feat: finish changepassword

Yancey-Blog · Apr 1, 2020 · bec654e · bec654e
1 parent 9641d93
commit bec654e
Show file tree

Hide file tree

Showing 9 changed files with 57 additions and 16 deletions.
diff --git a/schema.gql b/schema.gql
@@ -46,6 +46,11 @@ type BestAlbumModel {
   updatedAt: DateTime!
 }
 
+input ChangePasswordInput {
+  oldPassword: String!
+  newPassword: String!
+}
+
 input CreateAgendaInput {
   title: String!
   startDate: String!
@@ -122,6 +127,7 @@ type Mutation {
   validateTOTP(input: ValidateTOTPInput!): UserModel!
   createRecoveryCodes(userId: ID!): RecoveryCodeModel!
   validateRecoveryCode(input: ValidateTOTPInput!): UserModel!
+  changePassword(input: ChangePasswordInput!): UserModel!
   createAnnouncement(input: CreateAnnouncementInput!): AnnouncementModel!
   updateAnnouncementById(input: UpdateAnnouncementInput!): AnnouncementModel!
   deleteAnnouncementById(id: ID!): AnnouncementModel!

diff --git a/src/auth/auth.resolver.ts b/src/auth/auth.resolver.ts
@@ -1,14 +1,14 @@
 import { UseGuards } from '@nestjs/common'
 import { Args, Query, Resolver, Mutation, ID } from '@nestjs/graphql'
 import { Request } from 'express'
-import requestIP from 'request-ip'
 import { AuthService } from './auth.service'
 import { UserModel } from '../users/models/User.model'
 import { TOTPModel } from './models/totp.model'
 import { RecoveryCodeModel } from './models/recovery-code.model'
 import { LoginInput } from './dtos/login.input'
 import { RegisterInput } from './dtos/register.input'
 import { ValidateTOTPInput } from './dtos/validate-totp.input'
+import { ChangePasswordInput } from './dtos/change-password.input'
 import { GqlAuthGuard } from '../shared/guard/gqlAuth.guard'
 import { ReqDecorator } from '../shared/decorators/req.decorator'
 
@@ -59,4 +59,13 @@ export class AuthResolver {
   ) {
     return this.authService.validateRecoveryCode(input, req.headers.authorization)
   }
+
+  @Mutation(() => UserModel)
+  @UseGuards(GqlAuthGuard)
+  public async changePassword(
+    @Args('input') input: ChangePasswordInput,
+    @ReqDecorator() req: Request,
+  ) {
+    return this.authService.changePassword(input, req.headers.authorization)
+  }
 }
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -1,16 +1,15 @@
 import { Injectable } from '@nestjs/common'
 import { ForbiddenError, AuthenticationError } from 'apollo-server-express'
-import jwt from 'jsonwebtoken'
 import { JwtService } from '@nestjs/jwt'
 import speakeasy from 'speakeasy'
 import { UsersService } from '../users/users.service'
 import { Roles, User } from '../users/interfaces/user.interface'
 import { LoginInput } from './dtos/login.input'
 import { RegisterInput } from './dtos/register.input'
 import { ValidateTOTPInput } from './dtos/validate-totp.input'
-import { Payload } from './interfaces/jwt.interface'
+import { ChangePasswordInput } from './dtos/change-password.input'
 import { TOTP_ENCODE } from '../shared/constants'
-import { generateQRCode, generateRecoveryCodes, decodeJwt } from '../shared/utils'
+import { generateQRCode, generateRecoveryCodes, decodeJwt, encryptPassword } from '../shared/utils'
 
 @Injectable()
 export class AuthService {
@@ -48,9 +47,8 @@ export class AuthService {
   public async register(registerInput: RegisterInput) {
     const { email, username } = registerInput
     const curEmail = await this.usersService.findOneByEmail(email)
-    const curUser = await this.usersService.findOneByUserName(username)
 
