func createToken(uid string) (*model.Token, error) {
client := NewIpaClient(true)
userRec, err := client.UserShow(uid)
if err != nil {
return nil, err
}
if len(userRec.Email) == 0 {
return nil, errors.New("User missing email address")
}
db, err := NewDb()
if err != nil {
return nil, err
}
token, err := model.NewToken(db, uid, string(userRec.Email))
if err != nil {
return nil, err
}
return token, nil
}
func forgotPassword(app *Application, r *http.Request) error {
uid := r.FormValue("uid")
if len(uid) == 0 {
return errors.New("Please provide a user name.")
}
_, err := model.FetchTokenByUser(app.db, uid, viper.GetInt("setup_max_age"))
if err == nil {
logrus.WithFields(logrus.Fields{
"uid": uid,
}).Error("Forgotpw: user already has active token")
return nil
}
client := NewIpaClient(true)
userRec, err := client.UserShow(uid)
if err != nil {
logrus.WithFields(logrus.Fields{
"uid": uid,
"error": err,
}).Error("Forgotpw: invalid uid")
return nil
}
if len(userRec.Email) == 0 {
logrus.WithFields(logrus.Fields{
"uid": uid,
}).Error("Forgotpw: missing email address")
return nil
}
_, err = model.FetchAnswer(app.db, uid)
if err != nil {
logrus.WithFields(logrus.Fields{
"uid": uid,
"error": err,
}).Error("Forgotpw: Failed to fetch security answer")
return nil
}
token, err := model.NewToken(app.db, uid, string(userRec.Email))
if err != nil {
logrus.WithFields(logrus.Fields{
"uid": uid,
"error": err,
}).Error("Forgotpw: Failed to create token")
return nil
}
vars := map[string]interface{}{
"link": fmt.Sprintf("%s/auth/resetpw/%s", viper.GetString("email_link_base"), model.SignToken(RESET_SALT, token.Token))}
err = app.SendEmail(token.Email, fmt.Sprintf("[%s] Please reset your password", viper.GetString("email_prefix")), "reset-password.txt", vars)
if err != nil {
logrus.WithFields(logrus.Fields{
"uid": uid,
"error": err,
}).Error("Forgotpw: failed send email to user")
}
return nil
}