1 let crypto = require('crypto')
2 let XDate = require('xdate')
5 let get_account = await _require('/_lib/get_account.jst')
6 let get_session = await _require('/_lib/get_session.jst')
7 let post_request = await _require('/_lib/post_request.jst')
8 let Problem = await _require('/_lib/Problem.jst')
14 async (old_password, new_password) => {
15 // coerce and/or validate
16 old_password = old_password.slice(0, 256)
17 new_password = new_password.slice(0, 256)
18 if (old_password.length < 8 || new_password.length < 8)
21 'Minimum length check failed',
25 let transaction = await env.site.database.Transaction()
27 let account = await get_account(
30 await get_session(env, transaction)
32 if (account === undefined)
33 throw new Problem('Unauthorized', 'Please sign in first.', 401)
35 if (old_password !== await account.get_json('password'))
38 `Provided old password did not match the expected value.`,
42 account.set_json('password', new_password)
43 await transaction.commit()
46 transaction.rollback()