initial work on token revocation

2025-04-01 10:06:08 +02:00 · 2024-01-25 09:55:45 -06:00 · 2024-01-25 09:55:45 -06:00 · bba9377b9f
commit bba9377b9f
parent 00d46be77a
25 changed files with 1468 additions and 7 deletions
--- a/controller/controller.go
+++ b/controller/controller.go
@ -49,6 +49,7 @@ func Run(inCfg *config.Config) error {
 	api.AccountRegisterHandler = newRegisterHandler(cfg)
 	api.AccountResetPasswordHandler = newResetPasswordHandler(cfg)
 	api.AccountResetPasswordRequestHandler = newResetPasswordRequestHandler()
 	api.AccountResetTokenHandler = newResetTokenHandler()
 	api.AccountVerifyHandler = newVerifyHandler()
 	api.AdminCreateFrontendHandler = newCreateFrontendHandler()
 	api.AdminCreateIdentityHandler = newCreateIdentityHandler()
--- a/controller/resetToken.go
+++ b/controller/resetToken.go
@ -0,0 +1,49 @@
 package controller
 import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/openziti/zrok/rest_server_zrok/operations/account"
 	"github.com/sirupsen/logrus"
 )
 type resetTokenHandler struct{}
 func newResetTokenHandler() *resetTokenHandler {
 	return &resetTokenHandler{}
 }
 func (handler *resetTokenHandler) Handle(params account.ResetTokenParams) middleware.Responder {
 	if params.Body.EmailAddress == "" {
 		logrus.Error("missing email")
 		return account.NewResetTokenNotFound()
 	}
 	logrus.Infof("received token reset request for email '%v'", params.Body.EmailAddress)
 	tx, err := str.Begin()
 	if err != nil {
 		logrus.Errorf("error starting transaction for '%v': %v", params.Body.EmailAddress, err)
 		return account.NewResetTokenInternalServerError()
 	}
 	defer tx.Rollback()
 	a, err := str.FindAccountWithEmail(params.Body.EmailAddress, tx)
 	if err != nil {
 		logrus.Errorf("error finding account for '%v': %v", params.Body.EmailAddress, err)
 		return account.NewResetTokenNotFound()
 	}
 	if a.Deleted {
 		logrus.Errorf("account '%v' for '%v' deleted", a.Email, a.Token)
 		return account.NewResetTokenNotFound()
 	}
 	// Need to create new token and invalidate all other resources
 	if err := tx.Commit(); err != nil {
 		logrus.Errorf("error committing '%v' (%v): %v", params.Body.EmailAddress, a.Email, err)
 		return account.NewResetTokenInternalServerError()
 	}
 	logrus.Infof("reset token for '%v'", a.Email)
 	return account.NewResetTokenOK()
 }
--- a/rest_client_zrok/account/account_client.go
+++ b/rest_client_zrok/account/account_client.go
@ -40,6 +40,8 @@ type ClientService interface {
 	ResetPasswordRequest(params *ResetPasswordRequestParams, opts ...ClientOption) (*ResetPasswordRequestCreated, error)
 	ResetToken(params *ResetTokenParams, opts ...ClientOption) (*ResetTokenOK, error)
 	Verify(params *VerifyParams, opts ...ClientOption) (*VerifyOK, error)
 	SetTransport(transport runtime.ClientTransport)
@ -235,6 +237,44 @@ func (a *Client) ResetPasswordRequest(params *ResetPasswordRequestParams, opts .
 	panic(msg)
 }
 /*
 ResetToken reset token API
 */
 func (a *Client) ResetToken(params *ResetTokenParams, opts ...ClientOption) (*ResetTokenOK, error) {
 	// TODO: Validate the params before sending
 	if params == nil {
 		params = NewResetTokenParams()
 	}
 	op := &runtime.ClientOperation{
 		ID:                 "resetToken",
 		Method:             "POST",
 		PathPattern:        "/resetToken",
 		ProducesMediaTypes: []string{"application/zrok.v1+json"},
 		ConsumesMediaTypes: []string{"application/zrok.v1+json"},
 		Schemes:            []string{"http"},
 		Params:             params,
 		Reader:             &ResetTokenReader{formats: a.formats},
 		Context:            params.Context,
 		Client:             params.HTTPClient,
 	}
 	for _, opt := range opts {
 		opt(op)
 	}
 	result, err := a.transport.Submit(op)
 	if err != nil {
 		return nil, err
 	}
 	success, ok := result.(*ResetTokenOK)
 	if ok {
 		return success, nil
 	}
 	// unexpected success response
 	// safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue
 	msg := fmt.Sprintf("unexpected success response for resetToken: API contract not enforced by server. Client expected to get an error, but got: %T", result)
 	panic(msg)
 }
 /*
 Verify verify API
 */
--- a/rest_client_zrok/account/reset_token_parameters.go
+++ b/rest_client_zrok/account/reset_token_parameters.go
@ -0,0 +1,146 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package account
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"net/http"
 	"time"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/runtime"
 	cr "github.com/go-openapi/runtime/client"
 	"github.com/go-openapi/strfmt"
 )
 // NewResetTokenParams creates a new ResetTokenParams object,
 // with the default timeout for this client.
 //
 // Default values are not hydrated, since defaults are normally applied by the API server side.
 //
 // To enforce default values in parameter, use SetDefaults or WithDefaults.
 func NewResetTokenParams() *ResetTokenParams {
 	return &ResetTokenParams{
 		timeout: cr.DefaultTimeout,
 	}
 }
 // NewResetTokenParamsWithTimeout creates a new ResetTokenParams object
 // with the ability to set a timeout on a request.
 func NewResetTokenParamsWithTimeout(timeout time.Duration) *ResetTokenParams {
 	return &ResetTokenParams{
 		timeout: timeout,
 	}
 }
 // NewResetTokenParamsWithContext creates a new ResetTokenParams object
 // with the ability to set a context for a request.
 func NewResetTokenParamsWithContext(ctx context.Context) *ResetTokenParams {
 	return &ResetTokenParams{
 		Context: ctx,
 	}
 }
 // NewResetTokenParamsWithHTTPClient creates a new ResetTokenParams object
 // with the ability to set a custom HTTPClient for a request.
 func NewResetTokenParamsWithHTTPClient(client *http.Client) *ResetTokenParams {
 	return &ResetTokenParams{
 		HTTPClient: client,
 	}
 }
 /*
 ResetTokenParams contains all the parameters to send to the API endpoint
 	for the reset token operation.
