diff --git a/app/gateway/user_gateway.php b/app/gateway/user_gateway.php index 3576df7..b7cc832 100644 --- a/app/gateway/user_gateway.php +++ b/app/gateway/user_gateway.php @@ -115,7 +115,22 @@ class UserGateway ':new_username' => array($new_username, PDO::PARAM_STR), ':uuid' => array($uuid, PDO::PARAM_STR) )); - } catch (PDOException $e) { + } catch (PDOException) { + return -1; + } + + return 0; + } + + public function updatePassword(string $uuid, string $new_hash) + { + $query = "UPDATE user SET hash=:new_hash WHERE id=:uuid;"; + try { + $this->con->executeQuery($query, array( + ':new_hash' => array($new_hash, PDO::PARAM_STR), + ':uuid' => array($uuid, PDO::PARAM_STR) + )); + } catch (PDOException) { return -1; } diff --git a/app/routes.php b/app/routes.php index fc2515c..bcde7a6 100644 --- a/app/routes.php +++ b/app/routes.php @@ -15,7 +15,7 @@ header("Access-Control-Allow-Credentials: true"); use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ServerRequestInterface as Request; use Slim\App; -use SLim\Exception\HttpNotFoundException; +use Slim\Exception\HttpNotFoundException; use gateway\UserGateway; use Config\Token; use Gateway\FileGateway; @@ -148,6 +148,25 @@ return function (App $app) { return $res->withStatus(200); }); + + // Update Password + $app->put('/user/password', function (Request $req, Response $res) { + $token = $req->getHeader('Authorization')[0]; + if (!(new Token)->verifyToken($token)) { + return $res->withStatus(401); + } + + if (!Helpers::validJson((string) $req->getBody(), array("hash"))) { + return $res->withStatus(400); + } + $new_hash = $req->getParsedBody()['hash']; + + $uuid = (new Token)->getUuidFromToken($token); + $code = (new UserGateway)->updatePassword($uuid, $new_hash); + if ($code === -1) return $res->withStatus(500); + return $res->withStatus(200); + }); + #### FILES #### // Get list of files $app->get('/user/files', function (Request $req, Response $res) {