Open d0peCode opened 5 years ago
This PR contains following:
email
router.post('/resetStart', auth(), userController.reset.sendMail)
router.get('/resetConfirm', userController.reset.updatePass)
router.put('/update', validator(update), auth(), userController.update)
*With security in mind I don't allow to update every field. I've created validation with Joi which allow only password and name change. However it can be easily configure by other developer to his own need.
Joi
password
name
This PR contains following:
emailand send mail with randomly generated password.router.post('/resetStart', auth(), userController.reset.sendMail)send emailrouter.get('/resetConfirm', userController.reset.updatePass)(entered from link in mail) confirm password changerouter.put('/update', validator(update), auth(), userController.update)*With security in mind I don't allow to update every field. I've created validation with
Joiwhich allow onlypasswordandnamechange. However it can be easily configure by other developer to his own need.