diff --git a/src/models/actions/ResetPassword.ts b/src/models/actions/ResetPassword.ts new file mode 100644 index 0000000..d491156 --- /dev/null +++ b/src/models/actions/ResetPassword.ts @@ -0,0 +1,60 @@ +import * as argon2 from "argon2"; +import { IsNotEmpty, IsOptional, IsString } from 'class-validator'; +import * as jsonwebtoken from 'jsonwebtoken'; +import { getConnectionManager } from 'typeorm'; +import { config } from '../../config'; +import { IllegalJWTError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError'; +import { User } from '../entities/User'; + +/** + * TODO: + */ +export class ResetPassword { + /** + * The reset token on which the password reset will be based. + */ + @IsOptional() + @IsString() + resetToken?: string; + + /** + * The user's new password + */ + @IsNotEmpty() + @IsString() + password: string; + + + /** + * Create a password reset token based on this. + */ + public async resetPassword(): Promise { + if (!this.resetToken || this.resetToken === undefined) { + throw new JwtNotProvidedError() + } + if (!this.password || this.password === undefined) { + throw new PasswordNeededError() + } + + let decoded; + try { + decoded = jsonwebtoken.verify(this.resetToken, config.jwt_secret) + } catch (error) { + throw new IllegalJWTError() + } + + const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["id"] }); + if (!found_user) { + throw new UserNotFoundError() + } + if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) { + throw new RefreshTokenCountInvalidError() + } + + found_user.refreshTokenCount = found_user.refreshTokenCount + 1; + found_user.password = await argon2.hash(this.password + found_user.uuid); + await getConnectionManager().get().getRepository(User).save(found_user); + + return "password reset successfull"; + } +} \ No newline at end of file