 	Typically these are written to a http.Request.
 */
 type ResetTokenParams struct {
 	// Body.
 	Body ResetTokenBody
 	timeout    time.Duration
 	Context    context.Context
 	HTTPClient *http.Client
 }
 // WithDefaults hydrates default values in the reset token params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *ResetTokenParams) WithDefaults() *ResetTokenParams {
 	o.SetDefaults()
 	return o
 }
 // SetDefaults hydrates default values in the reset token params (not the query body).
 //
 // All values with no default are reset to their zero value.
 func (o *ResetTokenParams) SetDefaults() {
 	// no default values defined for this parameter
 }
 // WithTimeout adds the timeout to the reset token params
 func (o *ResetTokenParams) WithTimeout(timeout time.Duration) *ResetTokenParams {
 	o.SetTimeout(timeout)
 	return o
 }
 // SetTimeout adds the timeout to the reset token params
 func (o *ResetTokenParams) SetTimeout(timeout time.Duration) {
 	o.timeout = timeout
 }
 // WithContext adds the context to the reset token params
 func (o *ResetTokenParams) WithContext(ctx context.Context) *ResetTokenParams {
 	o.SetContext(ctx)
 	return o
 }
 // SetContext adds the context to the reset token params
 func (o *ResetTokenParams) SetContext(ctx context.Context) {
 	o.Context = ctx
 }
 // WithHTTPClient adds the HTTPClient to the reset token params
 func (o *ResetTokenParams) WithHTTPClient(client *http.Client) *ResetTokenParams {
 	o.SetHTTPClient(client)
 	return o
 }
 // SetHTTPClient adds the HTTPClient to the reset token params
 func (o *ResetTokenParams) SetHTTPClient(client *http.Client) {
 	o.HTTPClient = client
 }
 // WithBody adds the body to the reset token params
 func (o *ResetTokenParams) WithBody(body ResetTokenBody) *ResetTokenParams {
 	o.SetBody(body)
 	return o
 }
 // SetBody adds the body to the reset token params
 func (o *ResetTokenParams) SetBody(body ResetTokenBody) {
 	o.Body = body
 }
 // WriteToRequest writes these params to a swagger request
 func (o *ResetTokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
 	if err := r.SetTimeout(o.timeout); err != nil {
 		return err
 	}
 	var res []error
 	if err := r.SetBodyParam(o.Body); err != nil {
 		return err
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
--- a/rest_client_zrok/account/reset_token_responses.go
+++ b/rest_client_zrok/account/reset_token_responses.go
@ -0,0 +1,303 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package account
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"context"
 	"fmt"
 	"io"
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // ResetTokenReader is a Reader for the ResetToken structure.
 type ResetTokenReader struct {
 	formats strfmt.Registry
 }
 // ReadResponse reads a server response into the received o.
 func (o *ResetTokenReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
 	switch response.Code() {
 	case 200:
 		result := NewResetTokenOK()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return result, nil
 	case 404:
 		result := NewResetTokenNotFound()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	case 500:
 		result := NewResetTokenInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
 			return nil, err
 		}
 		return nil, result
 	default:
 		return nil, runtime.NewAPIError("[POST /resetToken] resetToken", response, response.Code())
 	}
 }
 // NewResetTokenOK creates a ResetTokenOK with default headers values
 func NewResetTokenOK() *ResetTokenOK {
 	return &ResetTokenOK{}
 }
 /*
 ResetTokenOK describes a response with status code 200, with default header values.
 token reset
 */
 type ResetTokenOK struct {
 	Payload *ResetTokenOKBody
 }
 // IsSuccess returns true when this reset token o k response has a 2xx status code
 func (o *ResetTokenOK) IsSuccess() bool {
 	return true
 }
 // IsRedirect returns true when this reset token o k response has a 3xx status code
 func (o *ResetTokenOK) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this reset token o k response has a 4xx status code
 func (o *ResetTokenOK) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this reset token o k response has a 5xx status code
 func (o *ResetTokenOK) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this reset token o k response a status code equal to that given
 func (o *ResetTokenOK) IsCode(code int) bool {
 	return code == 200
 }
 // Code gets the status code for the reset token o k response
 func (o *ResetTokenOK) Code() int {
 	return 200
 }
 func (o *ResetTokenOK) Error() string {
 	return fmt.Sprintf("[POST /resetToken][%d] resetTokenOK  %+v", 200, o.Payload)
 }
 func (o *ResetTokenOK) String() string {
 	return fmt.Sprintf("[POST /resetToken][%d] resetTokenOK  %+v", 200, o.Payload)
 }
 func (o *ResetTokenOK) GetPayload() *ResetTokenOKBody {
 	return o.Payload
 }
 func (o *ResetTokenOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	o.Payload = new(ResetTokenOKBody)
 	// response payload
 	if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF {
 		return err
 	}
 	return nil
 }
 // NewResetTokenNotFound creates a ResetTokenNotFound with default headers values
 func NewResetTokenNotFound() *ResetTokenNotFound {
 	return &ResetTokenNotFound{}
 }
 /*
 ResetTokenNotFound describes a response with status code 404, with default header values.
