mirror of https://github.com/calzoneman/sync.git
Add password change (#88)
This commit is contained in:
parent
27c1f78dbd
commit
62e80cec63
28
api.js
28
api.js
|
@ -25,6 +25,7 @@ var jsonHandlers = {
|
|||
"listloaded" : handleChannelList,
|
||||
"login" : handleLogin,
|
||||
"register" : handleRegister,
|
||||
"changepass" : handlePasswordChange,
|
||||
"globalbans" : handleGlobalBans,
|
||||
"admreports" : handleAdmReports
|
||||
};
|
||||
|
@ -197,6 +198,33 @@ function handleLogin(params, req, res) {
|
|||
}
|
||||
}
|
||||
|
||||
function handlePasswordChange(params, req, res) {
|
||||
var name = params.name || "";
|
||||
var oldpw = params.oldpw || "";
|
||||
var newpw = params.newpw || "";
|
||||
if(oldpw == "" || newpw == "") {
|
||||
sendJSON(res, {
|
||||
success: false,
|
||||
error: "Old password and new password cannot be empty"
|
||||
});
|
||||
return;
|
||||
}
|
||||
var row = Auth.login(name, oldpw);
|
||||
if(row) {
|
||||
var success = Auth.setUserPassword(name, newpw);
|
||||
sendJSON(res, {
|
||||
success: success,
|
||||
error: success ? "" : "Change password failed"
|
||||
});
|
||||
}
|
||||
else {
|
||||
sendJSON(res, {
|
||||
success: false,
|
||||
error: "Invalid username or password"
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
function handleRegister(params, req, res) {
|
||||
var name = params.name || "";
|
||||
var pw = params.pw || "";
|
||||
|
|
17
auth.js
17
auth.js
|
@ -10,6 +10,7 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
|
|||
*/
|
||||
|
||||
var mysql = require("mysql-libmysqlclient");
|
||||
var Database = require("./database.js");
|
||||
var Config = require("./config.js");
|
||||
var bcrypt = require("bcrypt");
|
||||
var hashlib = require("node_hash");
|
||||
|
@ -186,6 +187,22 @@ function sessionSalt() {
|
|||
return salt.join('');
|
||||
}
|
||||
|
||||
exports.setUserPassword = function(name, pw) {
|
||||
var db = mysql.createConnectionSync();
|
||||
db.connectSync(Config.MYSQL_SERVER, Config.MYSQL_USER,
|
||||
Config.MYSQL_PASSWORD, Config.MYSQL_DB);
|
||||
if(!db.connectedSync()) {
|
||||
Logger.errlog.log("Auth.setUserPassword: DB connection failed");
|
||||
return false;
|
||||
}
|
||||
var hash = bcrypt.hashSync(pw, 10);
|
||||
var query = "UPDATE registrations SET pw='{1}' WHERE uname='{2}'"
|
||||
.replace("{1}", Database.sqlEscape(hash))
|
||||
.replace("{2}", Database.sqlEscape(name));
|
||||
var result = db.querySync(query);
|
||||
return result;
|
||||
}
|
||||
|
||||
exports.getGlobalRank = function(name) {
|
||||
var db = mysql.createConnectionSync();
|
||||
db.connectSync(Config.MYSQL_SERVER, Config.MYSQL_USER,
|
||||
|
|
|
@ -40,6 +40,7 @@ function sqlEscape(data) {
|
|||
return data.replace("'", "\\'");
|
||||
}
|
||||
}
|
||||
exports.sqlEscape = sqlEscape;
|
||||
|
||||
exports.init = function() {
|
||||
if(initialized)
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"author": "Calvin Montgomery",
|
||||
"name": "CyTube",
|
||||
"description": "Online media synchronizer and chat",
|
||||
"version": "1.5.3",
|
||||
"version": "1.5.5",
|
||||
"repository": {
|
||||
"url": "http://github.com/calzoneman/sync"
|
||||
},
|
||||
|
|
|
@ -9,7 +9,7 @@ The above copyright notice and this permission notice shall be included in all c
|
|||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
*/
|
||||
|
||||
const VERSION = "1.5.4";
|
||||
const VERSION = "1.5.5";
|
||||
|
||||
var fs = require("fs");
|
||||
var Logger = require("./logger.js");
|
||||
|
|
|
@ -1002,6 +1002,16 @@ function showLoginFrame() {
|
|||
modal.modal("hide");
|
||||
}
|
||||
}
|
||||
else if(e.data.substring(0, e.data.indexOf(":")) == "cytube-changepass") {
|
||||
var data = e.data.substring(e.data.indexOf(":")+1);
|
||||
data = JSON.parse(data);
|
||||
if(data.error) {
|
||||
alert(data.error);
|
||||
}
|
||||
else if(data.success) {
|
||||
alert("Password changed");
|
||||
}
|
||||
}
|
||||
}
|
||||
if(window.addEventListener) {
|
||||
window.addEventListener("message", respond, false);
|
||||
|
|
|
@ -4,6 +4,17 @@
|
|||
<meta charset="utf-8">
|
||||
<title>CyTube - Login</title>
|
||||
<link rel="stylesheet" href="assets/css/bootstrap.css">
|
||||
<style type="text/css">
|
||||
#username, #pw {
|
||||
width: 95%;
|
||||
}
|
||||
#login, #register {
|
||||
width: 49%;
|
||||
}
|
||||
#changepass {
|
||||
width: 99%;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<form class="form-horizontal" action="javascript:void(0)">
|
||||
|
@ -19,6 +30,12 @@
|
|||
<input type="password" id="pw">
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group" style="display: none" id="newpassdiv">
|
||||
<label class="control-label" for="newpass" id="nplabel">New Password</label>
|
||||
<div class="controls">
|
||||
<input type="password" id="newpass">
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group" style="display: none" id="pw2div">
|
||||
<label class="control-label" for="pw2" id="confirm">Confirm Password</label>
|
||||
<div class="controls">
|
||||
|
@ -31,6 +48,11 @@
|
|||
<button class="btn" id="register">Register</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group">
|
||||
<div class="controls">
|
||||
<button class="btn" id="changepass">Change Password</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
<script src="assets/js/jquery.js" type="text/javascript"></script>
|
||||
<script src="assets/js/iourl.js" type="text/javascript"></script>
|
||||
|
@ -65,6 +87,24 @@
|
|||
source.postMessage("cytube-login:"+JSON.stringify(data), document.location);
|
||||
});
|
||||
});
|
||||
$("#changepass").click(function() {
|
||||
if($("#newpassdiv").css("display") == "none") {
|
||||
$("#newpassdiv").css("display", "");
|
||||
$("#pw2div").css("display", "");
|
||||
return false;
|
||||
}
|
||||
else if($("#newpass").val() != $("#pw2").val()) {
|
||||
$("#confirm").addClass("text-error");
|
||||
return;
|
||||
}
|
||||
$.getJSON(IO_URL+"/api/json/changepass?name="+$("#username").val()+"&oldpw="+$("#pw").val()+"&newpw="+$("#newpass").val()+"&callback=?", function(data) {
|
||||
if(data.success) {
|
||||
$("#newpassdiv").css("display", "none");
|
||||
$("#pw2div").css("display", "none");
|
||||
}
|
||||
source.postMessage("cytube-changepass:"+JSON.stringify(data), document.location);
|
||||
});
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
Loading…
Reference in New Issue