mirror of
https://gitlab.com/comunic/comunicapiv3
synced 2024-11-30 01:06:27 +00:00
Can check the validity of a password reset token
This commit is contained in:
parent
e4b361ab12
commit
8a2f482bbd
@ -83,3 +83,9 @@ pub const MAX_REQUEST_SIZE: usize = 50000000;
|
|||||||
|
|
||||||
/// Maximum number of choices per survey
|
/// Maximum number of choices per survey
|
||||||
pub const MAXIMUM_NUMBER_SURVEY_CHOICES: usize = 20;
|
pub const MAXIMUM_NUMBER_SURVEY_CHOICES: usize = 20;
|
||||||
|
|
||||||
|
/// Length of password reset token
|
||||||
|
pub const PASSWORD_RESET_TOKEN_LENGTH: usize = 255;
|
||||||
|
|
||||||
|
/// Duration of the validity of a password reset token (6 hours)
|
||||||
|
pub const PASSWORD_RESET_TOKEN_LIFETIME: u64 = 60 * 60 * 6;
|
||||||
@ -6,11 +6,12 @@ use crate::api_data::res_check_email_exists::ResCheckEmailExists;
|
|||||||
use crate::api_data::res_check_security_answers::ResCheckSecurityAnswers;
|
use crate::api_data::res_check_security_answers::ResCheckSecurityAnswers;
|
||||||
use crate::api_data::res_check_security_questions_exists::ResCheckSecurityQuestionsExists;
|
use crate::api_data::res_check_security_questions_exists::ResCheckSecurityQuestionsExists;
|
||||||
use crate::api_data::res_get_security_questions::ResGetSecurityQuestions;
|
use crate::api_data::res_get_security_questions::ResGetSecurityQuestions;
|
||||||
|
use crate::constants::PASSWORD_RESET_TOKEN_LENGTH;
|
||||||
use crate::controllers::routes::RequestResult;
|
use crate::controllers::routes::RequestResult;
|
||||||
use crate::data::error::ResultBoxError;
|
use crate::data::error::ResultBoxError;
|
||||||
use crate::data::http_request_handler::HttpRequestHandler;
|
use crate::data::http_request_handler::HttpRequestHandler;
|
||||||
use crate::data::new_account::NewAccount;
|
use crate::data::new_account::NewAccount;
|
||||||
use crate::data::user::User;
|
use crate::data::user::{User, UserID};
|
||||||
use crate::helpers::{account_helper, user_helper};
|
use crate::helpers::{account_helper, user_helper};
|
||||||
|
|
||||||
/// Account controller
|
/// Account controller
|
||||||
@ -27,6 +28,17 @@ impl HttpRequestHandler {
|
|||||||
format!("Requested user in '{}' not found!", email).as_str(),
|
format!("Requested user in '{}' not found!", email).as_str(),
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Get the ID of the user associated with a password reset token
|
||||||
|
pub fn post_user_id_from_password_reset_token(&mut self, field: &str) -> ResultBoxError<UserID> {
|
||||||
|
let token = self.post_string_opt(field, PASSWORD_RESET_TOKEN_LENGTH, true)?;
|
||||||
|
let user_id = self.ok_or_forbidden(
|
||||||
|
account_helper::get_user_id_from_password_reset_token(&token),
|
||||||
|
"Invalid password reset token!",
|
||||||
|
)?;
|
||||||
|
|
||||||
|
Ok(user_id)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Create a new account
|
/// Create a new account
|
||||||
@ -149,3 +161,9 @@ pub fn check_security_answers(r: &mut HttpRequestHandler) -> RequestResult {
|
|||||||
|
|
||||||
r.set_response(ResCheckSecurityAnswers::new(token))
|
r.set_response(ResCheckSecurityAnswers::new(token))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Check the validity of a password reset token
|
||||||
|
pub fn check_password_reset_token(r: &mut HttpRequestHandler) -> RequestResult {
|
||||||
|
r.post_user_id_from_password_reset_token("token")?;
|
||||||
|
r.success("The token is valid")
|
||||||
|
}
|
||||||
@ -79,6 +79,7 @@ pub fn get_routes() -> Vec<Route> {
|
|||||||
Route::post_without_login("/account/has_security_questions", Box::new(account_controller::has_security_questions)),
|
Route::post_without_login("/account/has_security_questions", Box::new(account_controller::has_security_questions)),
|
||||||
Route::post_without_login("/account/get_security_questions", Box::new(account_controller::get_security_questions)),
