rudeshark.net/src/server/api/endpoints/i/2fa/unregister.ts

/**
 * Module dependencies
 */
import $ from 'cafy';
import * as bcrypt from 'bcryptjs';
import User from '../../../models/user';

module.exports = async (params, user) => new Promise(async (res, rej) => {
	// Get 'password' parameter
	const [password, passwordErr] = $(params.password).string().$;
	if (passwordErr) return rej('invalid password param');

	// Compare password
	const same = await bcrypt.compare(password, user.account.password);

	if (!same) {
		return rej('incorrect password');
	}

	await User.update(user._id, {
		$set: {
			'account.twoFactorSecret': null,
			'account.twoFactorEnabled': false
		}
	});

	res();
});
#973 2017-12-09 18:45:32 +01:00			`/**`
			`* Module dependencies`
			`*/`
			`import $ from 'cafy';`
			`import * as bcrypt from 'bcryptjs';`
			`import User from '../../../models/user';`

			`module.exports = async (params, user) => new Promise(async (res, rej) => {`
			`// Get 'password' parameter`
			`const [password, passwordErr] = $(params.password).string().$;`
			`if (passwordErr) return rej('invalid password param');`

			`// Compare password`
Introduce account document to user document An account document is attached to a user document if an account of the user is on the server. It may be missing if the user is on a remote server. 2018-03-25 17:19:07 +02:00			`const same = await bcrypt.compare(password, user.account.password);`
#973 2017-12-09 18:45:32 +01:00
			`if (!same) {`
			`return rej('incorrect password');`
			`}`

			`await User.update(user._id, {`
			`$set: {`
Resolve conflicts 2018-03-29 07:48:47 +02:00			`'account.twoFactorSecret': null,`
			`'account.twoFactorEnabled': false`
#973 2017-12-09 18:45:32 +01:00			`}`
			`});`

			`res();`
			`});`