func handleLoginResetPassword(loginConfig *loginConfigDef, res http.ResponseWriter, req *http.Request, token string, userName string, password string) { var resetPasswordData resetPasswordDataDef var gkErr *gkerr.GkErrDef resetPasswordData.Title = "resetPassword" resetPasswordData.LoginWebAddressPrefix = loginConfig.LoginWebAddressPrefix resetPasswordData.Token = token resetPasswordData.UserName = userName if !CheckToken(token, userName) { redirectToError("token expired", res, req) return } gklog.LogTrace("reset password: "******"" { gklog.LogTrace("password blank") gkErr = _resetPasswordTemplate.Build(resetPasswordData) if gkErr != nil { gklog.LogGkErr("_resetPasswordTemplate.Build", gkErr) redirectToError("_resetPasswordTemplate.Build", res, req) return } gkErr = _resetPasswordTemplate.Send(res, req) if gkErr != nil { gklog.LogGkErr("_resetPasswordTemplate.send", gkErr) } return } var gkDbCon *database.GkDbConDef gkDbCon, gkErr = database.NewGkDbCon(loginConfig.DatabaseUserName, loginConfig.DatabasePassword, loginConfig.DatabaseHost, loginConfig.DatabasePort, loginConfig.DatabaseDatabase) if gkErr != nil { gklog.LogGkErr("database.NewGkDbCon", gkErr) redirectToError("database.NewGkDbCon", res, req) return } defer gkDbCon.Close() var passwordHash, passwordSalt []byte var err error passwordSalt, err = sec.GenSalt() if err != nil { gkErr = gkerr.GenGkErr("sec.GenSalt", err, ERROR_ID_GEN_SALT) gklog.LogGkErr("sec.GenSalt", gkErr) redirectToError("sec.GenSalt", res, req) } passwordHash = sec.GenPasswordHashSlow([]byte(password), passwordSalt) gklog.LogTrace("change password") gkDbCon.ChangePassword(userName, string(passwordHash), string(passwordSalt)) if gkErr != nil { gklog.LogGkErr("gkDbCon.ChangePassword", gkErr) redirectToError("gbDbCon.ChangePassword", res, req) return } gklog.LogTrace("redirect to login") http.Redirect(res, req, loginConfig.LoginWebAddressPrefix+_loginServer, http.StatusFound) }