|
Route::post_without_login("/account/get_security_questions", Box::new(account_controller::get_security_questions)),
|
||||||
Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
|
Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
|
||||||
|
Route::post_without_login("/account/check_password_reset_token", Box::new(account_controller::check_password_reset_token)),
|
||||||
|
|
||||||
// User controller
|
// User controller
|
||||||
Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),
|
Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),
|
||||||
|
|||||||
@ -156,6 +156,18 @@ impl HttpRequestHandler {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// If result is not OK, return a bad request
|
||||||
|
pub fn ok_or_forbidden<E>(&mut self, res: ResultBoxError<E>, msg: &str) -> ResultBoxError<E> {
|
||||||
|
match res {
|
||||||
|
Ok(e) => Ok(e),
|
||||||
|
Err(err) => {
|
||||||
|
println!("Error leading to access forbidden: {}", err);
|
||||||
|
self.forbidden(msg.to_string())?;
|
||||||
|
unreachable!()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// If result is not OK, return a 404 not found error
|
/// If result is not OK, return a 404 not found error
|
||||||
pub fn ok_or_not_found<E>(&mut self, res: ResultBoxError<E>, msg: &str) -> ResultBoxError<E> {
|
pub fn ok_or_not_found<E>(&mut self, res: ResultBoxError<E>, msg: &str) -> ResultBoxError<E> {
|
||||||
match res {
|
match res {
|
||||||
|
|||||||
@ -1,3 +1,4 @@
|
|||||||
|
use crate::constants::{PASSWORD_RESET_TOKEN_LENGTH, PASSWORD_RESET_TOKEN_LIFETIME};
|
||||||
use crate::constants::database_tables_names::{USER_ACCESS_TOKENS_TABLE, USERS_TABLE};
|
use crate::constants::database_tables_names::{USER_ACCESS_TOKENS_TABLE, USERS_TABLE};
|
||||||
use crate::data::api_client::APIClient;
|
use crate::data::api_client::APIClient;
|
||||||
use crate::data::error::{ExecError, ResultBoxError};
|
use crate::data::error::{ExecError, ResultBoxError};
|
||||||
@ -116,7 +117,7 @@ pub fn destroy_all_user_tokens(id: &UserID) -> ResultBoxError {
|
|||||||
|
|
||||||
/// Generate a new password reset token
|
/// Generate a new password reset token
|
||||||
pub fn generate_password_reset_token(user_id: &UserID) -> ResultBoxError<String> {
|
pub fn generate_password_reset_token(user_id: &UserID) -> ResultBoxError<String> {
|
||||||
let token = rand_str(255);
|
let token = rand_str(PASSWORD_RESET_TOKEN_LENGTH);
|
||||||
|
|
||||||
database::UpdateInfo::new(USERS_TABLE)
|
database::UpdateInfo::new(USERS_TABLE)
|
||||||
.cond_user_id("ID", user_id)
|
.cond_user_id("ID", user_id)
|
||||||
@ -127,6 +128,15 @@ pub fn generate_password_reset_token(user_id: &UserID) -> ResultBoxError<String>
|
|||||||
Ok(token)
|
Ok(token)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Get the ID of a user based on a password reset token
|
||||||
|
pub fn get_user_id_from_password_reset_token(token: &str) -> ResultBoxError<UserID> {
|
||||||
|
database::QueryInfo::new(USERS_TABLE)
|
||||||
|
.cond("password_reset_token", token)
|
||||||
|
.set_custom_where("password_reset_token_time_create > ?")
|
||||||
|
.add_custom_where_argument_u64(time() - PASSWORD_RESET_TOKEN_LIFETIME)
|
||||||
|
.query_row(|r| r.get_user_id("ID"))
|
||||||
|
}
|
||||||
|
|
||||||
/// Check out whether a virtual directory is taken by a user or not
|
/// Check out whether a virtual directory is taken by a user or not
|
||||||
pub fn check_user_directory_availability(dir: &str, user_id: Option<UserID>) -> ResultBoxError<bool> {
|
pub fn check_user_directory_availability(dir: &str, user_id: Option<UserID>) -> ResultBoxError<bool> {
|
||||||
let found_user = user_helper::find_user_by_virtual_directory(dir);
|
let found_user = user_helper::find_user_by_virtual_directory(dir);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user