Can reset password

src/controllers/account_controller.rs

@@ -166,4 +166,16 @@ pub fn check_security_answers(r: &mut HttpRequestHandler) -> RequestResult {
 pub fn check_password_reset_token(r: &mut HttpRequestHandler) -> RequestResult {
     r.post_user_id_from_password_reset_token("token")?;
     r.success("The token is valid")
+}
+
+/// Reset user password
+pub fn reset_user_password(r: &mut HttpRequestHandler) -> RequestResult {
+    let user_id = r.post_user_id_from_password_reset_token("token")?;
+    let new_password = r.post_string_opt("password", 3, true)?;
+
+    account_helper::change_password(&user_id, &new_password)?;
+
+    account_helper::destroy_password_reset_token_for_user(&user_id)?;
+
+    r.success("Password changed!")
 }

src/controllers/routes.rs

@@ -80,6 +80,7 @@ pub fn get_routes() -> Vec<Route> {
         Route::post_without_login("/account/get_security_questions", Box::new(account_controller::get_security_questions)),
         Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
         Route::post_without_login("/account/check_password_reset_token", Box::new(account_controller::check_password_reset_token)),
+        Route::post_without_login("/account/reset_user_passwd", Box::new(account_controller::reset_user_password)),
 
         // User controller
         Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),