36 lines
906 B
TypeScript
36 lines
906 B
TypeScript
import bcrypt from "bcrypt";
|
|
import { Router } from "express";
|
|
import User from "../models/User.js";
|
|
import Token from "../models/Token.js";
|
|
|
|
const router = Router();
|
|
|
|
router.post("/", async (req, res) => {
|
|
const { oldPassword, newPassword } = req.body;
|
|
|
|
try {
|
|
const user = res.locals.user;
|
|
const accessToken = res.locals.accessToken;
|
|
|
|
if (!bcrypt.compareSync(oldPassword, user.password)) {
|
|
return res.json({ error: "Old password is wrong" });
|
|
}
|
|
|
|
const newPasswordHash = bcrypt.hashSync(newPassword, 12);
|
|
|
|
await User.findByIdAndUpdate(user._id, { password: newPasswordHash });
|
|
await Token.deleteMany({
|
|
userId: user._id,
|
|
accessToken: { $ne: accessToken },
|
|
});
|
|
|
|
return res.json({ ok: 1 });
|
|
} catch (error) {
|
|
return res.json({ error: (error as Error).message });
|
|
}
|
|
});
|
|
|
|
const changePasswordRoute = router;
|
|
|
|
export default changePasswordRoute;
|