mirror of
https://gitlab.com/comunic/comunicapiv3
synced 2025-01-28 13:02:59 +00:00
Can generate a reset token if password is valid
This commit is contained in:
parent
d33e1fe77c
commit
e4b361ab12
@ -46,3 +46,4 @@ mod type_container_api;
|
|||||||
pub mod res_check_email_exists;
|
pub mod res_check_email_exists;
|
||||||
pub mod res_check_security_questions_exists;
|
pub mod res_check_security_questions_exists;
|
||||||
pub mod res_get_security_questions;
|
pub mod res_get_security_questions;
|
||||||
|
pub mod res_check_security_answers;
|
17
src/api_data/res_check_security_answers.rs
Normal file
17
src/api_data/res_check_security_answers.rs
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
//! # Check security answsers result
|
||||||
|
//!
|
||||||
|
//! If the user gave valid security answers, we give him a password reset token.
|
||||||
|
//!
|
||||||
|
//! @author Pierre Hubert
|
||||||
|
use serde::Serialize;
|
||||||
|
|
||||||
|
#[derive(Serialize)]
|
||||||
|
pub struct ResCheckSecurityAnswers {
|
||||||
|
reset_token: String
|
||||||
|
}
|
||||||
|
|
||||||
|
impl ResCheckSecurityAnswers {
|
||||||
|
pub fn new(reset_token: String) -> ResCheckSecurityAnswers {
|
||||||
|
ResCheckSecurityAnswers { reset_token }
|
||||||
|
}
|
||||||
|
}
|
@ -1,6 +1,9 @@
|
|||||||
|
use percent_encoding::percent_decode_str;
|
||||||
|
|
||||||
use crate::api_data::current_user_id::CurrentUserID;
|
use crate::api_data::current_user_id::CurrentUserID;
|
||||||
use crate::api_data::login_success::LoginSuccess;
|
use crate::api_data::login_success::LoginSuccess;
|
||||||
use crate::api_data::res_check_email_exists::ResCheckEmailExists;
|
use crate::api_data::res_check_email_exists::ResCheckEmailExists;
|
||||||
|
use crate::api_data::res_check_security_answers::ResCheckSecurityAnswers;
|
||||||
use crate::api_data::res_check_security_questions_exists::ResCheckSecurityQuestionsExists;
|
use crate::api_data::res_check_security_questions_exists::ResCheckSecurityQuestionsExists;
|
||||||
use crate::api_data::res_get_security_questions::ResGetSecurityQuestions;
|
use crate::api_data::res_get_security_questions::ResGetSecurityQuestions;
|
||||||
use crate::controllers::routes::RequestResult;
|
use crate::controllers::routes::RequestResult;
|
||||||
@ -119,3 +122,30 @@ pub fn get_security_questions(r: &mut HttpRequestHandler) -> RequestResult {
|
|||||||
|
|
||||||
r.set_response(ResGetSecurityQuestions::new(&user))
|
r.set_response(ResGetSecurityQuestions::new(&user))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Check the security answers given by a user to reset a password
|
||||||
|
pub fn check_security_answers(r: &mut HttpRequestHandler) -> RequestResult {
|
||||||
|
let user = r.post_user_info_from_email("email")?;
|
||||||
|
|
||||||
|
if !user.has_security_questions() {
|
||||||
|
r.forbidden("Specified user has not setup security questions !".to_string())?;
|
||||||
|
}
|
||||||
|
|
||||||
|
let answers: Vec<String> = r.post_string_opt("answers", 3, true)?
|
||||||
|
.split("&")
|
||||||
|
.map(|s| percent_decode_str(s).decode_utf8_lossy().to_lowercase().trim().to_string())
|
||||||
|
.collect::<Vec<String>>();
|
||||||
|
|
||||||
|
if answers.len() != 2 {
|
||||||
|
r.forbidden("Please specify two answers!".to_string())?;
|
||||||
|
}
|
||||||
|
|
||||||
|
if answers[0] != user.security_answer_1.unwrap().to_lowercase().trim() ||
|
||||||
|
answers[1] != user.security_answer_2.unwrap().to_lowercase().trim() {
|
||||||
|
r.forbidden("Invalid security answers!".to_string())?;
|
||||||
|
}
|
||||||
|
|
||||||
|
let token = account_helper::generate_password_reset_token(&user.id)?;
|
||||||
|
|
||||||
|
r.set_response(ResCheckSecurityAnswers::new(token))
|
||||||
|
}
|
@ -78,6 +78,7 @@ pub fn get_routes() -> Vec<Route> {
|
|||||||
Route::post_without_login("/account/exists_email", Box::new(account_controller::exists_mail)),
|
Route::post_without_login("/account/exists_email", Box::new(account_controller::exists_mail)),
|
||||||
Route::post_without_login("/account/has_security_questions", Box::new(account_controller::has_security_questions)),
|
Route::post_without_login("/account/has_security_questions", Box::new(account_controller::has_security_questions)),
|
||||||
Route::post_without_login("/account/get_security_questions", Box::new(account_controller::get_security_questions)),
|
Route::post_without_login("/account/get_security_questions", Box::new(account_controller::get_security_questions)),
|
||||||
|
Route::post_without_login("/account/check_security_answers", Box::new(account_controller::check_security_answers)),
|
||||||
|
|
||||||
// User controller
|
// User controller
|
||||||
Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),
|
Route::post_without_login("/user/getInfo", Box::new(user_controller::get_single)),
|
||||||
|
@ -114,6 +114,19 @@ pub fn destroy_all_user_tokens(id: &UserID) -> ResultBoxError {
|
|||||||
.exec()
|
.exec()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Generate a new password reset token
|
||||||
|
pub fn generate_password_reset_token(user_id: &UserID) -> ResultBoxError<String> {
|
||||||
|
let token = rand_str(255);
|
||||||
|
|
||||||
|
database::UpdateInfo::new(USERS_TABLE)
|
||||||
|
.cond_user_id("ID", user_id)
|
||||||
|
.set_str("password_reset_token", &token)
|
||||||
|
.set_u64("password_reset_token_time_create", time())
|
||||||
|
.exec()?;
|
||||||
|
|
||||||
|
Ok(token)
|
||||||
|
}
|
||||||
|
|
||||||
/// Check out whether a virtual directory is taken by a user or not
|
/// Check out whether a virtual directory is taken by a user or not
|
||||||
pub fn check_user_directory_availability(dir: &str, user_id: Option<UserID>) -> ResultBoxError<bool> {
|
pub fn check_user_directory_availability(dir: &str, user_id: Option<UserID>) -> ResultBoxError<bool> {
|
||||||
let found_user = user_helper::find_user_by_virtual_directory(dir);
|
let found_user = user_helper::find_user_by_virtual_directory(dir);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user