updateUserPassword(user.objectId, password, this.config))
|
||||
.catch(error => {
|
||||
if (error.message) {
|
||||
if (error && error.message) {
|
||||
// in case of Parse.Error, fail with the error message only
|
||||
return Promise.reject(error.message);
|
||||
} else {
|
||||
|
||||
@@ -4,6 +4,7 @@ import express from 'express';
|
||||
import path from 'path';
|
||||
import fs from 'fs';
|
||||
import qs from 'querystring';
|
||||
import { Parse } from 'parse/node';
|
||||
|
||||
const public_html = path.resolve(__dirname, '../../public_html');
|
||||
const views = path.resolve(__dirname, '../../views');
|
||||
@@ -159,34 +160,67 @@ export class PublicAPIRouter extends PromiseRouter {
|
||||
|
||||
const { username, token, new_password } = req.body;
|
||||
|
||||
if (!username || !token || !new_password) {
|
||||
if ((!username || !token || !new_password) && req.xhr === false) {
|
||||
return this.invalidLink(req);
|
||||
}
|
||||
|
||||
if (!username) {
|
||||
throw new Parse.Error(Parse.Error.USERNAME_MISSING, 'Missing username');
|
||||
}
|
||||
|
||||
if (!token) {
|
||||
throw new Parse.Error(Parse.Error.OTHER_CAUSE, 'Missing token');
|
||||
}
|
||||
|
||||
if (!new_password) {
|
||||
throw new Parse.Error(Parse.Error.PASSWORD_MISSING, 'Missing password');
|
||||
}
|
||||
|
||||
return config.userController
|
||||
.updatePassword(username, token, new_password)
|
||||
.then(
|
||||
() => {
|
||||
const params = qs.stringify({ username: username });
|
||||
return Promise.resolve({
|
||||
status: 302,
|
||||
location: `${config.passwordResetSuccessURL}?${params}`,
|
||||
success: true,
|
||||
});
|
||||
},
|
||||
err => {
|
||||
const params = qs.stringify({
|
||||
username: username,
|
||||
token: token,
|
||||
id: config.applicationId,
|
||||
error: err,
|
||||
app: config.appName,
|
||||
});
|
||||
return Promise.resolve({
|
||||
status: 302,
|
||||
location: `${config.choosePasswordURL}?${params}`,
|
||||
success: false,
|
||||
err,
|
||||
});
|
||||
}
|
||||
);
|
||||
)
|
||||
.then(result => {
|
||||
const params = qs.stringify({
|
||||
username: username,
|
||||
token: token,
|
||||
id: config.applicationId,
|
||||
error: result.err,
|
||||
app: config.appName,
|
||||
});
|
||||
|
||||
if (req.xhr) {
|
||||
if (result.success) {
|
||||
return Promise.resolve({
|
||||
status: 200,
|
||||
response: 'Password successfully reset',
|
||||
});
|
||||
}
|
||||
if (result.err) {
|
||||
throw new Parse.Error(Parse.Error.OTHER_CAUSE, `${result.err}`);
|
||||
}
|
||||
}
|
||||
|
||||
return Promise.resolve({
|
||||
status: 302,
|
||||
location: `${
|
||||
result.success
|
||||
? `${config.passwordResetSuccessURL}?username=${username}`
|
||||
: `${config.choosePasswordURL}?${params}`
|
||||
}`,
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
invalidLink(req) {
|
||||
|
||||
Reference in New Issue
Block a user