mirrors/homebox
1
0
Fork 1
mirror of https://github.com/hay-kot/homebox.git synced 2025-07-07 11:08:36 +00:00
Code Issues Projects Releases Packages Wiki Activity

implement password reset

Browse source
This commit is contained in:
Hayden 2024-05-24 20:34:49 -05:00
parent 2231c54f21
commit 64d2957853
No known key found for this signature in database
GPG key ID: 17CF79474E257545
5 changed files with 87 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

38
backend/internal/core/services/service_user.go
View file

@ -234,18 +234,18 @@ func (svc *UserService) DeleteSelf(ctx context.Context, userID uuid.UUID) error
return svc.repos.Users.Delete(ctx, userID)
}
func (svc *UserService) ChangePassword(ctx Context, current string, new string) (ok bool) {
func (svc *UserService) PasswordChange(ctx Context, currentPassword, newPassword string) (ok bool) {
usr, err := svc.repos.Users.GetOneID(ctx, ctx.UserID)
if err != nil {
return false
}
if !hasher.CheckPasswordHash(current, usr.PasswordHash) {
if !hasher.CheckPasswordHash(currentPassword, usr.PasswordHash) {
log.Err(errors.New("current password is incorrect")).Msg("Failed to change password")
return false
}
hashed, err := hasher.HashPassword(new)
hashed, err := hasher.HashPassword(newPassword)
if err != nil {
log.Err(err).Msg("Failed to hash password")
return false
@ -260,7 +260,37 @@ func (svc *UserService) ChangePassword(ctx Context, current string, new string)
return true
}
func (svc *UserService) RequestPasswordReset(ctx context.Context, req PasswordResetRequest) error {
func (svc *UserService) PasswordChangeWithToken(ctx Context, token, newPassword string) error {
hashed, err := hasher.HashPassword(newPassword)
if err != nil {
return err
}
tokenHash := hasher.HashToken(token)
resetToken, err := svc.repos.Users.PasswordResetGet(ctx.Context, tokenHash)
if err != nil {
return err
}
if resetToken.UserID != ctx.UserID {
return ErrorTokenIDMismatch
}
err = svc.repos.Users.ChangePassword(ctx.Context, ctx.UserID, hashed)
if err != nil {
return err
}
err = svc.repos.Users.PasswordResetDelete(ctx.Context, tokenHash)
if err != nil {
return err
}
return nil
}
func (svc *UserService) PasswordResetRequest(ctx context.Context, req PasswordResetRequest) error {
usr, err := svc.repos.Users.GetOneEmail(ctx, req.Email)
if err != nil {
log.Warn().Err(err).Msg("failed to get user for email reset")

7
backend/internal/data/repo/repo_users.go
View file

@ -149,3 +149,10 @@ func (r *UserRepository) PasswordResetGet(ctx context.Context, token []byte) (*e
WithUser().
Only(ctx)
}
func (r *UserRepository) PasswordResetDelete(ctx context.Context, token []byte) error {
_, err := r.db.ActionToken.Delete().
Where(actiontoken.Token(token)).
Exec(ctx)
return err
}