-    if (curUser || curEmail) {
+    if (curEmail) {
       throw new ForbiddenError('Email is already registered!')
     } else {
       // TODO: 通过脚本初始化 root 用户
@@ -120,4 +118,20 @@ export class AuthService {
 
     throw new ForbiddenError('Two factor authentication failed!')
   }
+
+  public async changePassword(input: ChangePasswordInput, token: string) {
+    const { oldPassword, newPassword } = input
+    const { sub: userId } = decodeJwt(token)
+    const user = await this.usersService.findOneById(userId)
+
+    if (user && user.isValidPassword(oldPassword, user.password)) {
+      const res = await this.usersService.updateUser({
+        id: userId,
+        password: encryptPassword(newPassword),
+      })
+      return res
+    }
+
+    throw new ForbiddenError('Change password error!')
+  }
 }
diff --git a/src/auth/dtos/change-password.input.ts b/src/auth/dtos/change-password.input.ts
@@ -0,0 +1,15 @@
+import { InputType, Field } from '@nestjs/graphql'
+import { IsNotEmpty, IsString } from 'class-validator'
+
+@InputType()
+export class ChangePasswordInput {
+  @Field()
+  @IsString()
+  @IsNotEmpty()
+  public readonly oldPassword: string
+
+  @Field()
+  @IsString()
+  @IsNotEmpty()
+  public readonly newPassword: string
+}
diff --git a/src/auth/dtos/validate-totp.input.ts b/src/auth/dtos/validate-totp.input.ts
@@ -1,5 +1,5 @@
 import { InputType, Field } from '@nestjs/graphql'
-import { IsNotEmpty, IsUUID, IsString } from 'class-validator'
+import { IsNotEmpty, IsString } from 'class-validator'
 
 @InputType()
 export class ValidateTOTPInput {

diff --git a/src/shared/utils.ts b/src/shared/utils.ts
@@ -2,6 +2,7 @@ import QRCode from 'qrcode'
 import jwt from 'jsonwebtoken'
 import { ApolloError } from 'apollo-server-express'
 import { randomSeries } from 'yancey-js-util'
+import bcrypt from 'bcrypt'
 import { Payload } from '../auth/interfaces/jwt.interface'
 
 export const generateSMSVerificationCode = () =>
@@ -30,3 +31,5 @@ export const generateRecoveryCodes = () => {
 }
 
 export const decodeJwt = (token: string) => jwt.decode(token.slice(7)) as Payload
+
+export const encryptPassword = (password: string) => bcrypt.hashSync(password, 10)
diff --git a/src/users/dtos/update-user.input.ts b/src/users/dtos/update-user.input.ts
@@ -18,8 +18,5 @@ export class UpdateUserInput {
   public readonly recoveryCodes?: string[]
 
   @Field({ nullable: true })
-  public readonly oldPassword?: string
-
-  @Field({ nullable: true })
-  public readonly newPassword?: string
+  public readonly password?: string
 }
diff --git a/src/users/schemas/users.schema.ts b/src/users/schemas/users.schema.ts
@@ -1,6 +1,7 @@
 import mongoose, { HookNextFunction } from 'mongoose'
 import { v4 } from 'uuid'
 import bcrypt from 'bcrypt'
+import { encryptPassword } from '../../shared/utils'
 import { Roles, User } from '../interfaces/user.interface'
 
 export const UserSchema = new mongoose.Schema(
@@ -58,7 +59,7 @@ export const UserSchema = new mongoose.Schema(
 )
 
 UserSchema.pre<User>('save', function (next: HookNextFunction) {
-  this.password = bcrypt.hashSync(this.password, 10)
+  this.password = encryptPassword(this.password)
   next()
 })
 

diff --git a/src/users/users.service.ts b/src/users/users.service.ts
@@ -26,10 +26,6 @@ export class UsersService {
     return this.UserModel.findOne({ email })
   }
 
-  public async findOneByUserName(username: string): Promise<User> {
-    return this.UserModel.findOne({ username })
-  }
-
   public async create(createUserInput: CreateUserInput): Promise<User> {
     return this.UserModel.create(createUserInput)
   }