Untitled

mail@pastecode.io avatar
unknown
plain_text
2 years ago
3.7 kB
2
Indexable
Never
router.post(routes.RECOVER_PASSWORD, (req, res) => {
        const { password } = req.query;
        const { password2 } = req.query;
        if (password !== password2) {
            res.send('passwords_does_not_match');
            logger.warn('Passwords doesn`t match');
        } else if (!testValidPassword(password) && !testValidPassword(password2)) {
            res.send('invalid_password');
            logger.warn('Invalid Password!');
        } else {
            Model.UserCode.findOne({
                where: { code: req.query.code }
            })
                .then(result => {
                    if (result) {
                        const currentDate = new Date();
                        const createdDate = result.createdAt;

                        if (createdDate.toLocaleDateString() < currentDate.toLocaleDateString()) {
                            res.send('expired_code');
                            logger.warn('Code has expired');
                        } else if (createdDate.getHours() <= currentDate.getHours()) {
                            if (Math.abs(createdDate.getMinutes() - currentDate.getMinutes()) > config.expiredCodeTimeout) {
                                res.send('expired_code');
                                logger.warn('Code has expired');
                            } else {
                                const salt = bcrypt.genSaltSync(10);
                                const hashedPassword = bcrypt.hashSync(password, salt);
                                const updatePass = {
                                    salt,
                                    password: hashedPassword
                                };
                                Model.User.findOne({
                                    where: {
                                        id: result.userid
                                    }
                                })
                                    .then(data => {
                                        if (data) {
                                            Model.User.update(updatePass, {
                                                where: {
                                                    id: data.id
                                                }
                                            })
                                                .then(() => {
                                                    res.send('valid_code');
                                                    logger.info('Valid code');
                                                })
                                                .catch(error => {
                                                    logger.error('Error: ', error);
                                                    res.sendStatus(500);
                                                });
                                        }
                                    })
                                    .catch(error => {
                                        logger.error('Error: ', error);
                                        res.sendStatus(500);
                                    });
                            }
                        } else {
                            res.send('expired_code');
                            logger.warn('Code has expired');
                        }
                    } else {
                        res.send('invalid_code');
                        logger.warn('Invalid code');
                    }
                })
                .catch(error => {
                    logger.error('Error: ', error);
                    res.sendStatus(500);
                });
        }
    });