Verify the old Password

Call a special login function, that does not use the current session and ignores the intercept which would log out the user on a bad old password. This special login function, testPassword(), calls /login with the old password, a success verifies the password is correct. Tested: Changed the user password on a Witherspoon and verified an incorrect old password does not change the password. Signed-off-by: Gunnar Mills <gmills@us.ibm.com> Change-Id: I65f6a6aa6dbc5d849e962b6c24a09e3ac0f6cf58
author: Gunnar Mills <gmills@us.ibm.com> 2018-03-16 15:52:54 -0500
committer: Brad Bishop <bradleyb@fuzziesquirrel.com> 2018-03-23 19:57:12 +0000
commit: 32581cf487e9df5f5fce9ecbcc9edcdd0565b444 (patch)
tree: 077b790d9f410938f8c5331f9f5ce0631c1b63c7 /app/common/services/api-utils.js
parent: d50c76909b699aa5cdd2f5b48de3ebf4003eb9b0 (diff)
download: phosphor-webui-32581cf487e9df5f5fce9ecbcc9edcdd0565b444.tar.gz
phosphor-webui-32581cf487e9df5f5fce9ecbcc9edcdd0565b444.zip
1 files changed, 25 insertions, 0 deletions
diff --git a/app/common/services/api-utils.js b/app/common/services/api-utils.js
index 73fe5a4..c8a7969 100644
--- a/app/common/services/api-utils.js
+++ b/app/common/services/api-utils.js
@@ -189,6 +189,31 @@ window.angular && (function (angular) {
                   console.log(error);
                 });
               },
+              testPassword: function(username, password){
+                // Calls /login without the current session to verify the given password is correct
+                // ignore the interceptor logout on a bad password
+                DataService.ignoreHttpError = true;
+                var deferred = $q.defer();
+                $http({
+                  method: 'POST',
+                  url: DataService.getHost() + "/login",
+                  headers: {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json'
+                  },
+                  withCredentials: false,
+                  data: JSON.stringify({"data": [username, password]})
+                }).then(function(response){
+                  var json = JSON.stringify(response.data);
+                  var content = JSON.parse(json);
+                  DataService.ignoreHttpError = false;
+                  deferred.resolve(content.data);
+                }, function(error){
+                  DataService.ignoreHttpError = false;
+                  deferred.reject(error);
+                });
+                return deferred.promise;
+              },
               logout: function(callback){
                 $http({
                   method: 'POST',
author	Gunnar Mills <gmills@us.ibm.com>	2018-03-16 15:52:54 -0500
committer	Brad Bishop <bradleyb@fuzziesquirrel.com>	2018-03-23 19:57:12 +0000
commit	32581cf487e9df5f5fce9ecbcc9edcdd0565b444 (patch)
tree	077b790d9f410938f8c5331f9f5ce0631c1b63c7 /app/common/services/api-utils.js
parent	d50c76909b699aa5cdd2f5b48de3ebf4003eb9b0 (diff)
download	phosphor-webui-32581cf487e9df5f5fce9ecbcc9edcdd0565b444.tar.gz phosphor-webui-32581cf487e9df5f5fce9ecbcc9edcdd0565b444.zip