sub update_password {
my ($self, $user, $old_password, $new_password) = @_;
- if (!$user || $user->{uid}) {
+ if (!$user || !$user->{uid}) {
$self->last_error("INVALID_USER");
return;
}
my $users = $self->app->model('users');
- if ($users->passwords->compare_password($old_password, $user->{passwd})
- || $users->password->_compare_password_compat($old_password, $user->{passwd}, $user->{uid}, 0, 1)) {
- # old password is correct!
+ if ($users->passwords->verify_password(uid => $user->{uid},
+ password => $old_password)) {
+ # old password is correct.
return $self->_update_password($user, $new_password);
}
+ # old password is incorrect!
$self->last_error("INCORRECT_PASSWORD");
return;
}
sub _update_password {
my ($self, $user, $password) = @_;
- if (!$user || $user->{uid}) {
+
+ if (!$user || !$user->{uid}) {
$self->last_error("INVALID_USER");
return;
}
my $user = $c->stash('user');
my $users = $c->model('users');
+
if (!$data->{current_password} || !$data->{new_password}) {
$c->render(json => { error => 1, message => "no_password_given" });
$c->rendered(400);
my $rs = $c->users->update_password($user,
$data->{current_password},
$data->{new_password});
- if (!$rs) {
+ if ($rs) {
$c->render(json => { uid => $user->{uid} });
return;
}
->json_is('/email', $new_address);
diag dumper $t->tx->res->json if !$t->success;
- # チェックコードを書く
+
+ # check if database updated
my $users = $t->app->model('users');
my $params = $users->param->select(uid => $user->{uid});
is($params->{new_email}, $new_address, "insert new address to params table");
ok($delta < 3600, "new_email_ts is updated");
}
+ # check if event emited
+
$test_man->logout;
};
subtest 'update password' => sub {
$test_man->login($user);
+ my $new_password = "foobarhogehoge";
$t->post_ok('/api/v1/user' => {Accept => '*/*'} => json => { type => "password",
current_password => $default_passwd,
- new_password => "foobarhogehoge" })
+ new_password => $new_password })
->status_is(200)
->content_type_like(qr|application/json|)
->json_hasnt('/error')
->json_is('/uid', $user->{uid});
+ diag dumper $t->tx->res->json if !$t->success;
+ # check if database updated
+ my $users = $t->app->model('users');
+ my $updated = $users->select(uid => $user->{uid});
+ my $rs = $users->passwords->compare_password($new_password,
+ $updated->{passwd});
+ ok($rs, "password updated");
- # チェックコードを書く
-
+ # check if event emited
$test_man->logout;
};