 account not found
 */
 type ResetTokenNotFound struct {
 }
 // IsSuccess returns true when this reset token not found response has a 2xx status code
 func (o *ResetTokenNotFound) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this reset token not found response has a 3xx status code
 func (o *ResetTokenNotFound) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this reset token not found response has a 4xx status code
 func (o *ResetTokenNotFound) IsClientError() bool {
 	return true
 }
 // IsServerError returns true when this reset token not found response has a 5xx status code
 func (o *ResetTokenNotFound) IsServerError() bool {
 	return false
 }
 // IsCode returns true when this reset token not found response a status code equal to that given
 func (o *ResetTokenNotFound) IsCode(code int) bool {
 	return code == 404
 }
 // Code gets the status code for the reset token not found response
 func (o *ResetTokenNotFound) Code() int {
 	return 404
 }
 func (o *ResetTokenNotFound) Error() string {
 	return fmt.Sprintf("[POST /resetToken][%d] resetTokenNotFound ", 404)
 }
 func (o *ResetTokenNotFound) String() string {
 	return fmt.Sprintf("[POST /resetToken][%d] resetTokenNotFound ", 404)
 }
 func (o *ResetTokenNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 // NewResetTokenInternalServerError creates a ResetTokenInternalServerError with default headers values
 func NewResetTokenInternalServerError() *ResetTokenInternalServerError {
 	return &ResetTokenInternalServerError{}
 }
 /*
 ResetTokenInternalServerError describes a response with status code 500, with default header values.
 internal server error
 */
 type ResetTokenInternalServerError struct {
 }
 // IsSuccess returns true when this reset token internal server error response has a 2xx status code
 func (o *ResetTokenInternalServerError) IsSuccess() bool {
 	return false
 }
 // IsRedirect returns true when this reset token internal server error response has a 3xx status code
 func (o *ResetTokenInternalServerError) IsRedirect() bool {
 	return false
 }
 // IsClientError returns true when this reset token internal server error response has a 4xx status code
 func (o *ResetTokenInternalServerError) IsClientError() bool {
 	return false
 }
 // IsServerError returns true when this reset token internal server error response has a 5xx status code
 func (o *ResetTokenInternalServerError) IsServerError() bool {
 	return true
 }
 // IsCode returns true when this reset token internal server error response a status code equal to that given
 func (o *ResetTokenInternalServerError) IsCode(code int) bool {
 	return code == 500
 }
 // Code gets the status code for the reset token internal server error response
 func (o *ResetTokenInternalServerError) Code() int {
 	return 500
 }
 func (o *ResetTokenInternalServerError) Error() string {
 	return fmt.Sprintf("[POST /resetToken][%d] resetTokenInternalServerError ", 500)
 }
 func (o *ResetTokenInternalServerError) String() string {
 	return fmt.Sprintf("[POST /resetToken][%d] resetTokenInternalServerError ", 500)
 }
 func (o *ResetTokenInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
 	return nil
 }
 /*
 ResetTokenBody reset token body
 swagger:model ResetTokenBody
 */
 type ResetTokenBody struct {
 	// email address
 	EmailAddress string `json:"emailAddress,omitempty"`
 }
 // Validate validates this reset token body
 func (o *ResetTokenBody) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this reset token body based on context it is used
 func (o *ResetTokenBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (o *ResetTokenBody) MarshalBinary() ([]byte, error) {
 	if o == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(o)
 }
 // UnmarshalBinary interface implementation
 func (o *ResetTokenBody) UnmarshalBinary(b []byte) error {
 	var res ResetTokenBody
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*o = res
 	return nil
 }
 /*
 ResetTokenOKBody reset token o k body
 swagger:model ResetTokenOKBody
 */
 type ResetTokenOKBody struct {
 	// token
 	Token string `json:"token,omitempty"`
 }
 // Validate validates this reset token o k body
 func (o *ResetTokenOKBody) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this reset token o k body based on context it is used
 func (o *ResetTokenOKBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (o *ResetTokenOKBody) MarshalBinary() ([]byte, error) {
 	if o == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(o)
 }
 // UnmarshalBinary interface implementation
 func (o *ResetTokenOKBody) UnmarshalBinary(b []byte) error {
 	var res ResetTokenOKBody
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*o = res
 	return nil
 }
--- a/rest_server_zrok/embedded_spec.go
+++ b/rest_server_zrok/embedded_spec.go
@ -832,6 +832,45 @@ func init() {
        }
      }
    },
    "/resetToken": {
      "post": {
        "tags": [
          "account"
        ],
        "operationId": "resetToken",
        "parameters": [
          {
            "name": "body",
            "in": "body",
            "schema": {
              "properties": {
                "emailAddress": {
                  "type": "string"
                }
              }
            }
          }
        ],
        "responses": {
          "200": {
            "description": "token reset",
            "schema": {
              "properties": {
                "token": {
                  "type": "string"
                }
              }
            }
          },
          "404": {
            "description": "account not found"
          },
          "500": {
            "description": "internal server error"
          }
        }
      }
    },
    "/share": {
      "post": {
        "security": [
@ -2455,6 +2494,45 @@ func init() {
        }
      }
    },
    "/resetToken": {
      "post": {
        "tags": [
          "account"
        ],
        "operationId": "resetToken",
        "parameters": [
          {
