(appId, username, newPassword, resetKey, accessList, isMasterKey, encryption_key)
| 177 | }, |
| 178 | |
| 179 | resetUserPassword(appId, username, newPassword, resetKey, accessList, isMasterKey, encryption_key) { |
| 180 | const deferred = q.defer(); |
| 181 | |
| 182 | try { |
| 183 | customService.findOne(appId, Collections.User, { |
| 184 | username, |
| 185 | }, null, null, null, accessList, true).then((user) => { |
| 186 | if (!user) { |
| 187 | deferred.reject(`User with username ${username} not found.`); |
| 188 | return; |
| 189 | } |
| 190 | // Send an email to reset user password here. |
| 191 | const passwordResetKey = crypto.createHmac('sha256', config.secureKey) |
| 192 | .update(user.password) |
| 193 | .digest('hex'); |
| 194 | |
| 195 | if (passwordResetKey === resetKey) { |
| 196 | if (encryption_key && encryption_key.iv && encryption_key.key) { |
| 197 | user.password = encryptText(cipher_alg, encryption_key.key, encryption_key.iv, newPassword); |
| 198 | } else { |
| 199 | user.password = crypto.pbkdf2Sync(newPassword, config.secureKey, 10000, 64, 'sha1').toString('base64'); |
| 200 | } |
| 201 | mongoService.document.save(appId, [{ |
| 202 | document: user, |
| 203 | }]) |
| 204 | .then(() => { |
| 205 | deferred.resolve(); // returns no. of items matched |
| 206 | }, (error) => { |
| 207 | deferred.reject(error); |
| 208 | }); |
| 209 | } else { |
| 210 | deferred.reject('Reset Key is invalid.'); |
| 211 | } |
| 212 | }, (error) => { |
| 213 | deferred.reject(error); |
| 214 | }); |
| 215 | } catch (err) { |
| 216 | winston.log('error', { |
| 217 | error: String(err), |
| 218 | stack: new Error().stack, |
| 219 | }); |
| 220 | deferred.reject(err); |
| 221 | } |
| 222 | return deferred.promise; |
| 223 | }, |
| 224 | |
| 225 | signup(appId, document, accessList, isMasterKey, encryption_key) { |
| 226 | const deferred = q.defer(); |
nothing calls this directly
no test coverage detected