Added password changing

Author: Ratstail91

README.md

@@ -43,7 +43,7 @@ There are external components to this template referred to as "microservices". T
 	- ~~login (with cookies)~~
 	- ~~logout (with cookies)~~
 	- ~~account deletion~~
-	- Change passwords
+	- ~~Change passwords~~
 - Administration Panel
 	- ~~Default admin account~~
 	- ~~Exclusive to admin accounts~~

client/components/pages/account.jsx

@@ -13,7 +13,7 @@ const Account = props => {
 	}
 
 	//refs
-	let contactElement;
+	let contactElement, passwordElement, retypeElement;
 
 	//once before render
 	useEffect(() => {
@@ -31,11 +31,24 @@ const Account = props => {
 			<h1 className='centered'>Account</h1>
 			<form className='constricted' onSubmit={async evt => {
 				evt.preventDefault();
-				await update(contactElement.checked);
+				await update(contactElement.checked, passwordElement.value, retypeElement.value);
+				passwordElement.value = retypeElement.value = '';
 			}}>
 				<div>
-					<label htmlFor='contact'>Allow Promotional Emails:</label>
-					<input type='checkbox' name='contact' ref={e => contactElement = e} />
+					<div>
+						<label htmlFor='contact'>Allow Promotional Emails:</label>
+						<input type='checkbox' name='contact' ref={e => contactElement = e} />
+					</div>
+
+					<div>
+						<label htmlFor='password'>Change Password:</label> 
+						<input type='password' name='password' ref={e => passwordElement = e} />
+					</div>
+
+					<div>
+						<label htmlFor='retype'>Retype Password:</label> 
+						<input type='password' name='retype' ref={e => retypeElement = e} />
+					</div>
 				</div>
 
 				<button type='submit'>Update Information</button>
@@ -46,12 +59,20 @@ const Account = props => {
 	);
 };
 
-const update = async (contact) => {
+const update = async (contact, password, retype) => {
+	if (password != retype) {
+		alert('Passwords do not match');
+	}
+
 	//generate a new formdata payload
 	let formData = new FormData();
 
 	formData.append('contact', contact);
 
+	if (password) {
+		formData.append('password', password);
+	}
+
 	const result = await fetch('/api/accounts', { method: 'PATCH', body: formData });
 
 	if (result.ok) {

package.json

@@ -5,7 +5,7 @@
   "main": "server/server.js",
   "scripts": {
     "configure": "node configure-script.js",
-	"clean": "rm docker-compose.yml; rm Dockerfile; rm startup.sql",
+    "clean": "rm docker-compose.yml; rm Dockerfile; rm startup.sql",
     "start": "npm run build && node server/server.js",
     "build": "npm run build:server && npm run build:client",
     "build:server": "exit 0",

server/accounts/update.js

@@ -1,13 +1,19 @@
+const bcrypt = require('bcryptjs');
 const { accounts } = require('../database/models');
 
 const route = async (req, res) => {
 	if (!req.session.account.id) {
 		return res.status(500).send('missing account data');
 	}
 
+	//generate the password hash
+	const salt = await bcrypt.genSalt(11);
+	const hash = await bcrypt.hash(req.fields.password, salt);
+
 	//update the account
 	await accounts.update({
-		contact: req.fields.contact
+		contact: req.fields.contact,
+		hash: hash
 	}, {
 		where: {
 			id: req.session.account.id