diff --git a/login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.cpp b/login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.cpp index 804d06987..afcfca929 100644 --- a/login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.cpp +++ b/login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.cpp @@ -149,7 +149,44 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params) if (str_val.size() > 0) { + std::string old_password; + auto old_password_obj = updates->get("User.password_old"); + if (old_password_obj.isEmpty()) { + jsonErrorsArray.add("User.password_old not found"); + } + else if (!old_password_obj.isString()) { + jsonErrorsArray.add("User.password_old isn't a string"); + } + else { + old_password_obj.convert(old_password); + } + + bool old_password_valid = false; NotificationList errors; + if (old_password.size()) { + if (!sm->checkPwdValidation(old_password, &errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) { + jsonErrorsArray.add("User.password_old didn't match"); + Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime); + } + else { + auto result = user->login(old_password); + if (result == 1) { + old_password_valid = true; + } + else if (result == -3) { + jsonErrorsArray.add("Password calculation for this user already running, please try again later"); + } + else { + jsonErrorsArray.add("User.password_old didn't match"); + } + + if (result == 2) { + Poco::Thread::sleep(ServerConfig::g_FakeLoginSleepTime); + } + } + + } + if (!sm->checkPwdValidation(value.toString(), &errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) { jsonErrorsArray.add("User.password isn't valid"); jsonErrorsArray.add(errors.getErrorsArray()); @@ -170,6 +207,8 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params) } + + } } }