// ResetPassword actually resets the password of the user. It needs the token
// string. The new password will be a random string, that will be then sent to
// the user email.
func (s NativeScheme) ResetPassword(user *auth.User, resetToken string) error {
if resetToken == "" {
return auth.ErrInvalidToken
}
conn, err := db.Conn()
if err != nil {
return err
}
passToken, err := getPasswordToken(resetToken)
if err != nil {
return err
}
if passToken.UserEmail != user.Email {
return auth.ErrInvalidToken
}
password := generatePassword(12)
user.Password = password
hashPassword(user)
go sendNewPassword(user, password)
passToken.Used = true
conn.PasswordTokens().UpdateId(passToken.Token, passToken)
return user.Update()
}
func addKeyInDatabase(key *auth.Key, u *auth.User) error {
u.AddKey(*key)
return u.Update()
}