57 lines
1.9 KiB
TypeScript
57 lines
1.9 KiB
TypeScript
import { hash } from '@node-rs/argon2';
|
|
import { IsNotEmpty, IsOptional, IsString } from 'class-validator';
|
|
import * as jsonwebtoken from 'jsonwebtoken';
|
|
import { getConnectionManager } from 'typeorm';
|
|
import { config } from '../../config';
|
|
import { IllegalJWTError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UserNotFoundError } from '../../errors/AuthError';
|
|
import { User } from '../entities/User';
|
|
|
|
/**
|
|
* This class can be used to reset a user's password.
|
|
* To set a new password the user needs to provide a valid password reset token.
|
|
*/
|
|
export class ResetPassword {
|
|
/**
|
|
* The reset token on which the password reset will be based.
|
|
*/
|
|
@IsOptional()
|
|
@IsString()
|
|
resetToken?: string;
|
|
|
|
/**
|
|
* The user's new password
|
|
*/
|
|
@IsNotEmpty()
|
|
@IsString()
|
|
password: string;
|
|
|
|
|
|
/**
|
|
* Create a password reset token based on this.
|
|
*/
|
|
public async resetPassword(): Promise<any> {
|
|
if (!this.resetToken || this.resetToken === undefined) {
|
|
throw new JwtNotProvidedError()
|
|
}
|
|
if (!this.password || this.password === undefined) {
|
|
throw new PasswordNeededError()
|
|
}
|
|
|
|
let decoded;
|
|
try {
|
|
decoded = jsonwebtoken.verify(this.resetToken, config.jwt_secret)
|
|
} catch (error) {
|
|
throw new IllegalJWTError()
|
|
}
|
|
|
|
const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["id"] });
|
|
if (!found_user) { throw new UserNotFoundError(); }
|
|
if (found_user.refreshTokenCount !== decoded["refreshTokenCount"]) { throw new RefreshTokenCountInvalidError(); }
|
|
|
|
found_user.refreshTokenCount = found_user.refreshTokenCount + 1;
|
|
found_user.password = await hash(this.password + found_user.uuid);
|
|
await getConnectionManager().get().getRepository(User).save(found_user);
|
|
|
|
return "password reset successfull";
|
|
}
|
|
} |