Skip to content

Commit

Permalink
Merge pull request #105 from harena-lab/development
Browse files Browse the repository at this point in the history 
Major fix: check before hashing password
  • Loading branch information
@HeitorMatt
HeitorMatt authored Oct 27, 2020
2 parents 32048d8 + 2cd1cf0 commit 9738aec
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 9 deletions.
5 changes: 4 additions & 1 deletion src/adonisjs/app/Controllers/Http/v1/AuthController.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ class AuthController {
if (await auth.remember(true).attempt(email, password)) {
const user = await User.findBy('email', email)

return response.json(user)
return response.json({user: user, response: 'Login successful'})
}
} catch (e) {
if (e.code === 'E_CANNOT_LOGIN') {
Expand All @@ -38,6 +38,9 @@ class AuthController {
} catch (e) {
console.log(e)
}
}else if(e.code === 'E_PASSWORD_MISMATCH' || e.code === 'E_USER_NOT_FOUND'){

return response.status(200).json({response: 'Email or password incorrect'})
}
return response.status(e.status).json({ message: e.message })
}
Expand Down
17 changes: 11 additions & 6 deletions src/adonisjs/app/Controllers/Http/v1/UserController.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,14 +107,19 @@ class UserController {
*/
async update ({ params, request, response, auth }) {
try {
const newUser = request.all()
const user = await User.find(params.id)

const storeduser = await User.find(params.id)
const updatedUser = {
username : request.input('username') || user.username,
email : request.input('email') || user.email,
login : request.input('login') || user.login,
grade : request.input('grade') || user.grade
}

if (storeduser != null) {
await storeduser.merge(newUser)
await storeduser.save()
return response.json(storeduser)
if (user != null) {
await user.merge(updatedUser)
await user.save()
return response.json(user)
} else{
console.log('save user error');
return response.status(500).json('user not found')
Expand Down
7 changes: 6 additions & 1 deletion src/adonisjs/app/Models/Hooks/UserHook.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,10 @@ const Hash = use('Hash')
const UserHook = exports = module.exports = {}

UserHook.hashPassword = async (user) => {
user.password = await Hash.make(user.password)
if (user.dirty.password) {
// console.log('Hashing password')
user.password = await Hash.make(user.password)
}


}
2 changes: 1 addition & 1 deletion src/adonisjs/app/Models/v1/User.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ class User extends Model {
* it to the database.
*/
this.addHook('beforeCreate', 'UserHook.hashPassword')
this.addHook('beforeUpdate', 'UserHook.hashPassword')
this.addHook('beforeSave', 'UserHook.hashPassword')

}

Expand Down

0 comments on commit 9738aec

Please sign in to comment.