All files resetPassword.js

62.79% Statements 27/43
66.67% Branches 4/6
38.89% Functions 7/18
62.5% Lines 25/40
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102      1x 1x                       1x 24x   24x   24x       1x 40x   40x 40x   32x         56x 56x 56x       112x   56x 56x 56x     56x   56x 24x 24x 32x 32x         56x                                                                                  
 
/* eslint-env node */
 
const errors = require('@feathersjs/errors');
const debug = require('debug')('authManagement:resetPassword');
 
const {
  getUserData,
  ensureObjPropsValid,
  ensureValuesAreStrings,
  hashPassword,
  notifier,
  comparePasswords,
  deconstructId
} = require('./helpers');
 
module.exports.resetPwdWithLongToken = function (options, resetToken, password) {
  return Promise.resolve()
    .then(() => {
      ensureValuesAreStrings(resetToken, password);
 
      return resetPassword(options, { resetToken }, { resetToken }, password);
    });
};
 
module.exports.resetPwdWithShortToken = function (options, resetShortToken, identifyUser, password) {
  return Promise.resolve()
    .then(() => {
      ensureValuesAreStrings(resetShortToken, password);
      ensureObjPropsValid(identifyUser, options.identifyUserProps);
 
      return resetPassword(options, identifyUser, { resetShortToken }, password);
    });
};
 
function resetPassword (options, query, tokens, password) {
  debug('resetPassword', query, tokens, password);
  const users = options.app.service(options.service);
  const usersIdName = users.id;
  const {
    sanitizeUserForClient,
    skipIsVerifiedCheck
  } = options;
 
  const checkProps = ['resetNotExpired'];
  Eif (!skipIsVerifiedCheck) {
    checkProps.push('isVerified');
  }
 
  let userPromise;
 
  if (tokens.resetToken) {
    let id = deconstructId(tokens.resetToken);
    userPromise = users.get(id).then(data => getUserData(data, checkProps));
  } else Eif (tokens.resetShortToken) {
    userPromise = users.find({query}).then(data => getUserData(data, checkProps));
  } else {
    return Promise.reject(new errors.BadRequest('resetToken or resetShortToken is missing'));
  }
 
  return Promise.all([
    userPromise,
    hashPassword(options.app, password)
  ])
    .then(([user, hashPassword]) => {
      let promises = [];
 
      Object.keys(tokens).forEach((key) => {
        promises.push(comparePasswords(tokens[key], user[key], () => new errors.BadRequest('Reset Token is incorrect.')));
      });
 
      return Promise.all(promises).then(values => {
        return [user, hashPassword];
      }).catch(reason => {
        return patchUser(user, {
          resetToken: null,
          resetShortToken: null,
          resetExpires: null
        })
          .then(() => {
            throw new errors.BadRequest('Invalid token. Get for a new one. (authManagement)',
              { errors: { $className: 'badParam' } });
          });
      });
    })
    .then(([user, hashedPassword]) => {
      return patchUser(user, {
        password: hashedPassword,
        resetToken: null,
        resetShortToken: null,
        resetExpires: null
      })
        .then(user1 => notifier(options.notifier, 'resetPwd', user1))
        .then(user1 => sanitizeUserForClient(user1));
    });
 
  function patchUser (user, patchToUser) {
    return users.patch(user[usersIdName], patchToUser, {}) // needs users from closure
      .then(() => Object.assign(user, patchToUser));
  }
}