Updated controller for resetPassword to check if uqual to old password

master
parent 0f1e3affba
commit 6bf9b83f7e

@ -146,18 +146,18 @@ module.exports.resetPassword = async (req, res) => {
// Get user ID from the JWT token passed in the authorization headers
const userId = req.user.id;
// Get the old and new passwords from the request body
const { oldPassword, newPassword } = req.body;
// Get the new password from the request body
const { newPassword } = req.body;
// Fetch the user from the database
const user = await User.findById(userId);
User.findOne({email : req.user.email}).then(result =>
// Check if the old password is equal to the new password
const isOldPasswordEqual = await bcrypt.compare(oldPassword, user.password);
const isPasswordEqualtoOld = bcrypt.compareSync(newPassword, result.password);
if (isOldPasswordEqual) {
return res.status(400).json({ error: "Old password should not be equal to the new password." });
}
if(isPasswordEqualtoOld){
return response.send({message: "New password should not be same with old password"});
}
// Hash the new password
const hashedPassword = await bcrypt.hash(newPassword, 10);

Loading…
Cancel
Save