//Request a password reset (forgot password, etc).
func (um *UserManager) RequestPasswordReset(id string) error {
//Read the user
user := User{}
userDb := Connection.SelectDB(UserDbName, AdminAuth)
rev, err := userDb.Read(UserPrefix+id, &user, nil)
if err != nil {
return err
}
//Generate a token
tok := util.GenToken()
//Set token expiration time
nowTime := time.Now().UTC()
//Tokens are good for 4 hours
hours := time.Duration(4) * time.Hour
expireTime := nowTime.Add(hours)
user.PassResetToken.Token = tok
user.PassResetToken.Expires = expireTime
//Now save the user
log.Println("Saving reset token to user document")
rev, err = um.Update(id, rev, &user, GetAdminUser())
if err != nil {
return err
}
//Now we need to send an email to the user containing our token
notifEndpoint, err := registry.GetServiceLocation("notifications")
if err != nil {
return err
}
nr := NotificationRequest{
To: user.Public.Contact.Email,
Subject: "Reset Password Request",
Data: map[string]string{
"user": user.Public.FirstName,
"uri": "/reset_password?user="******"&token=" + tok,
},
}
nrJson, _, err := util.EncodeJsonData(&nr)
if err != nil {
return err
}
//Assemble the request
reqUrl := notifEndpoint + "/api/v1/notifications/reset_password/send"
client := &http.Client{}
request, err := http.NewRequest("POST", reqUrl, nrJson)
if err != nil {
return err
}
request.Header.Add("Content-Type", "application/json")
resp, err := client.Do(request)
if err != nil {
return err
}
defer resp.Body.Close()
return nil
}
func NewSession(userCtx *couchdb.UserContext, authType string) *Session {
token := util.GenToken()
createdAt := time.Now().UTC()
sessionTimeout := time.Duration(config.Auth.SessionTimeout) * time.Second
expiresAt := createdAt.Add(sessionTimeout)
return &Session{
Id: token,
AuthType: authType,
User: userCtx.Name,
Roles: userCtx.Roles,
CreatedAt: createdAt,
ExpiresAt: expiresAt,
}
}