Can change password by reset

2023-05-31 13:33:26 +02:00
parent 0590197315
commit 56be33070c
5 changed files with 166 additions and 1 deletions
--- a/geneit_backend/src/controllers/auth_controller.rs
+++ b/geneit_backend/src/controllers/auth_controller.rs
@ -91,3 +91,50 @@ pub async fn check_reset_password_token(

    Ok(HttpResponse::Ok().json(CheckResetPasswordTokenResponse { name: user.name }))
 }
+
+#[derive(serde::Deserialize)]
+pub struct ResetPasswordBody {
+    token: String,
+    password: String,
+}
+
+/// Reset password
+pub async fn reset_password(remote_ip: RemoteIP, req: web::Json<ResetPasswordBody>) -> HttpResult {
+    // Rate limiting
+    if rate_limiter_service::should_block_action(
+        remote_ip.0,
+        RatedAction::CheckResetPasswordTokenFailed,
+    )
+    .await?
+    {
+        return Ok(HttpResponse::TooManyRequests().finish());
+    }
+
+    let user = match users_service::get_by_pwd_reset_token(&req.token).await {
+        Ok(t) => t,
+        Err(e) => {
+            rate_limiter_service::record_action(
+                remote_ip.0,
+                RatedAction::CheckResetPasswordTokenFailed,
+            )
+            .await?;
+            log::error!("Password reset token could not be used: {}", e);
+            return Ok(HttpResponse::NotFound().finish());
+        }
+    };
+
+    if !StaticConstraints::default()
+        .password_len
+        .validate(&req.password)
+    {
+        return Ok(HttpResponse::BadRequest().json("Taille du mot de passe invalide!"));
+    }
+
+    // Validate account, if required
+    users_service::validate_account(&user).await?;
+
+    // Change user password
+    users_service::change_password(&user, &req.password).await?;
+
+    Ok(HttpResponse::Accepted().finish())
+}