PassWorld
/
PassWorld-API
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add changePassword
continuous-integration/drone/push Build is passing Details

Browse Source
master
remrem 2 years ago
parent d1d2233f69
commit 3325f8679c
3 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File

1
bin/server.dart
Unescape View File

@ -18,6 +18,7 @@ final _router = Router()
..put('/user/master-password', API.changeMasterPassword) ..put('/user/master-password', API.changeMasterPassword)
..post('/user/password-file', API.uploadPasswordDb) ..post('/user/password-file', API.uploadPasswordDb)
..put('/user/change-mail', API.changeMail) ..put('/user/change-mail', API.changeMail)
..put('/user/password', API.changeMasterPassword)
// DELETE // DELETE
..delete('/user/account', API.deleteAccount); ..delete('/user/account', API.deleteAccount);

19
lib/api/api.dart
Unescape View File

@ -94,8 +94,23 @@ class API {
} }
// Update master password // Update master password
static Response changeMasterPassword(Request req) { static Future<Response> changeMasterPassword(Request req) async {
return Response.ok("master password changed"); final List<String> required = ["email", "newPassword", "newSalt"];
final body = await bodyToJson(req);
if (await checkRequiredFields(required, body)) {
try {
await AccountsToPostgres.updatePassword(
body[required[0]], body[required[1]], body[required[2]]);
} catch (e) {
return Response(403,
body: 'This is not the good password'); // 403 (Forbidden)
}
return Response(201,
body: 'user\'s password succesfully changed'); // 201 (Created)
} else {
return Response.badRequest(body: 'Bad request'); // 400 (Bad Request)
}
} }
// Update mail // Update mail

13
lib/database/accounts_to_postgres.dart
Unescape View File

@ -103,13 +103,18 @@ class AccountsToPostgres {
// Update user password // Update user password
static Future<void> updatePassword( static Future<void> updatePassword(
String mail, String hash, String salt) async { String mail, String newHash, String newSalt) async {
if (selectHashByMail(mail) == null) { if (selectHashByMail(mail) == null) {
return; return;
} else { } else {
await connection.query( await connection.query(
"UPDATE \"Account\" SET hash=@hash, salt=@salt WHERE mail=@mail", "UPDATE \"Account\" SET hash=@newHash and salt=@salt WHERE mail=@mail",
substitutionValues: {"mail": mail, "hash": hash, "salt": salt}); substitutionValues: {
"mail": mail,
"newHash": newHash,
"newSalt": newSalt
});
print("✅ Passworld succesfully updated");
} }
} }
@ -148,9 +153,9 @@ class AccountsToPostgres {
await connection.query( await connection.query(
"UPDATE \"Account\" SET mail=@newMail WHERE mail=@mail", "UPDATE \"Account\" SET mail=@newMail WHERE mail=@mail",
substitutionValues: {"newMail": newMail, "mail": mail}); substitutionValues: {"newMail": newMail, "mail": mail});
}
print("✅ Mail succesfully updated"); print("✅ Mail succesfully updated");
} }
}
// ADMIN: get infos on all users // ADMIN: get infos on all users
static Future<PostgreSQLResult> getAllUsers() async { static Future<PostgreSQLResult> getAllUsers() async {

Write Preview
Loading…
Cancel
Save