            "name": "body",
            "in": "body",
            "schema": {
              "properties": {
                "emailAddress": {
                  "type": "string"
                }
              }
            }
          }
        ],
        "responses": {
          "200": {
            "description": "token reset",
            "schema": {
              "properties": {
                "token": {
                  "type": "string"
                }
              }
            }
          },
          "404": {
            "description": "account not found"
          },
          "500": {
            "description": "internal server error"
          }
        }
      }
    },
    "/share": {
      "post": {
        "security": [
--- a/rest_server_zrok/operations/account/reset_token.go
+++ b/rest_server_zrok/operations/account/reset_token.go
@ -0,0 +1,133 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package account
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
 import (
 	"context"
 	"net/http"
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
 )
 // ResetTokenHandlerFunc turns a function with the right signature into a reset token handler
 type ResetTokenHandlerFunc func(ResetTokenParams) middleware.Responder
 // Handle executing the request and returning a response
 func (fn ResetTokenHandlerFunc) Handle(params ResetTokenParams) middleware.Responder {
 	return fn(params)
 }
 // ResetTokenHandler interface for that can handle valid reset token params
 type ResetTokenHandler interface {
 	Handle(ResetTokenParams) middleware.Responder
 }
 // NewResetToken creates a new http.Handler for the reset token operation
 func NewResetToken(ctx *middleware.Context, handler ResetTokenHandler) *ResetToken {
 	return &ResetToken{Context: ctx, Handler: handler}
 }
 /*
 	ResetToken swagger:route POST /resetToken account resetToken
 ResetToken reset token API
 */
 type ResetToken struct {
 	Context *middleware.Context
 	Handler ResetTokenHandler
 }
 func (o *ResetToken) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
 	route, rCtx, _ := o.Context.RouteInfo(r)
 	if rCtx != nil {
 		*r = *rCtx
 	}
 	var Params = NewResetTokenParams()
 	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
 		o.Context.Respond(rw, r, route.Produces, route, err)
 		return
 	}
 	res := o.Handler.Handle(Params) // actually handle the request
 	o.Context.Respond(rw, r, route.Produces, route, res)
 }
 // ResetTokenBody reset token body
 //
 // swagger:model ResetTokenBody
 type ResetTokenBody struct {
 	// email address
 	EmailAddress string `json:"emailAddress,omitempty"`
 }
 // Validate validates this reset token body
 func (o *ResetTokenBody) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this reset token body based on context it is used
 func (o *ResetTokenBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (o *ResetTokenBody) MarshalBinary() ([]byte, error) {
 	if o == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(o)
 }
 // UnmarshalBinary interface implementation
 func (o *ResetTokenBody) UnmarshalBinary(b []byte) error {
 	var res ResetTokenBody
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*o = res
 	return nil
 }
 // ResetTokenOKBody reset token o k body
 //
 // swagger:model ResetTokenOKBody
 type ResetTokenOKBody struct {
 	// token
 	Token string `json:"token,omitempty"`
 }
 // Validate validates this reset token o k body
 func (o *ResetTokenOKBody) Validate(formats strfmt.Registry) error {
 	return nil
 }
 // ContextValidate validates this reset token o k body based on context it is used
 func (o *ResetTokenOKBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
 	return nil
 }
 // MarshalBinary interface implementation
 func (o *ResetTokenOKBody) MarshalBinary() ([]byte, error) {
 	if o == nil {
 		return nil, nil
 	}
 	return swag.WriteJSON(o)
 }
 // UnmarshalBinary interface implementation
 func (o *ResetTokenOKBody) UnmarshalBinary(b []byte) error {
 	var res ResetTokenOKBody
 	if err := swag.ReadJSON(b, &res); err != nil {
 		return err
 	}
 	*o = res
 	return nil
 }
--- a/rest_server_zrok/operations/account/reset_token_parameters.go
+++ b/rest_server_zrok/operations/account/reset_token_parameters.go
@ -0,0 +1,74 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package account
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"net/http"
 	"github.com/go-openapi/errors"
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/go-openapi/validate"
 )
 // NewResetTokenParams creates a new ResetTokenParams object
 //
 // There are no default values defined in the spec.
 func NewResetTokenParams() ResetTokenParams {
 	return ResetTokenParams{}
 }
 // ResetTokenParams contains all the bound params for the reset token operation
 // typically these are obtained from a http.Request
 //
 // swagger:parameters resetToken
 type ResetTokenParams struct {
 	// HTTP Request Object
 	HTTPRequest *http.Request `json:"-"`
 	/*
 	  In: body
 	*/
 	Body ResetTokenBody
 }
 // BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
 // for simple values it will use straight method calls.
 //
 // To ensure default values, the struct must have been initialized with NewResetTokenParams() beforehand.
 func (o *ResetTokenParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
 	var res []error
 	o.HTTPRequest = r
 	if runtime.HasBody(r) {
 		defer r.Body.Close()
 		var body ResetTokenBody
 		if err := route.Consumer.Consume(r.Body, &body); err != nil {
 			res = append(res, errors.NewParseError("body", "body", "", err))
 		} else {
 			// validate body object
 			if err := body.Validate(route.Formats); err != nil {
 				res = append(res, err)
 			}
 			ctx := validate.WithOperationRequest(r.Context())
 			if err := body.ContextValidate(ctx, route.Formats); err != nil {
 				res = append(res, err)
 			}
 			if len(res) == 0 {
 				o.Body = body
 			}
 		}
 	}
 	if len(res) > 0 {
 		return errors.CompositeValidationError(res...)
