Based on http://scotch.io/tutorials/javascript/easy-node-authentication-setup-and-local example I start creating a test app.
I have this code for updating a password:
app.post('/admin/account', isLoggedIn, function(req, res, next) {
var oldPass = req.body.oldPass;
var newPass = req.body.newPass;
req.flash('info', 'OK');
req.flash('error', 'Old password incorrect');
if (req.user.validPassword(oldPass)) {
newPass = req.user.generateHash(newPass);
User.findById(req.session.passport.user, function(err, p){
if (!p)
return next(new Error('Could not load Document'));
else {
p._doc.local.password = newPass;
p.save(function(err) {
if (err)
console.log('error')
else
console.log('success')
});
}
});
res.render('admin/account.ejs', {
menu : 'account',
messageInfo: req.flash('info'),
messageError: false
});
} else {
res.render('admin/account.ejs', {
menu : 'account',
messageError: req.flash('error'),
messageInfo: false
});
}
});
Everything seems to be working fine except for the fact that it won't update the password in the database.
I mean req.session.passport.user returns the correct userId (I have more users in collection), req.session.passport.user returns the correct bcrypted pass, the newPass is the correct new bcrypted pass and in the end in console prints success, but I have no idea what could be wrong. I also tried to use findOne instead of findById with no luck.
Depending on your User schema, it might be possible that the model is unaware that your password has been changed. I would try using Mongoose's markModified method (see http://mongoosejs.com/docs/api.html#document_Document-markModified).
Fixed , was just a newbie problem in this line:
p._doc.local.password = newPass;
correct is :
user.local.password = newPass;