Now disableing users while they're in the process of resetting their password

ref #40

src/models/actions/ResetPassword.ts

@@ -3,7 +3,7 @@ import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
 import * as jsonwebtoken from 'jsonwebtoken';
 import { getConnectionManager } from 'typeorm';
 import { config } from '../../config';
-import { IllegalJWTError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
+import { IllegalJWTError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UserDisabledError, UserNotFoundError } from '../../errors/AuthError';
 import { User } from '../entities/User';
 
 /**
@@ -44,15 +44,13 @@ export class ResetPassword {
         }
 
         const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["id"] });
-        if (!found_user) {
-            throw new UserNotFoundError()
-        }
-        if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) {
-            throw new RefreshTokenCountInvalidError()
-        }
+        if (!found_user) { throw new UserNotFoundError(); }
+        if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) { throw new RefreshTokenCountInvalidError(); }
+        if (found_user.enabled == false) { throw new UserDisabledError(); }
 
         found_user.refreshTokenCount = found_user.refreshTokenCount + 1;
         found_user.password = await argon2.hash(this.password + found_user.uuid);
+        found_user.enabled = true;
         await getConnectionManager().get().getRepository(User).save(found_user);
 
         return "password reset successfull";