From 32581cf487e9df5f5fce9ecbcc9edcdd0565b444 Mon Sep 17 00:00:00 2001 From: Gunnar Mills Date: Fri, 16 Mar 2018 15:52:54 -0500 Subject: Verify the old Password Call a special login function, that does not use the current session and ignores the intercept which would log out the user on a bad old password. This special login function, testPassword(), calls /login with the old password, a success verifies the password is correct. Tested: Changed the user password on a Witherspoon and verified an incorrect old password does not change the password. Signed-off-by: Gunnar Mills Change-Id: I65f6a6aa6dbc5d849e962b6c24a09e3ac0f6cf58 --- app/common/services/api-utils.js | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'app/common/services/api-utils.js') diff --git a/app/common/services/api-utils.js b/app/common/services/api-utils.js index 73fe5a4..c8a7969 100644 --- a/app/common/services/api-utils.js +++ b/app/common/services/api-utils.js @@ -189,6 +189,31 @@ window.angular && (function (angular) { console.log(error); }); }, + testPassword: function(username, password){ + // Calls /login without the current session to verify the given password is correct + // ignore the interceptor logout on a bad password + DataService.ignoreHttpError = true; + var deferred = $q.defer(); + $http({ + method: 'POST', + url: DataService.getHost() + "/login", + headers: { + 'Accept': 'application/json', + 'Content-Type': 'application/json' + }, + withCredentials: false, + data: JSON.stringify({"data": [username, password]}) + }).then(function(response){ + var json = JSON.stringify(response.data); + var content = JSON.parse(json); + DataService.ignoreHttpError = false; + deferred.resolve(content.data); + }, function(error){ + DataService.ignoreHttpError = false; + deferred.reject(error); + }); + return deferred.promise; + }, logout: function(callback){ $http({ method: 'POST', -- cgit v1.2.1