Implemented basic password reset

ref #40

src/models/actions/ResetPassword.ts

@@ -0,0 +1,60 @@
+import * as argon2 from "argon2";
+import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
+import * as jsonwebtoken from 'jsonwebtoken';
+import { getConnectionManager } from 'typeorm';
+import { config } from '../../config';
+import { IllegalJWTError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
+import { User } from '../entities/User';
+
+/**
+ * TODO:
+ */
+export class ResetPassword {
+    /**
+     * The reset token on which the password reset will be based.
+     */
+    @IsOptional()
+    @IsString()
+    resetToken?: string;
+
+    /**
+     * The user's new password
+     */
+    @IsNotEmpty()
+    @IsString()
+    password: string;
+
+
+    /**
+     * Create a password reset token based on this.
+     */
+    public async resetPassword(): Promise<any> {
+        if (!this.resetToken || this.resetToken === undefined) {
+            throw new JwtNotProvidedError()
+        }
+        if (!this.password || this.password === undefined) {
+            throw new PasswordNeededError()
+        }
+
+        let decoded;
+        try {
+            decoded = jsonwebtoken.verify(this.resetToken, config.jwt_secret)
+        } catch (error) {
+            throw new IllegalJWTError()
+        }
+
+        const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["id"] });
+        if (!found_user) {
+            throw new UserNotFoundError()
+        }
+        if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) {
+            throw new RefreshTokenCountInvalidError()
+        }
+
+        found_user.refreshTokenCount = found_user.refreshTokenCount + 1;
+        found_user.password = await argon2.hash(this.password + found_user.uuid);
+        await getConnectionManager().get().getRepository(User).save(found_user);
+
+        return "password reset successfull";
+    }
+}