get password

src/client/js/components/Me/PasswordSettings.jsx

@@ -20,21 +20,28 @@ class PasswordSettings extends React.Component {
 
     this.state = {
       retrieveError: null,
+      password: '',
       oldPassword: '',
       newPassword: '',
       newPasswordConfirm: '',
     };
 
-    this.retrievePassword();
-
     this.retrievePassword = this.retrievePassword.bind(this);
     this.onClickSubmit = this.onClickSubmit.bind(this);
     this.onChangeOldPassword = this.onChangeOldPassword.bind(this);
   }
 
+  componentDidMount() {
+    this.retrievePassword();
+  }
+
   async retrievePassword() {
+    const { appContainer } = this.props;
+
     try {
-    // TODO GW-1136 create apiV3 for updating password
+      const res = await appContainer.apiv3Get('/personal-setting/password');
+      const { password } = res.data;
+      this.setState({ password });
     }
     catch (err) {
       this.setState({ retrieveError: err });
@@ -80,18 +87,18 @@ class PasswordSettings extends React.Component {
         </div>
         {(this.state.password != null)
         && (
-        <div className="row mb-3">
-          <label htmlFor="oldPassword" className="col-xs-3 text-right">{ t('personal_settings.current_password') }</label>
-          <div className="col-xs-6">
-            <input
-              className="form-control"
-              type="password"
-              name="oldPassword"
-              value={this.state.oldPassword}
-              onChange={(e) => { this.onChangeOldPassword(e.target.value) }}
-            />
+          <div className="row mb-3">
+            <label htmlFor="oldPassword" className="col-xs-3 text-right">{ t('personal_settings.current_password') }</label>
+            <div className="col-xs-6">
+              <input
+                className="form-control"
+                type="password"
+                name="oldPassword"
+                value={this.state.oldPassword}
+                onChange={(e) => { this.onChangeOldPassword(e.target.value) }}
+              />
+            </div>
           </div>
-        </div>
         )}
         <div className="row mb-3">
           <label htmlFor="newPassword" className="col-xs-3 text-right">{t('personal_settings.new_password') }</label>

src/server/routes/apiv3/personal-setting.js

@@ -35,6 +35,7 @@ const ErrorV3 = require('../../models/vo/error-apiv3');
  *            type: boolean
  */
 module.exports = (crowi) => {
+  const accessTokenParser = require('../../middleware/access-token-parser')(crowi);
   const loginRequiredStrictly = require('../../middleware/login-required')(crowi);
   const csrf = require('../../middleware/csrf')(crowi);
 
@@ -72,7 +73,7 @@ module.exports = (crowi) => {
    *                      type: object
    *                      description: personal params
    */
-  router.get('/', loginRequiredStrictly, async(req, res) => {
+  router.get('/', accessTokenParser, loginRequiredStrictly, async(req, res) => {
     const currentUser = await User.findUserByUsername(req.user.username);
     return res.apiv3({ currentUser });
   });
@@ -103,7 +104,7 @@ module.exports = (crowi) => {
    *                      type: object
    *                      description: personal params
    */
-  router.put('/', loginRequiredStrictly, csrf, validator.personal, ApiV3FormValidator, async(req, res) => {
+  router.put('/', accessTokenParser, loginRequiredStrictly, csrf, validator.personal, ApiV3FormValidator, async(req, res) => {
 
     try {
       const user = await User.findOne({ _id: req.user.id });
@@ -143,7 +144,7 @@ module.exports = (crowi) => {
    *                      type: object
    *                      description: array of external accounts
    */
-  router.get('/external-accounts', loginRequiredStrictly, async(req, res) => {
+  router.get('/external-accounts', accessTokenParser, loginRequiredStrictly, async(req, res) => {
     const userData = req.user;
 
     try {
@@ -157,5 +158,20 @@ module.exports = (crowi) => {
 
   });
 
+  // TODO swagger
+  router.get('/password', accessTokenParser, loginRequiredStrictly, async(req, res) => {
+
+    try {
+      const user = await User.findOne({ _id: req.user.id });
+      const { password } = user;
+      return res.apiv3({ password });
+    }
+    catch (err) {
+      logger.error(err);
+      return res.apiv3Err('get-accounts-password');
+    }
+  });
+
+
   return router;
 };