Can check the validity of a password reset token

geneit_backend/src/services/rate_limiter_service.rs

@@ -6,24 +6,28 @@ use std::time::Duration;
 #[derive(Debug, Copy, Clone)]
 pub enum RatedAction {
     CreateAccount,
+    CheckResetPasswordTokenFailed,
 }
 
 impl RatedAction {
     fn id(&self) -> &'static str {
         match self {
             RatedAction::CreateAccount => "create-account",
+            RatedAction::CheckResetPasswordTokenFailed => "check-reset-password-token",
         }
     }
 
     fn limit(&self) -> usize {
         match self {
             RatedAction::CreateAccount => 5,
+            RatedAction::CheckResetPasswordTokenFailed => 100,
         }
     }
 
     fn keep_seconds(&self) -> u64 {
         match self {
             RatedAction::CreateAccount => 3600,
+            RatedAction::CheckResetPasswordTokenFailed => 3600,
         }
     }
 

geneit_backend/src/services/users_service.rs

@@ -10,11 +10,25 @@ use crate::utils::string_utils::rand_str;
 use crate::utils::time_utils::time;
 use diesel::prelude::*;
 
-/// Get the information of the user
+/// Get the information of the user, by its id
 pub async fn get_by_id(id: UserID) -> anyhow::Result<User> {
     db_connection::execute(|conn| Ok(users::table.filter(users::dsl::id.eq(id.0)).first(conn)?))
 }
 
+/// Get the information of the user, by its password reset token
+pub async fn get_by_pwd_reset_token(token: &str) -> anyhow::Result<User> {
+    db_connection::execute(|conn| {
+        Ok(users::table
+            .filter(
+                users::dsl::reset_password_token.eq(token.to_string()).and(
+                    users::dsl::time_gen_reset_token
+                        .ge(time() as i64 - PASSWORD_RESET_TOKEN_DURATION.as_secs() as i64),
+                ),
+            )
+            .first(conn)?)
+    })
+}
+
 /// Create a new account
 pub async fn create_account(name: &str, email: &str) -> anyhow::Result<User> {
     db_connection::execute(|conn| {