server/handle_server_reset_password.go at 0d9fcc5a3825db9b681594efc1af38ea6032f03b · hailey.at/cocoon

hailey.at / cocoon

this repo has no description

cocoon / server / handle_server_reset_password.go

at 0d9fcc5a3825db9b681594efc1af38ea6032f03b 1.6 kB view raw

 1package server
 2
 3import (
 4	"time"
 5
 6	"github.com/Azure/go-autorest/autorest/to"
 7	"github.com/haileyok/cocoon/internal/helpers"
 8	"github.com/haileyok/cocoon/models"
 9	"github.com/labstack/echo/v4"
10	"golang.org/x/crypto/bcrypt"
11)
12
13type ComAtprotoServerResetPasswordRequest struct {
14	Token    string `json:"token" validate:"required"`
15	Password string `json:"password" validate:"required"`
16}
17
18func (s *Server) handleServerResetPassword(e echo.Context) error {
19	ctx := e.Request().Context()
20
21	urepo := e.Get("repo").(*models.RepoActor)
22
23	var req ComAtprotoServerResetPasswordRequest
24	if err := e.Bind(&req); err != nil {
25		s.logger.Error("error binding", "error", err)
26		return helpers.ServerError(e, nil)
27	}
28
29	if err := e.Validate(req); err != nil {
30		return helpers.InputError(e, nil)
31	}
32
33	if urepo.PasswordResetCode == nil || urepo.PasswordResetCodeExpiresAt == nil {
34		return helpers.InputError(e, to.StringPtr("InvalidToken"))
35	}
36
37	if *urepo.PasswordResetCode != req.Token {
38		return helpers.InvalidTokenError(e)
39	}
40
41	if time.Now().UTC().After(*urepo.PasswordResetCodeExpiresAt) {
42		return helpers.ExpiredTokenError(e)
43	}
44
45	hash, err := bcrypt.GenerateFromPassword([]byte(req.Password), 10)
46	if err != nil {
47		s.logger.Error("error creating hash", "error", err)
48		return helpers.ServerError(e, nil)
49	}
50
51	if err := s.db.Exec(ctx, "UPDATE repos SET password_reset_code = NULL, password_reset_code_expires_at = NULL, password = ? WHERE did = ?", nil, hash, urepo.Repo.Did).Error; err != nil {
52		s.logger.Error("error updating repo", "error", err)
53		return helpers.ServerError(e, nil)
54	}
55
56	return e.NoContent(200)
57}