Can request new user password on login

2022-04-02 08:30:01 +02:00
parent 0f4a5cde57
commit 4b8c9fdfdc
7 changed files with 222 additions and 11 deletions
--- a/src/controllers/login_controller.rs
+++ b/src/controllers/login_controller.rs
@ -3,11 +3,11 @@ use actix_identity::Identity;
 use actix_web::{HttpResponse, Responder, web};
 use askama::Template;

-use crate::actors::users_actor::{LoginResult, UsersActor};
+use crate::actors::users_actor::{ChangePasswordResult, LoginResult, UsersActor};
 use crate::actors::users_actor;
-use crate::constants::APP_NAME;
+use crate::constants::{APP_NAME, MIN_PASS_LEN};
 use crate::controllers::base_controller::redirect_user;
-use crate::data::session_identity::SessionIdentity;
+use crate::data::session_identity::{SessionIdentity, SessionStatus};

 #[derive(Template)]
 #[template(path = "base_login_page.html")]
@ -25,6 +25,13 @@ struct LoginTemplate {
    login: String,
 }

+#[derive(Template)]
+#[template(path = "password_reset.html")]
+struct PasswordResetTemplate {
+    _parent: BaseLoginPage,
+    min_pass_len: usize,
+}
+
 #[derive(serde::Deserialize)]
 pub struct LoginRequestBody {
    login: String,
@ -56,9 +63,29 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
        return redirect_user("/");
    }

+    // Check if user is setting a new  password
+    if let (Some(req), true) = (&req, SessionIdentity(&id).need_new_password()) {
+        if req.password.len() < MIN_PASS_LEN {
+            danger = "Password is too short!".to_string();
+        } else {
+            let res: ChangePasswordResult = users.send(users_actor::ChangePasswordRequest {
+                user_id: SessionIdentity(&id).user_id(),
+                new_password: req.password.clone(),
+                temporary: false,
+            }).await.unwrap();
+
+            if !res.0 {
+                danger = "Failed to change password!".to_string();
+            } else {
+                SessionIdentity(&id).set_status(SessionStatus::SignedIn);
+                return redirect_user("/");
+            }
+        }
+    }
+
    // Try to authenticate user
-    if let Some(req) = &req {
-        // TODO : check request origin
+    else if let Some(req) = &req {
+        // TODO : check request origin (check for valid Referer)

        login = req.login.clone();
        let response: LoginResult = users.send(users_actor::LoginRequest {
@ -70,7 +97,11 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
            LoginResult::Success(user) => {
                SessionIdentity(&id).set_user(&user);

-                return redirect_user("/");
+                if user.need_reset_password {
+                    SessionIdentity(&id).set_status(SessionStatus::NeedNewPassword);
+                } else {
+                    return redirect_user("/");
+                }
            }

            c => {
@ -81,6 +112,21 @@ pub async fn login_route(users: web::Data<Addr<UsersActor>>,
        }
    }

+    // Display password reset form if it is appropriate
+    if SessionIdentity(&id).need_new_password() {
+        return HttpResponse::Ok()
+            .content_type("text/html")
+            .body(PasswordResetTemplate {
+                _parent: BaseLoginPage {
+                    page_title: "Password reset",
+                    danger,
+                    success,
+                    app_name: APP_NAME,
+                },
+                min_pass_len: MIN_PASS_LEN,
+            }.render().unwrap());
+    }
+

    HttpResponse::Ok()
        .content_type("text/html")