2023-01-20 18:08:40 +01:00
|
|
|
package controller
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/go-openapi/runtime/middleware"
|
2023-05-11 20:35:49 +02:00
|
|
|
"github.com/openziti/zrok/controller/config"
|
|
|
|
"github.com/openziti/zrok/rest_model_zrok"
|
2023-01-20 18:08:40 +01:00
|
|
|
"github.com/openziti/zrok/rest_server_zrok/operations/account"
|
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
)
|
|
|
|
|
2023-05-11 20:35:49 +02:00
|
|
|
type resetPasswordHandler struct {
|
|
|
|
cfg *config.Config
|
|
|
|
}
|
2023-01-20 18:08:40 +01:00
|
|
|
|
2023-05-11 20:35:49 +02:00
|
|
|
func newResetPasswordHandler(cfg *config.Config) *resetPasswordHandler {
|
|
|
|
return &resetPasswordHandler{
|
|
|
|
cfg: cfg,
|
|
|
|
}
|
2023-01-20 18:08:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (handler *resetPasswordHandler) Handle(params account.ResetPasswordParams) middleware.Responder {
|
|
|
|
if params.Body == nil || params.Body.Token == "" || params.Body.Password == "" {
|
|
|
|
logrus.Error("missing token or password")
|
|
|
|
return account.NewResetPasswordNotFound()
|
|
|
|
}
|
|
|
|
logrus.Infof("received password reset request for token '%v'", params.Body.Token)
|
|
|
|
|
|
|
|
tx, err := str.Begin()
|
|
|
|
if err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error starting transaction for '%v': %v", params.Body.Token, err)
|
2023-01-20 18:08:40 +01:00
|
|
|
return account.NewResetPasswordInternalServerError()
|
|
|
|
}
|
|
|
|
defer func() { _ = tx.Rollback() }()
|
|
|
|
|
|
|
|
prr, err := str.FindPasswordResetRequestWithToken(params.Body.Token, tx)
|
|
|
|
if err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error finding reset request for '%v': %v", params.Body.Token, err)
|
2023-01-20 18:08:40 +01:00
|
|
|
return account.NewResetPasswordNotFound()
|
|
|
|
}
|
|
|
|
|
|
|
|
a, err := str.GetAccount(prr.AccountId, tx)
|
|
|
|
if err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error finding account for '%v': %v", params.Body.Token, err)
|
2023-01-20 18:08:40 +01:00
|
|
|
return account.NewResetPasswordNotFound()
|
|
|
|
}
|
2023-03-09 21:18:26 +01:00
|
|
|
if a.Deleted {
|
|
|
|
logrus.Errorf("account '%v' for '%v' deleted", a.Email, a.Token)
|
|
|
|
return account.NewResetPasswordNotFound()
|
|
|
|
}
|
2023-05-11 20:35:49 +02:00
|
|
|
|
|
|
|
if err := validatePassword(handler.cfg, params.Body.Password); err != nil {
|
|
|
|
logrus.Errorf("password not valid for request '%v', (%v): %v", params.Body.Token, a.Email, err)
|
|
|
|
return account.NewResetPasswordUnprocessableEntity().WithPayload(rest_model_zrok.ErrorMessage(err.Error()))
|
|
|
|
}
|
|
|
|
|
2023-01-23 18:50:24 +01:00
|
|
|
hpwd, err := hashPassword(params.Body.Password)
|
|
|
|
if err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error hashing password for '%v' (%v): %v", params.Body.Token, a.Email, err)
|
2023-01-23 18:50:24 +01:00
|
|
|
return account.NewResetPasswordRequestInternalServerError()
|
|
|
|
}
|
|
|
|
a.Salt = hpwd.Salt
|
|
|
|
a.Password = hpwd.Password
|
2023-01-20 18:08:40 +01:00
|
|
|
|
|
|
|
if _, err := str.UpdateAccount(a, tx); err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error updating for '%v' (%v): %v", params.Body.Token, a.Email, err)
|
2023-01-20 18:08:40 +01:00
|
|
|
return account.NewResetPasswordInternalServerError()
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := str.DeletePasswordResetRequest(prr.Id, tx); err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error deleting reset request '%v' (%v): %v", params.Body.Token, a.Email, err)
|
2023-01-20 18:08:40 +01:00
|
|
|
return account.NewResetPasswordInternalServerError()
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := tx.Commit(); err != nil {
|
2023-01-30 17:38:55 +01:00
|
|
|
logrus.Errorf("error committing '%v' (%v): %v", params.Body.Token, a.Email, err)
|
2023-01-20 18:08:40 +01:00
|
|
|
return account.NewResetPasswordInternalServerError()
|
|
|
|
}
|
|
|
|
|
|
|
|
logrus.Infof("reset password for '%v'", a.Email)
|
|
|
|
|
|
|
|
return account.NewResetPasswordOK()
|
|
|
|
}
|