Verify the old Password
Call a special login function, that does not use the current
session and ignores the intercept which would log out the
user on a bad old password.
This special login function, testPassword(), calls /login with
the old password, a success verifies the password is correct.
Tested: Changed the user password on a Witherspoon and
verified an incorrect old password does not change the password.
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Change-Id: I65f6a6aa6dbc5d849e962b6c24a09e3ac0f6cf58
diff --git a/app/common/services/api-utils.js b/app/common/services/api-utils.js
index 73fe5a4..c8a7969 100644
--- a/app/common/services/api-utils.js
+++ b/app/common/services/api-utils.js
@@ -189,6 +189,31 @@
console.log(error);
});
},
+ testPassword: function(username, password){
+ // Calls /login without the current session to verify the given password is correct
+ // ignore the interceptor logout on a bad password
+ DataService.ignoreHttpError = true;
+ var deferred = $q.defer();
+ $http({
+ method: 'POST',
+ url: DataService.getHost() + "/login",
+ headers: {
+ 'Accept': 'application/json',
+ 'Content-Type': 'application/json'
+ },
+ withCredentials: false,
+ data: JSON.stringify({"data": [username, password]})
+ }).then(function(response){
+ var json = JSON.stringify(response.data);
+ var content = JSON.parse(json);
+ DataService.ignoreHttpError = false;
+ deferred.resolve(content.data);
+ }, function(error){
+ DataService.ignoreHttpError = false;
+ deferred.reject(error);
+ });
+ return deferred.promise;
+ },
logout: function(callback){
$http({
method: 'POST',