patrickjieraldjuan
/
csp2-juan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated resetPassword controller to check if old password = new password

Browse Source
master
Patrick Jierald Francisco Juan 10 months ago
parent 7af8572672
commit 0f1e3affba
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File

14
controllers/userControllers.js
Unescape Escape View File

@ -146,8 +146,18 @@ module.exports.resetPassword = async (req, res) => {
// Get user ID from the JWT token passed in the authorization headers // Get user ID from the JWT token passed in the authorization headers
const userId = req.user.id; const userId = req.user.id;
// Get the new password from the request body // Get the old and new passwords from the request body
const { newPassword } = req.body; const { oldPassword, newPassword } = req.body;
// Fetch the user from the database
const user = await User.findById(userId);
// Check if the old password is equal to the new password
const isOldPasswordEqual = await bcrypt.compare(oldPassword, user.password);
if (isOldPasswordEqual) {
return res.status(400).json({ error: "Old password should not be equal to the new password." });
}
// Hash the new password // Hash the new password
const hashedPassword = await bcrypt.hash(newPassword, 10); const hashedPassword = await bcrypt.hash(newPassword, 10);

Write Preview
Loading…
Cancel
Save