func handleLoginResetPassword(loginConfig *loginConfigDef, res http.ResponseWriter, req *http.Request, token string, userName string, password string) {
var resetPasswordData resetPasswordDataDef
var gkErr *gkerr.GkErrDef
resetPasswordData.Title = "resetPassword"
resetPasswordData.LoginWebAddressPrefix = loginConfig.LoginWebAddressPrefix
resetPasswordData.Token = token
resetPasswordData.UserName = userName
if !CheckToken(token, userName) {
redirectToError("token expired", res, req)
return
}
gklog.LogTrace("reset password: "******"" {
gklog.LogTrace("password blank")
gkErr = _resetPasswordTemplate.Build(resetPasswordData)
if gkErr != nil {
gklog.LogGkErr("_resetPasswordTemplate.Build", gkErr)
redirectToError("_resetPasswordTemplate.Build", res, req)
return
}
gkErr = _resetPasswordTemplate.Send(res, req)
if gkErr != nil {
gklog.LogGkErr("_resetPasswordTemplate.send", gkErr)
}
return
}
var gkDbCon *database.GkDbConDef
gkDbCon, gkErr = database.NewGkDbCon(loginConfig.DatabaseUserName, loginConfig.DatabasePassword, loginConfig.DatabaseHost, loginConfig.DatabasePort, loginConfig.DatabaseDatabase)
if gkErr != nil {
gklog.LogGkErr("database.NewGkDbCon", gkErr)
redirectToError("database.NewGkDbCon", res, req)
return
}
defer gkDbCon.Close()
var passwordHash, passwordSalt []byte
var err error
passwordSalt, err = sec.GenSalt()
if err != nil {
gkErr = gkerr.GenGkErr("sec.GenSalt", err, ERROR_ID_GEN_SALT)
gklog.LogGkErr("sec.GenSalt", gkErr)
redirectToError("sec.GenSalt", res, req)
}
passwordHash = sec.GenPasswordHashSlow([]byte(password), passwordSalt)
gklog.LogTrace("change password")
gkDbCon.ChangePassword(userName, string(passwordHash), string(passwordSalt))
if gkErr != nil {
gklog.LogGkErr("gkDbCon.ChangePassword", gkErr)
redirectToError("gbDbCon.ChangePassword", res, req)
return
}
gklog.LogTrace("redirect to login")
http.Redirect(res, req, loginConfig.LoginWebAddressPrefix+_loginServer, http.StatusFound)
}
