clientConn.queryAsync("SELECT * from "+pschemaName+".tbusersecurity WHERE username = $1", [userName]).then(function(result)
{
var passwordList = "";
var passObj = null;
if(result && result.rows && result.rows.length > 0)
{
// Make sure the password is correct
bcrypt.compareAsync(password, result.rows[0].password).then(function(isMatch)
{
if(!isMatch)
{
res.json({message:"Error : Username or password not found"});
}
else
{
res.json({message:"Success : Login successfull"});
}
});
}
else
{
console.log("Username or password not found");
logger.debug("UserControl login : Username or password not found = " + userName);
res.json({message:"Username or password not found"});
}
}).catch(function(err)
.then(function(model) {
console.log("Model: ", model);
if (model) {
bcrypt.compareAsync(password, model.get('password')).then(function(exists){
console.log('response from bcrypt: ', exists);
if (exists) {
req.session.regenerate(function() {
req.session.user = model;
res.redirect('/');
});
} else {
res.end("Wrong password.");
}
});
} else {
res.end("User does not exist.");
}
});
validPassword: function(password, user) {
return bcrypt.compareAsync(password, user.local.password);
},
function isPasswordValid(password, user) {
'use strict';
return bcrypt.compareAsync(password, user.pass);
}
clientConn.queryAsync("SELECT * from "+pschemaName+".tbusersecurity WHERE username = $1", [retUserName]).then(function(result)
{
var passwordList = "";
var passObj = null;
if(result && result.rows && result.rows.length > 0)
{
// Make sure the password is correct
bcrypt.compareAsync(retPassword, result.rows[0].password).then(function(isMatch)
{
if(!isMatch)
{
// at least one number, one lowercase and one uppercase letter
// at least six characters
logger.debug("UserControl newPassword : Password is not valid");
res.json({message:"Error : Password is not valid"});
res.end();
}
else if(!ValidatePassword(retNewPassword))
{
logger.debug("UserControl newPassword : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase");
res.json({message:"Error : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase"});
res.end();
}
else
{
logger.debug("UserControl new password : Update new password.");
bcrypt.genSaltAsync(5).then(function(salt)
{
bcrypt.hashAsync(retNewPassword, salt, null).then(function(hash)
{
return hash;
}).then(function(retHashPwd)
{
//Check if password is from last 5 password list.
if(result && result.rows && result.rows.length > 0)
{
//get the json data from database.
passwordList = result.rows[0].oldpasswords.oldpasswords.slice();
//Verify if the new password is used in last 5 password list.
VerifyPassword(0, retNewPassword, passwordList, false, function(err, isMatch)
{
if(err)
{
console.log("Error while updating the password " + err);
logger.debug("Error while updating the password " + err);
res.json({message:"Error : Error while updating the password " + err});
}
else
{
if(isMatch)
{
console.log("New password was set earlier. Password should not be from last 5 passwords");
logger.debug("changePasswordRegister : Error : New password was set earlier. Password should not be from last 5 passwords");
res.json({message:"Error : New password was set earlier. Password should not be from last 5 passwords"});
}
else
{
if(passwordList != null)
{
try
{
//Push the new password at zeroth position.
