summaryrefslogtreecommitdiffstats
path: root/server/api/users.js
diff options
context:
space:
mode:
Diffstat (limited to 'server/api/users.js')
-rw-r--r--server/api/users.js33
1 files changed, 33 insertions, 0 deletions
diff --git a/server/api/users.js b/server/api/users.js
index dc8df46..1a724ac 100644
--- a/server/api/users.js
+++ b/server/api/users.js
@@ -61,6 +61,39 @@ router.post('/:id/password', (req, res) => {
authentication.changePassword(req, res)
})
+// Post request for chaning the user info. (name, email)
+router.post('/:id', (req, res) => {
+ if (req.params.id !== 'current') {
+ // Check if the user has the permission for chaning those userdata. Else return.
+ return res.status(500).end()
+ }
+ const id = req.params.id === 'current' ? req.user.id : req.params.id
+
+ let email = req.body.email
+ if (!authentication.validateEmail(req.body.email)) return res.status(500).send({ status: 'EMAIL_INVALID', error_message: 'The provided email is invalid.' })
+ db.user.findOne({ where: { id } }).then(user => {
+ user.update({
+ name: req.body.name,
+ email
+ }).then(() => {
+ res.send(200)
+ })
+ })
+})
+
+router.delete('/:id/', (req, res) => {
+ // Check if the user has the permission for chaning those userdata. Else return.
+ if (req.params.id !== 'current') {
+ return res.status(500).end()
+ }
+ const id = req.params.id === 'current' ? req.user.id : req.params.id
+
+ // Every user can delete his own account.
+ db.user.destroy({ where: { id } }).then(() => {
+ res.status(200).end()
+ })
+})
+
// ############################################################################
// ############################################################################