func ResetPassword(c *cli.Context) {
if len(c.Args()) != 1 {
cli.ShowCommandHelp(c, c.Command.Name)
os.Exit(1)
}
name := c.Args()[0]
conf, err := loadConfig(c.String("config"))
if err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
logger, err := newLogger(conf)
if err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
pool, err := newPool(conf, logger)
if err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
user, err := data.SelectUserByName(pool, name)
if err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
password, err := genRandPassword()
if err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
update := &data.User{}
SetPassword(update, password)
err = data.UpdateUser(pool, user.ID.Value, update)
if err != nil {
fmt.Fprintln(os.Stderr, err)
os.Exit(1)
}
fmt.Println("User:"******"Password:", password)
}
func UpdateAccountHandler(w http.ResponseWriter, req *http.Request, env *environment) {
var update struct {
Email string `json:"email"`
ExistingPassword string `json:"existingPassword"`
NewPassword string `json:"newPassword"`
}
decoder := json.NewDecoder(req.Body)
if err := decoder.Decode(&update); err != nil {
w.WriteHeader(422)
fmt.Fprintf(w, "Error decoding request: %v", err)
return
}
if !IsPassword(env.user, update.ExistingPassword) {
w.WriteHeader(422)
fmt.Fprintln(w, "Bad existing password")
return
}
user := &data.User{}
user.Email = newStringFallback(update.Email, data.Null)
if update.NewPassword != "" {
err := SetPassword(user, update.NewPassword)
if err != nil {
w.WriteHeader(422)
fmt.Fprintln(w, err)
return
}
}
err := data.UpdateUser(env.pool, env.user.ID.Value, user)
if err != nil {
w.WriteHeader(500)
fmt.Fprintln(w, `Internal server error`)
env.logger.Error("UpdateUser", "err", err)
}
}
func ResetPasswordHandler(w http.ResponseWriter, req *http.Request, env *environment) {
var resetPassword struct {
Token string `json:"token"`
Password string `json:"password"`
}
decoder := json.NewDecoder(req.Body)
if err := decoder.Decode(&resetPassword); err != nil {
w.WriteHeader(422)
fmt.Fprintf(w, "Error decoding request: %v", err)
return
}
pwr, err := data.SelectPasswordResetByPK(env.pool, resetPassword.Token)
if err == data.ErrNotFound {
w.WriteHeader(404)
return
} else if err != nil {
w.WriteHeader(500)
fmt.Fprintf(w, "Error decoding request: %v", err)
return
}
if pwr.UserID.Status != data.Present {
w.WriteHeader(404)
return
}
if pwr.CompletionTime.Status == data.Present {
w.WriteHeader(404)
return
}
attrs := &data.User{}
SetPassword(attrs, resetPassword.Password)
err = data.UpdateUser(env.pool, pwr.UserID.Value, attrs)
if err != nil {
w.WriteHeader(500)
return
}
user, err := data.SelectUserByPK(env.pool, pwr.UserID.Value)
if err != nil {
w.WriteHeader(500)
return
}
sessionID, err := genSessionID()
if err != nil {
http.Error(w, "Internal server error", http.StatusInternalServerError)
return
}
err = data.InsertSession(env.pool,
&data.Session{
ID: data.NewBytes(sessionID),
UserID: user.ID,
},
)
if err != nil {
http.Error(w, "Internal server error", http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
var response struct {
Name string `json:"name"`
SessionID string `json:"sessionID"`
}
response.Name = user.Name.Value
response.SessionID = hex.EncodeToString(sessionID)
encoder := json.NewEncoder(w)
encoder.Encode(response)
}