fin reset pass api , add js standard style

server-api/app.js

@@ -11,8 +11,8 @@ const mem = require('./libs/memcache_lib')
 // const sendmail = require('./libs/sendmail')
 
 // init memcached connection
-mem.host = 'dyn.trj.tw'
-mem.port = 24002
+mem.host = config.memcache.host
+mem.port = config.memcache.port
 mem.connect()
 
 // init mysql connection pool

server-api/config.json.default

@@ -17,6 +17,10 @@
             "dbname": "lora"
         }
     },
+    "memcache":{
+        "host": "dyn.trj.tw",
+        "port": 24002
+    },
     "smtp": {
         "sys_mail": "admin@localhost",
         "host": "localhost",

server-api/package.json

@@ -22,5 +22,8 @@
   },
   "devDependencies": {
     "standard": "^10.0.2"
+  },
+  "standard": {
+    "ignore": []
   }
 }

server-api/route/api/MsgManager/language/zh.js

@@ -10,6 +10,7 @@ module.exports = {
   CE0007: '查無使用者資料',
   CE0008: '重設密碼類型輸入錯誤',
   CE0009: '請輸入重設密碼Token',
+  CE0010: '舊密碼不符合',
 
   CE1000: 'Token驗證失敗',
   CE2000: '使用者權限不足',

server-api/route/api/account.js

@@ -9,7 +9,7 @@ const crypto = require('../../libs/crypto.js')
 // const so = require('../../libs/storeObject')
 const mongo = require('../../libs/mongo_model.js')
 const mem = require('../../libs/memcache_lib')
-const msgMng = require('./msgManager')
+const msgMng = require('./MsgManager')
 const sendmail = require('../../libs/sendmail')
 
 router
@@ -139,7 +139,7 @@ router
         }
       }
     })
-    .post('/user/forgotpass', async(c, n) => {
+    .post('/forgotpass', async(c, n) => {
       let arr = c.request.body
       if (!arr.data) throw 'CE0000'
       if (!arr.data.account) throw 'CE0001'
@@ -177,7 +177,7 @@ router
         record: []
       }
     })
-    .post('/user/resetpass', async(c, n) => {
+    .put('/resetpass', async(c, n) => {
       let arr = c.request.body
       if (!arr.data) throw 'CE0000'
       if (!arr.data.account) throw 'CE0001'
@@ -188,6 +188,49 @@ router
         if (!arr.data.token) throw 'CE0009'
       }
       if (!arr.data.newpass) throw 'CE0002'
+
+      if (arr.data.resettype === 'token') {
+        try {
+          let data = await mem.getVal(arr.data.token)
+          if (!data) throw 'CE1000'
+          let dataJson = JSON.parse(data)
+          if (dataJson.account !== arr.data.account) throw 'CE1000'
+        } catch (err) {
+          if (typeof err === 'string') throw err
+          c.serr = err
+          throw 'CE1000'
+        }
+      } else {
+        if (!await mongo.Token.checkToken(c.headers['x-auth-token'] || '')) throw 'CE1000'
+        let token = await mongo.Token.getToken(c.headers['x-auth-token'] || '')
+        if (token.object.account !== arr.data.account) throw 'CE2000'
+        try {
+          let query = 'select `password` from ??.?? where `account` = ?'
+          let param = ['lora', 'user', arr.data.account]
+          let data = await c.syncQuery(query, param)
+          if (data.length === 0) throw 'CE0007'
+          if (!crypto.comparePass(arr.data.password, data[0].password)) throw 'CE0010'
+        } catch (err) {
+          if (typeof err === 'string') throw err
+          c.serr = err
+          throw 'SE0001'
+        }
+      }
+
+      let newpass = crypto.genPassHash(arr.data.newpass)
+      try {
+        let query = 'update ??.?? set `password` = ? where `account` = ?'
+        let param = ['lora', 'user', newpass, arr.data.account]
+        await c.syncQuery(query, param)
+      } catch (err) {
+        if (typeof err === 'string') throw err
+        c.serr = err
+        throw 'SE0002'
+      }
+
+      c.body = {
+        record: []
+      }
     })
 
 module.exports = router

server-api/route/api/index.js

@@ -6,7 +6,7 @@ const koaBody = require('koa-body')
 const mysql = require('../../libs/mysql_pool.js')
 // const so = require('../../libs/storeObject')
 // const config = require('../../config.json')
-const msgMng = require('./msgManager')
+const msgMng = require('./MsgManager')
 
 // routes
 const accountApi = require('./account.js')