Change /user/:id/verifyPassword back to a GET, allow email+username as ids as well

This commit is contained in:
Colin McDonald 2016-06-17 20:47:59 -04:00
parent 22f3b3dd72
commit 9054974f55
3 changed files with 15 additions and 3 deletions

View File

@ -304,7 +304,7 @@ public final class APIv3 extends AbstractVerticle {
mainRouter.get("/user/:id/meta/:serverGroup").blockingHandler(new GETUserMeta(), false);
mainRouter.get("/user/:id/permissions").blockingHandler(new GETUserPermissions(), false);
mainRouter.get("/user/:id/requiresTOTP").blockingHandler(new GETUserRequiresTOTP(), false);
mainRouter.post("/user/:id/verifyPassword").blockingHandler(new POSTUserVerifyPassword(), false);
mainRouter.get("/user/:id/verifyPassword").blockingHandler(new GETUserVerifyPassword(), false);
mainRouter.post("/user/confirmRegister/:emailToken").blockingHandler(new POSTUserConfirmRegister(), false);
mainRouter.post("/user/:id/leave").handler(new POSTUserLeave());
mainRouter.post("/user/:id/login").blockingHandler(new POSTUserLogin());

View File

@ -70,6 +70,10 @@ public final class User {
}
}
public static User findByEmailSync(String email) {
return SyncUtils.blockOne(usersCollection.find(new Document("email", email)));
}
public static User findByEmailTokenSync(String emailToken) {
return SyncUtils.blockOne(usersCollection.find(new Document("emailToken", emailToken)));
}

View File

@ -7,11 +7,19 @@ import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.util.ErrorUtils;
public final class POSTUserVerifyPassword implements Handler<RoutingContext> {
public final class GETUserVerifyPassword implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
User user = User.findByIdSync(ctx.request().getParam("id"));
if (user == null) {
user = User.findByLastUsernameSync(ctx.request().getParam("id"));
}
if (user == null) {
user = User.findByEmailSync(ctx.request().getParam("id"));
}
if (user == null) {
ErrorUtils.respondNotFound(ctx, "User", ctx.request().getParam("id"));
return;
@ -22,7 +30,7 @@ public final class POSTUserVerifyPassword implements Handler<RoutingContext> {
return;
}
boolean authorized = user.checkPassword(ctx.getBodyAsJson().getString("password"));
boolean authorized = user.checkPassword(ctx.request().getParam("password"));
APIv3.respondJson(ctx, ImmutableMap.of(
"authorized", authorized