 	}
 	return nil
 }
--- a/rest_server_zrok/operations/account/reset_token_responses.go
+++ b/rest_server_zrok/operations/account/reset_token_responses.go
@ -0,0 +1,107 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package account
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the swagger generate command
 import (
 	"net/http"
 	"github.com/go-openapi/runtime"
 )
 // ResetTokenOKCode is the HTTP code returned for type ResetTokenOK
 const ResetTokenOKCode int = 200
 /*
 ResetTokenOK token reset
 swagger:response resetTokenOK
 */
 type ResetTokenOK struct {
 	/*
 	  In: Body
 	*/
 	Payload *ResetTokenOKBody `json:"body,omitempty"`
 }
 // NewResetTokenOK creates ResetTokenOK with default headers values
 func NewResetTokenOK() *ResetTokenOK {
 	return &ResetTokenOK{}
 }
 // WithPayload adds the payload to the reset token o k response
 func (o *ResetTokenOK) WithPayload(payload *ResetTokenOKBody) *ResetTokenOK {
 	o.Payload = payload
 	return o
 }
 // SetPayload sets the payload to the reset token o k response
 func (o *ResetTokenOK) SetPayload(payload *ResetTokenOKBody) {
 	o.Payload = payload
 }
 // WriteResponse to the client
 func (o *ResetTokenOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.WriteHeader(200)
 	if o.Payload != nil {
 		payload := o.Payload
 		if err := producer.Produce(rw, payload); err != nil {
 			panic(err) // let the recovery middleware deal with this
 		}
 	}
 }
 // ResetTokenNotFoundCode is the HTTP code returned for type ResetTokenNotFound
 const ResetTokenNotFoundCode int = 404
 /*
 ResetTokenNotFound account not found
 swagger:response resetTokenNotFound
 */
 type ResetTokenNotFound struct {
 }
 // NewResetTokenNotFound creates ResetTokenNotFound with default headers values
 func NewResetTokenNotFound() *ResetTokenNotFound {
 	return &ResetTokenNotFound{}
 }
 // WriteResponse to the client
 func (o *ResetTokenNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(404)
 }
 // ResetTokenInternalServerErrorCode is the HTTP code returned for type ResetTokenInternalServerError
 const ResetTokenInternalServerErrorCode int = 500
 /*
 ResetTokenInternalServerError internal server error
 swagger:response resetTokenInternalServerError
 */
 type ResetTokenInternalServerError struct {
 }
 // NewResetTokenInternalServerError creates ResetTokenInternalServerError with default headers values
 func NewResetTokenInternalServerError() *ResetTokenInternalServerError {
 	return &ResetTokenInternalServerError{}
 }
 // WriteResponse to the client
 func (o *ResetTokenInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
 	rw.WriteHeader(500)
 }
--- a/rest_server_zrok/operations/account/reset_token_urlbuilder.go
+++ b/rest_server_zrok/operations/account/reset_token_urlbuilder.go
@ -0,0 +1,87 @@
 // Code generated by go-swagger; DO NOT EDIT.
 package account
 // This file was generated by the swagger tool.
 // Editing this file might prove futile when you re-run the generate command
 import (
 	"errors"
 	"net/url"
 	golangswaggerpaths "path"
 )
 // ResetTokenURL generates an URL for the reset token operation
 type ResetTokenURL struct {
 	_basePath string
 }
 // WithBasePath sets the base path for this url builder, only required when it's different from the
 // base path specified in the swagger spec.
 // When the value of the base path is an empty string
 func (o *ResetTokenURL) WithBasePath(bp string) *ResetTokenURL {
 	o.SetBasePath(bp)
 	return o
 }
 // SetBasePath sets the base path for this url builder, only required when it's different from the
 // base path specified in the swagger spec.
 // When the value of the base path is an empty string
 func (o *ResetTokenURL) SetBasePath(bp string) {
 	o._basePath = bp
 }
 // Build a url path and query string
 func (o *ResetTokenURL) Build() (*url.URL, error) {
 	var _result url.URL
 	var _path = "/resetToken"
 	_basePath := o._basePath
 	if _basePath == "" {
 		_basePath = "/api/v1"
 	}
 	_result.Path = golangswaggerpaths.Join(_basePath, _path)
 	return &_result, nil
 }
 // Must is a helper function to panic when the url builder returns an error
 func (o *ResetTokenURL) Must(u *url.URL, err error) *url.URL {
 	if err != nil {
 		panic(err)
 	}
 	if u == nil {
 		panic("url can't be nil")
 	}
 	return u
 }
 // String returns the string representation of the path with query string
 func (o *ResetTokenURL) String() string {
 	return o.Must(o.Build()).String()
 }
 // BuildFull builds a full url with scheme, host, path and query string
 func (o *ResetTokenURL) BuildFull(scheme, host string) (*url.URL, error) {
 	if scheme == "" {
 		return nil, errors.New("scheme is required for a full url on ResetTokenURL")
 	}
 	if host == "" {
 		return nil, errors.New("host is required for a full url on ResetTokenURL")
 	}
 	base, err := o.Build()
 	if err != nil {
 		return nil, err
 	}
 	base.Scheme = scheme
 	base.Host = host
 	return base, nil
 }
 // StringFull returns the string representation of a complete url
 func (o *ResetTokenURL) StringFull(scheme, host string) string {
 	return o.Must(o.BuildFull(scheme, host)).String()
 }
--- a/rest_server_zrok/operations/zrok_api.go
+++ b/rest_server_zrok/operations/zrok_api.go
@ -115,6 +115,9 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		AccountResetPasswordRequestHandler: account.ResetPasswordRequestHandlerFunc(func(params account.ResetPasswordRequestParams) middleware.Responder {
 			return middleware.NotImplemented("operation account.ResetPasswordRequest has not yet been implemented")
 		}),
 		AccountResetTokenHandler: account.ResetTokenHandlerFunc(func(params account.ResetTokenParams) middleware.Responder {
 			return middleware.NotImplemented("operation account.ResetToken has not yet been implemented")
 		}),
 		ShareShareHandler: share.ShareHandlerFunc(func(params share.ShareParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation share.Share has not yet been implemented")
 		}),
@ -230,6 +233,8 @@ type ZrokAPI struct {
 	AccountResetPasswordHandler account.ResetPasswordHandler
 	// AccountResetPasswordRequestHandler sets the operation handler for the reset password request operation
 	AccountResetPasswordRequestHandler account.ResetPasswordRequestHandler
 	// AccountResetTokenHandler sets the operation handler for the reset token operation
 	AccountResetTokenHandler account.ResetTokenHandler