passwordList.splice(0,0,retHashPwd);
var updatedPassword = '******' + JSON.stringify(passwordList) + '}';
clientConn.queryAsync("UPDATE "+pschemaName+".tbusersecurity SET password=$1, oldpasswords=$2 WHERE userid = $3 RETURNING userid", [retHashPwd, JSON.parse(updatedPassword), result.rows[0].userid]).then(function(result){
if(result && result.rows && result.rows.length>0)
{
logger.debug("CreateCollectionsAndRecord : Password updated successfully");
res.json({message:"Password updated successfully..!!"});
}
else
{
console.log("Error while updating password");
logger.debug("changePasswordRegister : Error : while updating the password");
res.json({message:"Error : while updating the password"});
}
clientConn.end();
}).catch(function(err)
{
clientConn.end();
console.log("Error while updating password" + err);
logger.debug("changePasswordRegister : Error : while updating the password" + err);
res.json({message:"Error : while updating the password"});
});
}
catch(err)
{
console.log("Error while updating password" + err);
logger.debug("changePasswordRegister : Error : while updating the password" + err);
res.json({message:"Error : while updating the password"});
}
}
else
{
console.log("Error while updating password");
logger.debug("changePasswordRegister : Error : while updating the password");
res.json({message:"Error : while updating the password"});
}
}
}
});
}
});
});
}
}).catch(function(err)
{
console.log("error in password hashing");
logger.debug("UserControl newPassword : Password is not valid");
res.json({message:"Error : Password is not valid"});
});
}
else
{
console.log("Username does not exists");
logger.debug("UserControl changePasswordRegister : Username does not exists = " + retUserName);
res.json({message:"Error : Username does not exists"});
return null;
}
}).catch(function(err)
userSecurity.findOne({ userName: retUserName}).then(function (user) {
if(!user)
{
console.log("Username does not exists");
logger.debug("UserControl changePasswordRegister : Username does not exists = " + retUserName);
res.json({message:"Error : Username does not exists"});
return null;
}
else
{
// Make sure the password is correct
bcrypt.compareAsync(retPassword, user.password).then(function(isMatch)
{
if(!isMatch)
{
// at least one number, one lowercase and one uppercase letter
// at least six characters
logger.debug("UserControl newPassword : Password is not valid");
res.json({message:"Error : Password is not valid"});
res.end();
}
else if(!ValidatePassword(retNewPassword))
{
logger.debug("UserControl newPassword : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase");
res.json({message:"Error : Password should have min 6 and max 10 characters, one number, one lowercase and one uppercase"});
res.end();
}
else
{
logger.debug("UserControl new password : Update new password.");
var secreateInfo = new userSecurity();
bcrypt.genSaltAsync(5).then(function(salt)
{
bcrypt.hashAsync(retNewPassword, salt, null).then(function(hash)
{
return hash;
}).then(function(retHashPwd)
{
var isLast5Password = false;
var pwdCount = 0;
//Check if password is from last 5 password list.
if(user.oldPasswords && user.oldPasswords.length > 0)
{
for(var cnt=0;cnt<user.oldPasswords.length;cnt++)
{
if(pwdCount<5)
{
var previousPwd = user.oldPasswords[cnt].password;
if(previousPwd == retHashPwd)
{
isLast5Password = true;
}
pwdCount++;
}
else
break;
}
}
if(isLast5Password)
{
console.log("New password was set earlier. Password should not be from last 5 passwords");
logger.debug("changePasswordRegister : Error : New password was set earlier. Password should not be from last 5 passwords");
res.json({message:"Error : New password was set earlier. Password should not be from last 5 passwords"});
}
else
{
secreateInfo.updateAsync({userId:user.userId},{$pushAll:{oldPasswords:[{password:retHashPwd}]},$set:{password:retHashPwd}},{ upsert: true },{customIdCondition: true}).then(function(updateStatus){
logger.debug("CreateCollectionsAndRecord : Password updated successfully");
res.json({message:"Password updated successfully..!!"});
}).catch(function(err)
{
console.log("Error while updating password" + err);
logger.debug("changePasswordRegister : Error : while updating the password" + err);
res.json({message:"Error : while updating the password"});
});
}
});
}).catch(function(err)
{
console.log("error in password hashing");
logger.debug("UserControl newPassword : Password is not valid");
res.json({message:"Error : Password is not valid"});
});
}
}).catch(function(err)
{
console.log("Username or password is not valid");
logger.debug("UserControl newPassword : Username or password is not valid");
res.json({message:"Error : Username or password is not valid"});
});
}
}).catch(function(err)