watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-06 21:57:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
umami/src/pages/api/me/password.ts
Mike Cao 4429198397 Renamed id routes for API.
2024-01-31 22:08:48 -08:00

56 lines
1.3 KiB
TypeScript
Raw Blame History

import { useAuth, useValidate } from 'lib/middleware';
import { NextApiRequestQueryBody, User } from 'lib/types';
import { NextApiResponse } from 'next';
import {
badRequest,
checkPassword,
forbidden,
hashPassword,
methodNotAllowed,
ok,
} from 'next-basics';
import { getUser, updateUser } from 'queries';
import * as yup from 'yup';
export interface UserPasswordRequestBody {
currentPassword: string;
newPassword: string;
}
const schema = {
POST: yup.object().shape({
currentPassword: yup.string().required(),
newPassword: yup.string().min(8).required(),
}),
};
export default async (
req: NextApiRequestQueryBody<any, UserPasswordRequestBody>,
res: NextApiResponse<User>,
) => {
if (process.env.CLOUD_MODE) {
return forbidden(res);
}
await useAuth(req, res);
await useValidate(schema, req, res);
const { currentPassword, newPassword } = req.body;
const { id: userId } = req.auth.user;
if (req.method === 'POST') {
const user = await getUser(userId, { includePassword: true });
if (!checkPassword(currentPassword, user.password)) {
return badRequest(res, 'Current password is incorrect');
}
const password = hashPassword(newPassword);
const updated = await updateUser(userId, { password });
return ok(res, updated);
}
return methodNotAllowed(res);
};
Reference in a new issue View git blame Copy permalink