diff options
author | Gunnar Mills <gmills@us.ibm.com> | 2018-03-16 15:52:54 -0500 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-03-23 19:57:12 +0000 |
commit | 32581cf487e9df5f5fce9ecbcc9edcdd0565b444 (patch) | |
tree | 077b790d9f410938f8c5331f9f5ce0631c1b63c7 /app/common/services/api-utils.js | |
parent | d50c76909b699aa5cdd2f5b48de3ebf4003eb9b0 (diff) | |
download | phosphor-webui-32581cf487e9df5f5fce9ecbcc9edcdd0565b444.tar.gz phosphor-webui-32581cf487e9df5f5fce9ecbcc9edcdd0565b444.zip |
Verify the old Password
Call a special login function, that does not use the current
session and ignores the intercept which would log out the
user on a bad old password.
This special login function, testPassword(), calls /login with
the old password, a success verifies the password is correct.
Tested: Changed the user password on a Witherspoon and
verified an incorrect old password does not change the password.
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Change-Id: I65f6a6aa6dbc5d849e962b6c24a09e3ac0f6cf58
Diffstat (limited to 'app/common/services/api-utils.js')
-rw-r--r-- | app/common/services/api-utils.js | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/app/common/services/api-utils.js b/app/common/services/api-utils.js index 73fe5a4..c8a7969 100644 --- a/app/common/services/api-utils.js +++ b/app/common/services/api-utils.js @@ -189,6 +189,31 @@ window.angular && (function (angular) { console.log(error); }); }, + testPassword: function(username, password){ + // Calls /login without the current session to verify the given password is correct + // ignore the interceptor logout on a bad password + DataService.ignoreHttpError = true; + var deferred = $q.defer(); + $http({ + method: 'POST', + url: DataService.getHost() + "/login", + headers: { + 'Accept': 'application/json', + 'Content-Type': 'application/json' + }, + withCredentials: false, + data: JSON.stringify({"data": [username, password]}) + }).then(function(response){ + var json = JSON.stringify(response.data); + var content = JSON.parse(json); + DataService.ignoreHttpError = false; + deferred.resolve(content.data); + }, function(error){ + DataService.ignoreHttpError = false; + deferred.reject(error); + }); + return deferred.promise; + }, logout: function(callback){ $http({ method: 'POST', |