Can check the validity of a password reset token

2023-05-31 11:36:14 +02:00
parent 7f8e41b618
commit 0590197315
4 changed files with 64 additions and 1 deletions
--- a/geneit_backend/src/controllers/auth_controller.rs
+++ b/geneit_backend/src/controllers/auth_controller.rs
@ -50,3 +50,44 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
    // Account successfully created
    Ok(HttpResponse::Created().finish())
 }
+
+#[derive(serde::Deserialize)]
+pub struct CheckResetPasswordTokenBody {
+    token: String,
+}
+
+#[derive(serde::Serialize)]
+pub struct CheckResetPasswordTokenResponse {
+    name: String,
+}
+
+/// Check reset password token
+pub async fn check_reset_password_token(
+    remote_ip: RemoteIP,
+    req: web::Json<CheckResetPasswordTokenBody>,
+) -> HttpResult {
+    // Rate limiting
+    if rate_limiter_service::should_block_action(
+        remote_ip.0,
+        RatedAction::CheckResetPasswordTokenFailed,
+    )
+    .await?
+    {
+        return Ok(HttpResponse::TooManyRequests().finish());
+    }
+
+    let user = match users_service::get_by_pwd_reset_token(&req.token).await {
+        Ok(t) => t,
+        Err(e) => {
+            rate_limiter_service::record_action(
+                remote_ip.0,
+                RatedAction::CheckResetPasswordTokenFailed,
+            )
+            .await?;
+            log::error!("Password reset token could not be used: {}", e);
+            return Ok(HttpResponse::NotFound().finish());
+        }
+    };
+
+    Ok(HttpResponse::Ok().json(CheckResetPasswordTokenResponse { name: user.name }))
+}