zrok/controller/resetPassword.go

package controller

import (
	"github.com/go-openapi/runtime/middleware"
	"github.com/openziti/zrok/controller/config"
	"github.com/openziti/zrok/rest_model_zrok"
	"github.com/openziti/zrok/rest_server_zrok/operations/account"
	"github.com/sirupsen/logrus"
)

type resetPasswordHandler struct {
	cfg *config.Config
}

func newResetPasswordHandler(cfg *config.Config) *resetPasswordHandler {
	return &resetPasswordHandler{
		cfg: cfg,
	}
}

func (handler *resetPasswordHandler) Handle(params account.ResetPasswordParams) middleware.Responder {
	if params.Body.ResetToken == "" || params.Body.Password == "" {
		logrus.Error("missing token or password")
		return account.NewResetPasswordNotFound()
	}
	logrus.Infof("received password reset request for reset token '%v'", params.Body.ResetToken)

	tx, err := str.Begin()
	if err != nil {
		logrus.Errorf("error starting transaction for '%v': %v", params.Body.ResetToken, err)
		return account.NewResetPasswordInternalServerError()
	}
	defer func() { _ = tx.Rollback() }()

	prr, err := str.FindPasswordResetRequestWithToken(params.Body.ResetToken, tx)
	if err != nil {
		logrus.Errorf("error finding reset request for reset token '%v': %v", params.Body.ResetToken, err)
		return account.NewResetPasswordNotFound()
	}

	a, err := str.GetAccount(prr.AccountId, tx)
	if err != nil {
		logrus.Errorf("error finding account for reset token '%v': %v", params.Body.ResetToken, err)
		return account.NewResetPasswordNotFound()
	}
	if a.Deleted {
		logrus.Errorf("account '%v' for '%v' deleted", a.Email, a.Token)
		return account.NewResetPasswordNotFound()
	}

	if err := validatePassword(handler.cfg, params.Body.Password); err != nil {
		logrus.Errorf("password not valid for reset token '%v', (%v): %v", params.Body.ResetToken, a.Email, err)
		return account.NewResetPasswordUnprocessableEntity().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
	}

	hpwd, err := HashPassword(params.Body.Password)
	if err != nil {
		logrus.Errorf("error hashing password for '%v' (%v): %v", params.Body.ResetToken, a.Email, err)
		return account.NewResetPasswordRequestInternalServerError()
	}
	a.Salt = hpwd.Salt
	a.Password = hpwd.Password

	if _, err := str.UpdateAccount(a, tx); err != nil {
		logrus.Errorf("error updating for reset token '%v' (%v): %v", params.Body.ResetToken, a.Email, err)
		return account.NewResetPasswordInternalServerError()
	}

	if err := str.DeletePasswordResetRequest(prr.Id, tx); err != nil {
		logrus.Errorf("error deleting reset request for reset token '%v' (%v): %v", params.Body.ResetToken, a.Email, err)
		return account.NewResetPasswordInternalServerError()
	}

	if err := tx.Commit(); err != nil {
		logrus.Errorf("error committing for reset token '%v' (%v): %v", params.Body.ResetToken, a.Email, err)
		return account.NewResetPasswordInternalServerError()
	}

	logrus.Infof("reset password for '%v'", a.Email)

	return account.NewResetPasswordOK()
}
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`package controller`

			`import (`
			`"github.com/go-openapi/runtime/middleware"`
Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00			`"github.com/openziti/zrok/controller/config"`
			`"github.com/openziti/zrok/rest_model_zrok"`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`"github.com/openziti/zrok/rest_server_zrok/operations/account"`
			`"github.com/sirupsen/logrus"`
			`)`

Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00			`type resetPasswordHandler struct {`
			`cfg *config.Config`
			`}`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00
Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00			`func newResetPasswordHandler(cfg config.Config) resetPasswordHandler {`
			`return &resetPasswordHandler{`
			`cfg: cfg,`
			`}`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`}`

			`func (handler *resetPasswordHandler) Handle(params account.ResetPasswordParams) middleware.Responder {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`if params.Body.ResetToken == "" \|\| params.Body.Password == "" {`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`logrus.Error("missing token or password")`
			`return account.NewResetPasswordNotFound()`
			`}`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Infof("received password reset request for reset token '%v'", params.Body.ResetToken)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00
			`tx, err := str.Begin()`
			`if err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error starting transaction for '%v': %v", params.Body.ResetToken, err)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`return account.NewResetPasswordInternalServerError()`
			`}`
			`defer func() { _ = tx.Rollback() }()`

reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`prr, err := str.FindPasswordResetRequestWithToken(params.Body.ResetToken, tx)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`if err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error finding reset request for reset token '%v': %v", params.Body.ResetToken, err)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`return account.NewResetPasswordNotFound()`
			`}`

			`a, err := str.GetAccount(prr.AccountId, tx)`
			`if err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error finding account for reset token '%v': %v", params.Body.ResetToken, err)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`return account.NewResetPasswordNotFound()`
			`}`
controller logic respects store.Account.Deleted flag (#262) 2023-03-09 21:18:26 +01:00			`if a.Deleted {`
			`logrus.Errorf("account '%v' for '%v' deleted", a.Email, a.Token)`
			`return account.NewResetPasswordNotFound()`
			`}`
Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00
			`if err := validatePassword(handler.cfg, params.Body.Password); err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("password not valid for reset token '%v', (%v): %v", params.Body.ResetToken, a.Email, err)`
Enhanced password requirements and relevant ui changes 2023-05-11 20:35:49 +02:00			`return account.NewResetPasswordUnprocessableEntity().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))`
			`}`

'zrok admin create account' 2024-01-30 18:59:56 +01:00			`hpwd, err := HashPassword(params.Body.Password)`
implement the new password hashing approach (#156) 2023-01-23 18:50:24 +01:00			`if err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error hashing password for '%v' (%v): %v", params.Body.ResetToken, a.Email, err)`
implement the new password hashing approach (#156) 2023-01-23 18:50:24 +01:00			`return account.NewResetPasswordRequestInternalServerError()`
			`}`
			`a.Salt = hpwd.Salt`
			`a.Password = hpwd.Password`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00
			`if _, err := str.UpdateAccount(a, tx); err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error updating for reset token '%v' (%v): %v", params.Body.ResetToken, a.Email, err)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`return account.NewResetPasswordInternalServerError()`
			`}`

			`if err := str.DeletePasswordResetRequest(prr.Id, tx); err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error deleting reset request for reset token '%v' (%v): %v", params.Body.ResetToken, a.Email, err)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`return account.NewResetPasswordInternalServerError()`
			`}`

			`if err := tx.Commit(); err != nil {`
reset token (#820, #834) 2025-02-04 20:10:45 +01:00			`logrus.Errorf("error committing for reset token '%v' (%v): %v", params.Body.ResetToken, a.Email, err)`
forgot -> reset; password reset testing & tweaks (#65) 2023-01-20 18:08:40 +01:00			`return account.NewResetPasswordInternalServerError()`
			`}`

			`logrus.Infof("reset password for '%v'", a.Email)`

			`return account.NewResetPasswordOK()`
			`}`