 	// ShareShareHandler sets the operation handler for the share operation
 	ShareShareHandler share.ShareHandler
 	// ShareUnaccessHandler sets the operation handler for the unaccess operation
@ -391,6 +396,9 @@ func (o *ZrokAPI) Validate() error {
 	if o.AccountResetPasswordRequestHandler == nil {
 		unregistered = append(unregistered, "account.ResetPasswordRequestHandler")
 	}
 	if o.AccountResetTokenHandler == nil {
 		unregistered = append(unregistered, "account.ResetTokenHandler")
 	}
 	if o.ShareShareHandler == nil {
 		unregistered = append(unregistered, "share.ShareHandler")
 	}
@ -602,6 +610,10 @@ func (o *ZrokAPI) initHandlerCache() {
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
 	o.handlers["POST"]["/resetToken"] = account.NewResetToken(o.context, o.AccountResetTokenHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
 	o.handlers["POST"]["/share"] = share.NewShare(o.context, o.ShareShareHandler)
 	if o.handlers["DELETE"] == nil {
 		o.handlers["DELETE"] = make(map[string]http.Handler)
--- a/sdk/python/sdk/zrok/.swagger-codegen/VERSION
+++ b/sdk/python/sdk/zrok/.swagger-codegen/VERSION
@ -1 +1 @@
-3.0.51
+3.0.52
--- a/sdk/python/sdk/zrok/requirements.txt
+++ b/sdk/python/sdk/zrok/requirements.txt
@ -3,4 +3,3 @@ six >= 1.10
 python_dateutil >= 2.5.3
 setuptools >= 21.0.0
 urllib3 >= 1.15.1
 openziti >= 0.8.1
--- a/sdk/python/sdk/zrok/zrok_api/init.py
+++ b/sdk/python/sdk/zrok/zrok_api/init.py
@ -41,6 +41,7 @@ from zrok_api.models.error_message import ErrorMessage
 from zrok_api.models.frontend import Frontend
 from zrok_api.models.frontends import Frontends
 from zrok_api.models.identity_body import IdentityBody
 from zrok_api.models.inline_response200 import InlineResponse200
 from zrok_api.models.inline_response201 import InlineResponse201
 from zrok_api.models.invite_request import InviteRequest
 from zrok_api.models.invite_token_generate_request import InviteTokenGenerateRequest
@ -57,6 +58,7 @@ from zrok_api.models.register_request import RegisterRequest
 from zrok_api.models.register_response import RegisterResponse
 from zrok_api.models.reset_password_request import ResetPasswordRequest
 from zrok_api.models.reset_password_request_body import ResetPasswordRequestBody
 from zrok_api.models.reset_token_body import ResetTokenBody
 from zrok_api.models.share import Share
 from zrok_api.models.share_request import ShareRequest
 from zrok_api.models.share_response import ShareResponse
--- a/sdk/python/sdk/zrok/zrok_api/api/account_api.py
+++ b/sdk/python/sdk/zrok/zrok_api/api/account_api.py
@ -493,6 +493,99 @@ class AccountApi(object):
            _request_timeout=params.get('_request_timeout'),
            collection_formats=collection_formats)
    def reset_token(self, **kwargs):  # noqa: E501
        """reset_token  # noqa: E501
        This method makes a synchronous HTTP request by default. To make an
        asynchronous HTTP request, please pass async_req=True
        >>> thread = api.reset_token(async_req=True)
        >>> result = thread.get()
        :param async_req bool
        :param ResetTokenBody body:
        :return: InlineResponse200
                 If the method is called asynchronously,
                 returns the request thread.
        """
        kwargs['_return_http_data_only'] = True
        if kwargs.get('async_req'):
            return self.reset_token_with_http_info(**kwargs)  # noqa: E501
        else:
            (data) = self.reset_token_with_http_info(**kwargs)  # noqa: E501
            return data
    def reset_token_with_http_info(self, **kwargs):  # noqa: E501
        """reset_token  # noqa: E501
        This method makes a synchronous HTTP request by default. To make an
        asynchronous HTTP request, please pass async_req=True
        >>> thread = api.reset_token_with_http_info(async_req=True)
        >>> result = thread.get()
        :param async_req bool
        :param ResetTokenBody body:
        :return: InlineResponse200
                 If the method is called asynchronously,
                 returns the request thread.
        """
        all_params = ['body']  # noqa: E501
        all_params.append('async_req')
        all_params.append('_return_http_data_only')
        all_params.append('_preload_content')
        all_params.append('_request_timeout')
        params = locals()
        for key, val in six.iteritems(params['kwargs']):
            if key not in all_params:
                raise TypeError(
                    "Got an unexpected keyword argument '%s'"
                    " to method reset_token" % key
                )
            params[key] = val
        del params['kwargs']
        collection_formats = {}
        path_params = {}
        query_params = []
        header_params = {}
        form_params = []
        local_var_files = {}
        body_params = None
        if 'body' in params:
            body_params = params['body']
        # HTTP header `Accept`
        header_params['Accept'] = self.api_client.select_header_accept(
            ['application/zrok.v1+json'])  # noqa: E501
        # HTTP header `Content-Type`
        header_params['Content-Type'] = self.api_client.select_header_content_type(  # noqa: E501
            ['application/zrok.v1+json'])  # noqa: E501
        # Authentication setting
        auth_settings = []  # noqa: E501
        return self.api_client.call_api(
            '/resetToken', 'POST',
            path_params,
            query_params,
            header_params,
            body=body_params,
            post_params=form_params,
            files=local_var_files,
            response_type='InlineResponse200',  # noqa: E501
            auth_settings=auth_settings,
            async_req=params.get('async_req'),
            _return_http_data_only=params.get('_return_http_data_only'),
            _preload_content=params.get('_preload_content', True),
            _request_timeout=params.get('_request_timeout'),
            collection_formats=collection_formats)
    def verify(self, **kwargs):  # noqa: E501
        """verify  # noqa: E501
--- a/sdk/python/sdk/zrok/zrok_api/configuration.py
+++ b/sdk/python/sdk/zrok/zrok_api/configuration.py
@ -219,9 +219,12 @@ class Configuration(six.with_metaclass(TypeWithDefault, object)):
        :return: The token for basic HTTP authentication.
