From a27d579f06c2413818c34a4063a516b8823bf947 Mon Sep 17 00:00:00 2001
From: nicolas-arnaud <nicolas.rr.arnaud@gmail.com>
Date: Sun, 19 Mar 2023 11:09:39 +0100
Subject: [PATCH] fix password change

---
 back/volume/src/chat/chat.controller.ts       |  7 +++++--
 back/volume/src/chat/chat.service.ts          | 21 +++++++++----------
 back/volume/src/chat/entity/channel.entity.ts | 10 ---------
 front/volume/src/components/Channels.svelte   | 21 ++++++++++---------
 4 files changed, 26 insertions(+), 33 deletions(-)

diff --git a/back/volume/src/chat/chat.controller.ts b/back/volume/src/chat/chat.controller.ts
index 3bd142b..65e9490 100644
--- a/back/volume/src/chat/chat.controller.ts
+++ b/back/volume/src/chat/chat.controller.ts
@@ -211,10 +211,13 @@ export class ChatController {
       @Param('id', ParseIntPipe) id: number,
       @Body() data: PasswordDto
   ): Promise<void> {
-    if (await this.channelService.isOwner(id, +profile.id)) {
+    if (!(await this.channelService.isOwner(id, +profile.id))) {
       throw new BadRequestException('You are not the owner of this channel')
     }
-    await this.channelService.updatePassword(id, data.password)
+    let channel = (await this.channelService.getChannel(id)) as Channel
+    channel.password = await this.channelService.hash(data.password)
+    this.channelService.update(channel)
+
   }
 
   @Get()
diff --git a/back/volume/src/chat/chat.service.ts b/back/volume/src/chat/chat.service.ts
index 89e3bfb..19242bd 100644
--- a/back/volume/src/chat/chat.service.ts
+++ b/back/volume/src/chat/chat.service.ts
@@ -1,13 +1,14 @@
 import { BadRequestException, Injectable } from '@nestjs/common'
 import { InjectRepository } from '@nestjs/typeorm'
 import { Repository } from 'typeorm'
+import { Cron } from '@nestjs/schedule'
+import * as bcrypt from 'bcrypt'
 
 import { type CreateChannelDto } from './dto/create-channel.dto'
 import { UsersService } from 'src/users/users.service'
 
 import type User from 'src/users/entity/user.entity'
 import Channel from './entity/channel.entity'
-import { Cron } from '@nestjs/schedule'
 
 @Injectable()
 export class ChatService {
@@ -58,7 +59,7 @@ export class ChatService {
       newChannel.admins = [user]
       newChannel.name = channel.name
       newChannel.isPrivate = channel.isPrivate
-      newChannel.password = channel.password
+      newChannel.password = await this.hash(channel.password)
       console.log("New channel: ", JSON.stringify(newChannel))
     }
     return await this.ChannelRepository.save(newChannel)
@@ -75,15 +76,13 @@ export class ChatService {
     return newDM
   }
 
-  async updatePassword (id: number, password: string): Promise<void> {
-    const channel: Channel | null = await this.ChannelRepository.findOneBy({
-      id
-    })
-    if (channel === null) {
-      throw new BadRequestException(`Channel #${id} not found`)
-    }
-    channel.password = password
-    await this.update(channel)
+  async hash(password: string): Promise<string> {
+    if (!password) return ''
+      password = await bcrypt.hash(
+        password,
+        Number(process.env.HASH_SALT)
+      )
+    return password
   }
 
   async getChannelsForUser (ftId: number): Promise<Channel[]> {
diff --git a/back/volume/src/chat/entity/channel.entity.ts b/back/volume/src/chat/entity/channel.entity.ts
index 0eda1f6..72eb420 100644
--- a/back/volume/src/chat/entity/channel.entity.ts
+++ b/back/volume/src/chat/entity/channel.entity.ts
@@ -11,7 +11,6 @@ import {
 } from 'typeorm'
 import User from 'src/users/entity/user.entity'
 import Message from './message.entity'
-import * as bcrypt from 'bcrypt'
 
 @Entity()
 export default class Channel {
@@ -27,15 +26,6 @@ export default class Channel {
   @Column({ default: '' })
     password: string
 
-  @BeforeInsert()
-  async hashPassword (): Promise<void> {
-    if (this.password === '') return
-    this.password = await bcrypt.hash(
-      this.password,
-      Number(process.env.HASH_SALT)
-    )
-  }
-
   @ManyToMany(() => User)
   @JoinTable()
     users: User[]
diff --git a/front/volume/src/components/Channels.svelte b/front/volume/src/components/Channels.svelte
index 2c2f763..97c949c 100644
--- a/front/volume/src/components/Channels.svelte
+++ b/front/volume/src/components/Channels.svelte
@@ -119,12 +119,14 @@
   let channel: ChannelsType;
   export const selectChat = (id: number) => {
     console.log("channel: ", id)
-    channel = channels.find((c) => c.id === id);
-    if (channel) {
-      joinChannel(channel);
-    } else {
-      show_popup("Did not find channel", false)
-    }
+    getChannels().then(() => {
+      channel = channels.find((c) => c.id === id);
+      if (channel) {
+        joinChannel(channel);
+      } else {
+        show_popup("Did not find channel", false)
+      }
+    })
   };
 
   socket.on("messages", (msgs: Array<chatMessagesType>) => {
@@ -248,11 +250,10 @@
         password: string,
       }),
     });
-    if (response.ok) {
-      channels.push(await response.json());
-    } else {
+    if (!response.ok) {
         await show_popup("Error changing password", false)
-    }
+    } else
+      getChannels()
   };
 
   //--------------------------------------------------------------------------------/