function* (next) {
const body = this.request.body;
let user = (yield User
.detail({
'credentials': {
$elemMatch: {
method: body.method,
account: body.account,
secret: md5(`${config.CRYPT.SALT}-${body.secret}+${config.CRYPT.SALT}`)
}
}
}))[0];
if (!user) {
throw new Exception(E.AUTH.NO_USER_PASSWORD);
}
user = yield User
.findOne({
_id: user._id,
})
.exec();
let scope = {};
const app = yield Application
.findOne({ user })
.lean()
.exec();
if (app) {
scope = {
scopeId: app._id.toString(),
scopeName: app.name
};
}
const index = _.findIndex(user.credentials, {
method: body.method,
account: body.account,
});
user.credentials[index].secret = md5(`${config.CRYPT.SALT}-${body.newSecret}+${config.CRYPT.SALT}`);
yield user.save();
const filteredUser = filterUser(user, scope);
this.resolve({
user: filteredUser
});
yield next;
}
module.exports = function(params, secret) {
let paramArray = [];
const keys = Object.keys(params).sort();
for (const key of keys) {
paramArray.push(`${key}=${String(params[key])}`);
}
const paramString = paramArray.join('&') + secret;
return encrypt.md5(paramString);
}