        """
-        return urllib3.util.make_headers(
+        token = ""
-            basic_auth=self.username + ':' + self.password
+        if self.username or self.password:
-        ).get('authorization')
+            token = urllib3.util.make_headers(
                basic_auth=self.username + ':' + self.password
            ).get('authorization')
        return token
    def auth_settings(self):
        """Gets Auth Settings dict for api client.
--- a/sdk/python/sdk/zrok/zrok_api/models/init.py
+++ b/sdk/python/sdk/zrok/zrok_api/models/init.py
@ -31,6 +31,7 @@ from zrok_api.models.error_message import ErrorMessage
 from zrok_api.models.frontend import Frontend
 from zrok_api.models.frontends import Frontends
 from zrok_api.models.identity_body import IdentityBody
 from zrok_api.models.inline_response200 import InlineResponse200
 from zrok_api.models.inline_response201 import InlineResponse201
 from zrok_api.models.invite_request import InviteRequest
 from zrok_api.models.invite_token_generate_request import InviteTokenGenerateRequest
@ -47,6 +48,7 @@ from zrok_api.models.register_request import RegisterRequest
 from zrok_api.models.register_response import RegisterResponse
 from zrok_api.models.reset_password_request import ResetPasswordRequest
 from zrok_api.models.reset_password_request_body import ResetPasswordRequestBody
 from zrok_api.models.reset_token_body import ResetTokenBody
 from zrok_api.models.share import Share
 from zrok_api.models.share_request import ShareRequest
 from zrok_api.models.share_response import ShareResponse
--- a/sdk/python/sdk/zrok/zrok_api/models/inline_response200.py
+++ b/sdk/python/sdk/zrok/zrok_api/models/inline_response200.py
@ -0,0 +1,110 @@
 # coding: utf-8
 """
    zrok
    zrok client access  # noqa: E501
    OpenAPI spec version: 0.3.0
    Generated by: https://github.com/swagger-api/swagger-codegen.git
 """
 import pprint
 import re  # noqa: F401
 import six
 class InlineResponse200(object):
    """NOTE: This class is auto generated by the swagger code generator program.
    Do not edit the class manually.
    """
    """
    Attributes:
      swagger_types (dict): The key is attribute name
                            and the value is attribute type.
      attribute_map (dict): The key is attribute name
                            and the value is json key in definition.
    """
    swagger_types = {
        'token': 'str'
    }
    attribute_map = {
        'token': 'token'
    }
    def __init__(self, token=None):  # noqa: E501
        """InlineResponse200 - a model defined in Swagger"""  # noqa: E501
        self._token = None
        self.discriminator = None
        if token is not None:
            self.token = token
    @property
    def token(self):
        """Gets the token of this InlineResponse200.  # noqa: E501
        :return: The token of this InlineResponse200.  # noqa: E501
        :rtype: str
        """
        return self._token
    @token.setter
    def token(self, token):
        """Sets the token of this InlineResponse200.
        :param token: The token of this InlineResponse200.  # noqa: E501
        :type: str
        """
        self._token = token
    def to_dict(self):
        """Returns the model properties as a dict"""
        result = {}
        for attr, _ in six.iteritems(self.swagger_types):
            value = getattr(self, attr)
            if isinstance(value, list):
                result[attr] = list(map(
                    lambda x: x.to_dict() if hasattr(x, "to_dict") else x,
                    value
                ))
            elif hasattr(value, "to_dict"):
                result[attr] = value.to_dict()
            elif isinstance(value, dict):
                result[attr] = dict(map(
                    lambda item: (item[0], item[1].to_dict())
                    if hasattr(item[1], "to_dict") else item,
                    value.items()
                ))
            else:
                result[attr] = value
        if issubclass(InlineResponse200, dict):
            for key, value in self.items():
                result[key] = value
        return result
    def to_str(self):
        """Returns the string representation of the model"""
        return pprint.pformat(self.to_dict())
    def __repr__(self):
        """For `print` and `pprint`"""
        return self.to_str()
    def __eq__(self, other):
        """Returns true if both objects are equal"""
        if not isinstance(other, InlineResponse200):
            return False
        return self.__dict__ == other.__dict__
    def __ne__(self, other):
        """Returns true if both objects are not equal"""
        return not self == other
--- a/sdk/python/sdk/zrok/zrok_api/models/reset_token_body.py
+++ b/sdk/python/sdk/zrok/zrok_api/models/reset_token_body.py
@ -0,0 +1,110 @@
 # coding: utf-8
 """
    zrok
    zrok client access  # noqa: E501
    OpenAPI spec version: 0.3.0
    Generated by: https://github.com/swagger-api/swagger-codegen.git
 """
 import pprint
 import re  # noqa: F401
 import six
 class ResetTokenBody(object):
    """NOTE: This class is auto generated by the swagger code generator program.
    Do not edit the class manually.
    """
    """
    Attributes:
      swagger_types (dict): The key is attribute name
                            and the value is attribute type.
      attribute_map (dict): The key is attribute name
                            and the value is json key in definition.
    """
    swagger_types = {
        'email_address': 'str'
    }
    attribute_map = {
        'email_address': 'emailAddress'
    }
    def __init__(self, email_address=None):  # noqa: E501
        """ResetTokenBody - a model defined in Swagger"""  # noqa: E501
        self._email_address = None
        self.discriminator = None
        if email_address is not None:
            self.email_address = email_address
    @property
    def email_address(self):
        """Gets the email_address of this ResetTokenBody.  # noqa: E501
        :return: The email_address of this ResetTokenBody.  # noqa: E501
        :rtype: str
        """
        return self._email_address
    @email_address.setter
    def email_address(self, email_address):
        """Sets the email_address of this ResetTokenBody.
