generated from lucien/api-template
add: added password changer into admin zone on user page
This commit is contained in:
parent
ca9642ec27
commit
44e7e3c37f
2 changed files with 61 additions and 5 deletions
|
|
@ -7,6 +7,7 @@ const {
|
||||||
getMentions,
|
getMentions,
|
||||||
deleteUser,
|
deleteUser,
|
||||||
setUserPfp,
|
setUserPfp,
|
||||||
|
setUserPassword,
|
||||||
getMessageAttachments,
|
getMessageAttachments,
|
||||||
getUnusedAttachments,
|
getUnusedAttachments,
|
||||||
deleteUnusedAttachments,
|
deleteUnusedAttachments,
|
||||||
|
|
@ -14,6 +15,7 @@ const {
|
||||||
} = require('../libs/mysql');
|
} = require('../libs/mysql');
|
||||||
const { checkAuth } = require("../libs/middlewares")
|
const { checkAuth } = require("../libs/middlewares")
|
||||||
const path = require('path');
|
const path = require('path');
|
||||||
|
const sha256 = require("sha256");
|
||||||
const fs = require('node:fs');
|
const fs = require('node:fs');
|
||||||
|
|
||||||
const router = express.Router();
|
const router = express.Router();
|
||||||
|
|
@ -160,4 +162,31 @@ router.post('/:username/deletepfp', checkAuth, async (req, res) => {
|
||||||
res.send({ message: 'User pfp deleted' });
|
res.send({ message: 'User pfp deleted' });
|
||||||
});
|
});
|
||||||
|
|
||||||
|
router.post('/:username/setpassword', checkAuth, async (req, res) => {
|
||||||
|
const username = req.params.username;
|
||||||
|
const { password } = req.body;
|
||||||
|
const user = req.user;
|
||||||
|
|
||||||
|
if (user.admin !== 1) {
|
||||||
|
return res.status(401).send({ error: 'Unauthorized' });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!password) {
|
||||||
|
return res.status(400).send({ error: 'Invalid password' });
|
||||||
|
}
|
||||||
|
|
||||||
|
const connection = await getConnection();
|
||||||
|
const userToUpdate = await getUserByUsername(connection, username);
|
||||||
|
|
||||||
|
if (!userToUpdate[0]) {
|
||||||
|
connection.end();
|
||||||
|
return res.status(400).send({ error: 'No user found' });
|
||||||
|
}
|
||||||
|
|
||||||
|
await setUserPassword(connection, userToUpdate[0].id, sha256(password));
|
||||||
|
connection.end();
|
||||||
|
|
||||||
|
res.send({ message: 'User password updated' });
|
||||||
|
});
|
||||||
|
|
||||||
module.exports = router;
|
module.exports = router;
|
||||||
|
|
@ -15,6 +15,7 @@ export default function UserPage({socket}: {socket: WebSocket}) {
|
||||||
const [user, setUser] = useState<User>();
|
const [user, setUser] = useState<User>();
|
||||||
const [noUser, setNoUser] = useState<boolean>(false);
|
const [noUser, setNoUser] = useState<boolean>(false);
|
||||||
const [token, setToken] = useState<string>("");
|
const [token, setToken] = useState<string>("");
|
||||||
|
const [password, setPassword] = useState<string>("");
|
||||||
|
|
||||||
function deleteUser() {
|
function deleteUser() {
|
||||||
if (!window.confirm(`Are you sure you want to delete ${pageUser?.username}?`)) {
|
if (!window.confirm(`Are you sure you want to delete ${pageUser?.username}?`)) {
|
||||||
|
|
@ -44,6 +45,21 @@ export default function UserPage({socket}: {socket: WebSocket}) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function setUserPassword(e: React.FormEvent<HTMLFormElement>) {
|
||||||
|
e.preventDefault();
|
||||||
|
if (!window.confirm("Are you sure you want to change this user's password?")) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
axios
|
||||||
|
.post(`/api/users/${pageUser?.username}/setpassword`, { token, password })
|
||||||
|
.then(() => {
|
||||||
|
setPassword("");
|
||||||
|
})
|
||||||
|
.catch((err) => {
|
||||||
|
console.error(err.response.data);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
const localToken = localStorage.getItem("token");
|
const localToken = localStorage.getItem("token");
|
||||||
|
|
||||||
|
|
@ -134,17 +150,28 @@ export default function UserPage({socket}: {socket: WebSocket}) {
|
||||||
{pageUser.id === user?.id && (
|
{pageUser.id === user?.id && (
|
||||||
<Link to="/edit-profile">Edit profile</Link>
|
<Link to="/edit-profile">Edit profile</Link>
|
||||||
)}
|
)}
|
||||||
{user?.admin == 1 && (
|
</div>
|
||||||
|
{user?.admin == 1 && (
|
||||||
|
<div className="forum-section">
|
||||||
|
<h2>Admin Actions</h2>
|
||||||
<button onClick={deleteUser} className="forum-button">
|
<button onClick={deleteUser} className="forum-button">
|
||||||
Delete user
|
Delete user
|
||||||
</button>
|
</button>
|
||||||
)}
|
|
||||||
{user?.admin == 1 && (
|
|
||||||
<button onClick={deleteUserPfp} className="forum-button">
|
<button onClick={deleteUserPfp} className="forum-button">
|
||||||
Delete profile picture
|
Delete profile picture
|
||||||
</button>
|
</button>
|
||||||
)}
|
<form onSubmit={setUserPassword} className="form-horizontal">
|
||||||
</div>
|
<input
|
||||||
|
type="password"
|
||||||
|
value={password}
|
||||||
|
onChange={(e) => setPassword(e.target.value)}
|
||||||
|
placeholder="New password"
|
||||||
|
className="forum-input"
|
||||||
|
/>
|
||||||
|
<button type="submit" className="forum-button">Set Password</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
<div className="forum-section">
|
<div className="forum-section">
|
||||||
<h2>Last messages</h2>
|
<h2>Last messages</h2>
|
||||||
<div className="messages-list">
|
<div className="messages-list">
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue