Add login and password change to users plugin. (#200)

u-wave · Feb 15, 2018 · 968f7ed · 968f7ed
1 parent 5c2faab
commit 968f7ed
Show file tree

Hide file tree

Showing 5 changed files with 80 additions and 1 deletion.
diff --git a/src/errors/NotFoundError.js b/src/errors/NotFoundError.js
@@ -1,6 +1,7 @@
 import UwaveError from './UwaveError';
 
 export default class NotFoundError extends UwaveError {
+  public = true;
   name = 'NotFoundError';
   code = 'NOT_FOUND';
 }
diff --git a/src/errors/PasswordError.js b/src/errors/PasswordError.js
@@ -0,0 +1,7 @@
+import UwaveError from './UwaveError';
+
+export default class PasswordError extends UwaveError {
+  public = true;
+  name = 'PasswordError';
+  code = 'INCORRECT_PASSWORD';
+}
diff --git a/src/errors/UwaveError.js b/src/errors/UwaveError.js
@@ -1,4 +1,16 @@
 export default class UwaveError extends Error {
+  /**
+   * Whether this error message should be shown to users.
+   */
+  public = false;
+
+  /**
+   * Name.
+   */
   name = 'UwaveError';
+
+  /**
+   * Flag this as a custom error class.
+   */
   isUwaveError = true;
 }
diff --git a/src/models/User.js b/src/models/User.js
@@ -75,6 +75,10 @@ export default function userModel() {
         return uw.acl.disallow(this, permissions);
       }
 
+      updatePassword(password: string): Promise {
+        return uw.users.updatePassword(this, password);
+      }
+
       getPlaylists(): Promise<Array> {
         return uw.playlists.getUserPlaylists(this);
       }

diff --git a/src/plugins/users.js b/src/plugins/users.js
@@ -1,6 +1,8 @@
 import * as bcrypt from 'bcryptjs';
 import createDebug from 'debug';
 import Page from '../Page';
+import NotFoundError from '../errors/NotFoundError';
+import PasswordError from '../errors/PasswordError';
 
 const debug = createDebug('uwave:users');
 
@@ -51,6 +53,41 @@ export class UsersRepository {
     return User.findById(id);
   }
 
+  login({ type, ...params }) {
+    if (type === 'local') {
+      return this.localLogin(params);
+    }
+    return this.socialLogin(type, params);
+  }
+
+  async localLogin({ email, password }) {
+    const Authentication = this.uw.model('Authentication');
+
+    const auth = await Authentication.findOne({
+      email: email.toLowerCase(),
+    }).populate('user').exec();
+    if (!auth) {
+      throw new NotFoundError('No user was found with that email address.');
+    }
+
+    const correct = await bcrypt.compare(password, auth.hash);
+    if (!correct) {
+      throw new PasswordError('That password is incorrect.');
+    }
+
+    return auth.user;
+  }
+
+  async socialLogin(type, { profile }) {
+    const user = {
+      type,
+      id: profile.id,
+      username: profile.displayName,
+      avatar: profile.photos.length > 0 ? profile.photos[0].value : null,
+    };
+    return this.uw.users.findOrCreateSocialUser(user);
+  }
+
   async findOrCreateSocialUser({
     type,
     id,
@@ -151,9 +188,27 @@ export class UsersRepository {
     return user;
   }
 
+  async updatePassword(id, password) {
+    const Authentication = this.uw.model('Authentication');
+
+    const user = await this.getUser(id);
+    if (!user) throw new NotFoundError('User not found.');
+
+    const hash = await encryptPassword(password);
+
+    const auth = await Authentication.findOneAndUpdate({
+      type: 'local',
+      user: user.id,
+    }, { hash });
+
+    if (!auth) {
+      throw new NotFoundError('No user was found with that email address.');
+    }
+  }
+
   async updateUser(id, update = {}, opts = {}) {
     const user = await this.getUser(id);
-    if (!user) throw new Error('User not found.');
+    if (!user) throw new NotFoundError('User not found.');
 
     debug('update user', user.id, user.username, update);