        :param email_address: The email_address of this ResetTokenBody.  # noqa: E501
        :type: str
        """
        self._email_address = email_address
    def to_dict(self):
        """Returns the model properties as a dict"""
        result = {}
        for attr, _ in six.iteritems(self.swagger_types):
            value = getattr(self, attr)
            if isinstance(value, list):
                result[attr] = list(map(
                    lambda x: x.to_dict() if hasattr(x, "to_dict") else x,
                    value
                ))
            elif hasattr(value, "to_dict"):
                result[attr] = value.to_dict()
            elif isinstance(value, dict):
                result[attr] = dict(map(
                    lambda item: (item[0], item[1].to_dict())
                    if hasattr(item[1], "to_dict") else item,
                    value.items()
                ))
            else:
                result[attr] = value
        if issubclass(ResetTokenBody, dict):
            for key, value in self.items():
                result[key] = value
        return result
    def to_str(self):
        """Returns the string representation of the model"""
        return pprint.pformat(self.to_dict())
    def __repr__(self):
        """For `print` and `pprint`"""
        return self.to_str()
    def __eq__(self, other):
        """Returns true if both objects are equal"""
        if not isinstance(other, ResetTokenBody):
            return False
        return self.__dict__ == other.__dict__
    def __ne__(self, other):
        """Returns true if both objects are not equal"""
        return not self == other
--- a/sdk/python/sdk/zrok/zrok_api/rest.py
+++ b/sdk/python/sdk/zrok/zrok_api/rest.py
@ -42,11 +42,11 @@ class RESTResponse(io.IOBase):
    def getheaders(self):
        """Returns a dictionary of the response headers."""
-        return self.urllib3_response.getheaders()
+        return self.urllib3_response.headers
    def getheader(self, name, default=None):
        """Returns a given response header."""
-        return self.urllib3_response.getheader(name, default)
+        return self.urllib3_response.headers.get(name, default)
 class RESTClientObject(object):
--- a/specs/zrok.yml
+++ b/specs/zrok.yml
@ -121,6 +121,30 @@ paths:
        500:
          description: internal server error
  /resetToken:
    post:
      tags:
        - account
      operationId: resetToken
      parameters:
        - name: body
          in: body
          schema:
            properties:
              emailAddress:
                type: string
      responses:
        200:
          description: token reset
          schema:
            properties:
              token:
                type: string
        404:
          description: account not found
        500:
          description: internal server error
  /verify:
    post:
      tags:
--- a/ui/src/api/account.js
+++ b/ui/src/api/account.js
@ -77,6 +77,21 @@ export function resetPasswordRequest(options) {
  return gateway.request(resetPasswordRequestOperation, parameters)
 }
 /**
 * @param {object} options Optional options
 * @param {object} [options.body] 
 * @return {Promise<object>} token reset
 */
 export function resetToken(options) {
  if (!options) options = {}
  const parameters = {
    body: {
      body: options.body
    }
  }
  return gateway.request(resetTokenOperation, parameters)
 }
 /**
 * @param {object} options Optional options
 * @param {module:types.verifyRequest} [options.body] 
@ -122,6 +137,12 @@ const resetPasswordRequestOperation = {
  method: 'post'
 }
 const resetTokenOperation = {
  path: '/resetToken',
  contentTypes: ['application/zrok.v1+json'],
  method: 'post'
 }
 const verifyOperation = {
  path: '/verify',
  contentTypes: ['application/zrok.v1+json'],
--- a/ui/src/console/detail/account/AccountDetail.js
+++ b/ui/src/console/detail/account/AccountDetail.js
@ -6,6 +6,7 @@ import SecretToggle from "../../SecretToggle";
 import React from "react";
 import MetricsTab from "./MetricsTab";
 import EnvironmentsTab from "./EnvironmentsTab";
 import ActionsTab from "./ActionsTab";
 const AccountDetail = (props) => {
    const customProperties = {
@ -25,6 +26,9 @@ const AccountDetail = (props) => {
                <Tab eventKey={"metrics"} title={"Metrics"}>
                    <MetricsTab />
                </Tab>
                <Tab eventKey={"actions"} title={"Actions"}>
                      <ActionsTab user={props.user}/>
                  </Tab>
            </Tabs>
        </div>
    );
--- a/ui/src/console/detail/account/ActionsTab.js
+++ b/ui/src/console/detail/account/ActionsTab.js
@ -0,0 +1,34 @@
 import React, {useState} from "react";
 import ResetToken from "./actions/ResetToken";
 const ActionsTab = (props) => {
    const [actionState, setActionState] = useState("menu")
    const [showResetTokenModal, setShowResetTokenModal] = useState(false);
    const openResetTokenModal = () => setShowResetTokenModal(true);
    const closeResetTokenModal = () => setShowResetTokenModal(false);
    let defaultActionsTabComponent = (
        <div>
            <button onClick={openResetTokenModal}>Regenerate Token</button>
            <ResetToken show={showResetTokenModal} onHide={closeResetTokenModal} user={props.user}/>
        </div>
    )
    const returnState = () => {
        setActionState("menu")
    }
    const renderActions = () => {
        switch (actionState) {
            default:
                return defaultActionsTabComponent
        }
    }
    return (
        renderActions()
    )
 }
 export default ActionsTab;
--- a/ui/src/console/detail/account/actions/ResetToken.js
+++ b/ui/src/console/detail/account/actions/ResetToken.js
@ -0,0 +1,29 @@
 import Modal from "react-bootstrap/Modal";
 import { Button, Container, Form, Row } from "react-bootstrap";
 import * as account from "../../../../api/account";
 const ResetToken = (props) => {
    let resetToken = () => {
        console.log("I should reset my token")
        account.resetToken({ body: { "emailAddress": props.user.email } }).then(resp => {
            console.log(resp)
        }).catch(err => {
            console.log("err", err);
        });
    }
    return (
        <div>
            <Modal show={props.show} onHide={props.onHide} centered>
                <Modal.Header closeButton>Are you Sure?</Modal.Header>
                <Modal.Body>
                    TEST
                    <Button variant={"light"} onClick={resetToken}>Reset Password</Button>
                </Modal.Body>
            </Modal>
        </div>
    )
 }
 export default ResetToken;