feat(server): add check if password had binded (#951)

labring · Mar 24, 2023 · c6b7ebc · c6b7ebc
1 parent 46d0cce
commit c6b7ebc
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 10 deletions.
diff --git a/server/src/auth/dto/passwd-check.dto.ts b/server/src/auth/dto/passwd-check.dto.ts
@@ -0,0 +1,13 @@
+import { ApiProperty } from '@nestjs/swagger'
+import { IsNotEmpty, IsString, Length } from 'class-validator'
+
+export class PasswdCheckDto {
+  @ApiProperty({
+    description: 'username | phone | email',
+    example: 'laf-user | 13805718888 | laf-user@laf.com',
+  })
+  @IsString()
+  @IsNotEmpty()
+  @Length(3, 64)
+  username: string
+}
diff --git a/server/src/auth/user-passwd/user-password.controller.ts b/server/src/auth/user-passwd/user-password.controller.ts
@@ -9,8 +9,7 @@ import { PasswdSigninDto } from '../dto/passwd-signin.dto'
 import { AuthBindingType, AuthProviderBinding } from '../types'
 import { SmsService } from '../phone/sms.service'
 import { PasswdResetDto } from '../dto/passwd-reset.dto'
-import { IRequest } from 'src/utils/interface'
-import { PASSWORD_AUTH_PROVIDER_NAME } from 'src/constants'
+import { PasswdCheckDto } from '../dto/passwd-check.dto'
 
 @ApiTags('Authentication - New')
 @Controller('auth')
@@ -102,20 +101,45 @@ export class UserPasswordController {
   @ApiOperation({ summary: 'Reset password' })
   @ApiResponse({ type: ResponseUtil })
   @Post('passwd/reset')
-  async reset(@Body() dto: PasswdResetDto, @Req() req: IRequest) {
+  async reset(@Body() dto: PasswdResetDto) {
     // valid phone code
     const { phone, code, type } = dto
     let err = await this.smsService.validCode(phone, code, type)
     if (err) {
       return ResponseUtil.error(err)
     }
 
+    // find user by phone
+    const user = await this.userService.findByPhone(phone)
+    if (!user) {
+      return ResponseUtil.error('user not found')
+    }
+
     // reset password
-    err = await this.passwdService.resetPasswd(req.user.id, dto.password)
+    err = await this.passwdService.resetPasswd(user.id, dto.password)
     if (err) {
       return ResponseUtil.error(err)
     }
 
     return ResponseUtil.ok('success')
   }
+
+  /**
+   * Check if user-password is set
+   */
+  @ApiOperation({ summary: 'Check if user-password is set' })
+  @ApiResponse({ type: ResponseUtil })
+  @Post('passwd/check')
+  async check(@Body() dto: PasswdCheckDto) {
+    const { username } = dto
+    // check if user exists
+    const user = await this.userService.find(username)
+    if (!user) {
+      return ResponseUtil.error('user not found')
+    }
+    // find if set password
+    const hasPasswd = await this.passwdService.hasPasswd(user.id)
+
+    return ResponseUtil.ok(hasPasswd)
+  }
 }
diff --git a/server/src/auth/user-passwd/user-password.service.ts b/server/src/auth/user-passwd/user-password.service.ts
@@ -66,6 +66,12 @@ export class UserPasswordService {
   async resetPasswd(uid: string, passwd: string) {
     // start transaction
     const update = await this.prisma.$transaction(async (tx) => {
+      // disable old password
+      await tx.userPassword.updateMany({
+        where: { uid },
+        data: { state: UserPasswordState.Inactive },
+      })
+
       // create new password
       const np = await tx.userPassword.create({
         data: {
@@ -75,12 +81,6 @@ export class UserPasswordService {
         },
       })
 
-      // disable old password
-      await tx.userPassword.updateMany({
-        where: { uid },
-        data: { state: UserPasswordState.Inactive },
-      })
-
       return np
     })
     if (!update) {
@@ -89,4 +89,12 @@ export class UserPasswordService {
 
     return null
   }
+
+  // check if set password
+  async hasPasswd(uid: string) {
+    const userPasswd = await this.prisma.userPassword.findFirst({
+      where: { uid, state: UserPasswordState.Active },
+    })
+    return userPasswd ? true : false // true means has password
+  }
 }