generated from lucien/api-template
add: added password changer into admin zone on user page
This commit is contained in:
parent
ca9642ec27
commit
44e7e3c37f
2 changed files with 61 additions and 5 deletions
|
|
@ -7,6 +7,7 @@ const {
|
|||
getMentions,
|
||||
deleteUser,
|
||||
setUserPfp,
|
||||
setUserPassword,
|
||||
getMessageAttachments,
|
||||
getUnusedAttachments,
|
||||
deleteUnusedAttachments,
|
||||
|
|
@ -14,6 +15,7 @@ const {
|
|||
} = require('../libs/mysql');
|
||||
const { checkAuth } = require("../libs/middlewares")
|
||||
const path = require('path');
|
||||
const sha256 = require("sha256");
|
||||
const fs = require('node:fs');
|
||||
|
||||
const router = express.Router();
|
||||
|
|
@ -160,4 +162,31 @@ router.post('/:username/deletepfp', checkAuth, async (req, res) => {
|
|||
res.send({ message: 'User pfp deleted' });
|
||||
});
|
||||
|
||||
router.post('/:username/setpassword', checkAuth, async (req, res) => {
|
||||
const username = req.params.username;
|
||||
const { password } = req.body;
|
||||
const user = req.user;
|
||||
|
||||
if (user.admin !== 1) {
|
||||
return res.status(401).send({ error: 'Unauthorized' });
|
||||
}
|
||||
|
||||
if (!password) {
|
||||
return res.status(400).send({ error: 'Invalid password' });
|
||||
}
|
||||
|
||||
const connection = await getConnection();
|
||||
const userToUpdate = await getUserByUsername(connection, username);
|
||||
|
||||
if (!userToUpdate[0]) {
|
||||
connection.end();
|
||||
return res.status(400).send({ error: 'No user found' });
|
||||
}
|
||||
|
||||
await setUserPassword(connection, userToUpdate[0].id, sha256(password));
|
||||
connection.end();
|
||||
|
||||
res.send({ message: 'User password updated' });
|
||||
});
|
||||
|
||||
module.exports = router;
|
||||
|
|
@ -15,6 +15,7 @@ export default function UserPage({socket}: {socket: WebSocket}) {
|
|||
const [user, setUser] = useState<User>();
|
||||
const [noUser, setNoUser] = useState<boolean>(false);
|
||||
const [token, setToken] = useState<string>("");
|
||||
const [password, setPassword] = useState<string>("");
|
||||
|
||||
function deleteUser() {
|
||||
if (!window.confirm(`Are you sure you want to delete ${pageUser?.username}?`)) {
|
||||
|
|
@ -44,6 +45,21 @@ export default function UserPage({socket}: {socket: WebSocket}) {
|
|||
});
|
||||
}
|
||||
|
||||
function setUserPassword(e: React.FormEvent<HTMLFormElement>) {
|
||||
e.preventDefault();
|
||||
if (!window.confirm("Are you sure you want to change this user's password?")) {
|
||||
return;
|
||||
}
|
||||
axios
|
||||
.post(`/api/users/${pageUser?.username}/setpassword`, { token, password })
|
||||
.then(() => {
|
||||
setPassword("");
|
||||
})
|
||||
.catch((err) => {
|
||||
console.error(err.response.data);
|
||||
});
|
||||
}
|
||||
|
||||
useEffect(() => {
|
||||
const localToken = localStorage.getItem("token");
|
||||
|
||||
|
|
@ -134,17 +150,28 @@ export default function UserPage({socket}: {socket: WebSocket}) {
|
|||
{pageUser.id === user?.id && (
|
||||
<Link to="/edit-profile">Edit profile</Link>
|
||||
)}
|
||||
{user?.admin == 1 && (
|
||||
</div>
|
||||
{user?.admin == 1 && (
|
||||
<div className="forum-section">
|
||||
<h2>Admin Actions</h2>
|
||||
<button onClick={deleteUser} className="forum-button">
|
||||
Delete user
|
||||
</button>
|
||||
)}
|
||||
{user?.admin == 1 && (
|
||||
<button onClick={deleteUserPfp} className="forum-button">
|
||||
Delete profile picture
|
||||
</button>
|
||||
)}
|
||||
</div>
|
||||
<form onSubmit={setUserPassword} className="form-horizontal">
|
||||
<input
|
||||
type="password"
|
||||
value={password}
|
||||
onChange={(e) => setPassword(e.target.value)}
|
||||
placeholder="New password"
|
||||
className="forum-input"
|
||||
/>
|
||||
<button type="submit" className="forum-button">Set Password</button>
|
||||
</form>
|
||||
</div>
|
||||
)}
|
||||
<div className="forum-section">
|
||||
<h2>Last messages</h2>
|
||||
<div className="messages-list">
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue