Can request password reset
This commit is contained in:
parent
56be33070c
commit
5ed74260a8
@ -51,6 +51,41 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
|
|||||||
Ok(HttpResponse::Created().finish())
|
Ok(HttpResponse::Created().finish())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(serde::Deserialize)]
|
||||||
|
pub struct RequestResetPasswordBody {
|
||||||
|
mail: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Request the creation of a new password reset link
|
||||||
|
pub async fn request_reset_password(
|
||||||
|
remote_ip: RemoteIP,
|
||||||
|
req: web::Json<RequestResetPasswordBody>,
|
||||||
|
) -> HttpResult {
|
||||||
|
// Rate limiting
|
||||||
|
if rate_limiter_service::should_block_action(
|
||||||
|
remote_ip.0,
|
||||||
|
RatedAction::RequestNewPasswordResetLink,
|
||||||
|
)
|
||||||
|
.await?
|
||||||
|
{
|
||||||
|
return Ok(HttpResponse::TooManyRequests().finish());
|
||||||
|
}
|
||||||
|
rate_limiter_service::record_action(remote_ip.0, RatedAction::RequestNewPasswordResetLink)
|
||||||
|
.await?;
|
||||||
|
|
||||||
|
match users_service::get_by_mail(&req.mail).await {
|
||||||
|
Ok(mut user) => users_service::request_reset_password(&mut user).await?,
|
||||||
|
Err(e) => {
|
||||||
|
log::error!(
|
||||||
|
"Could not locate user account {}! (error silently ignored)",
|
||||||
|
e
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(HttpResponse::Created().finish())
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(serde::Deserialize)]
|
#[derive(serde::Deserialize)]
|
||||||
pub struct CheckResetPasswordTokenBody {
|
pub struct CheckResetPasswordTokenBody {
|
||||||
token: String,
|
token: String,
|
||||||
|
@ -27,6 +27,10 @@ async fn main() -> std::io::Result<()> {
|
|||||||
"/auth/create_account",
|
"/auth/create_account",
|
||||||
web::post().to(auth_controller::create_account),
|
web::post().to(auth_controller::create_account),
|
||||||
)
|
)
|
||||||
|
.route(
|
||||||
|
"/auth/request_reset_password",
|
||||||
|
web::post().to(auth_controller::request_reset_password),
|
||||||
|
)
|
||||||
.route(
|
.route(
|
||||||
"/auth/check_reset_password_token",
|
"/auth/check_reset_password_token",
|
||||||
web::post().to(auth_controller::check_reset_password_token),
|
web::post().to(auth_controller::check_reset_password_token),
|
||||||
|
@ -7,6 +7,7 @@ use std::time::Duration;
|
|||||||
pub enum RatedAction {
|
pub enum RatedAction {
|
||||||
CreateAccount,
|
CreateAccount,
|
||||||
CheckResetPasswordTokenFailed,
|
CheckResetPasswordTokenFailed,
|
||||||
|
RequestNewPasswordResetLink,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl RatedAction {
|
impl RatedAction {
|
||||||
@ -14,6 +15,7 @@ impl RatedAction {
|
|||||||
match self {
|
match self {
|
||||||
RatedAction::CreateAccount => "create-account",
|
RatedAction::CreateAccount => "create-account",
|
||||||
RatedAction::CheckResetPasswordTokenFailed => "check-reset-password-token",
|
RatedAction::CheckResetPasswordTokenFailed => "check-reset-password-token",
|
||||||
|
RatedAction::RequestNewPasswordResetLink => "req-pwd-reset-lnk",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -21,14 +23,12 @@ impl RatedAction {
|
|||||||
match self {
|
match self {
|
||||||
RatedAction::CreateAccount => 5,
|
RatedAction::CreateAccount => 5,
|
||||||
RatedAction::CheckResetPasswordTokenFailed => 100,
|
RatedAction::CheckResetPasswordTokenFailed => 100,
|
||||||
|
RatedAction::RequestNewPasswordResetLink => 5,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn keep_seconds(&self) -> u64 {
|
fn keep_seconds(&self) -> u64 {
|
||||||
match self {
|
3600
|
||||||
RatedAction::CreateAccount => 3600,
|
|
||||||
RatedAction::CheckResetPasswordTokenFailed => 3600,
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fn key(&self, ip: IpAddr) -> String {
|
fn key(&self, ip: IpAddr) -> String {
|
||||||
|
@ -12,12 +12,21 @@ use bcrypt::DEFAULT_COST;
|
|||||||
use diesel::prelude::*;
|
use diesel::prelude::*;
|
||||||
use std::io::ErrorKind;
|
use std::io::ErrorKind;
|
||||||
|
|
||||||
/// Get the information of the user, by its id
|
/// Get the information of a user, by its id
|
||||||
pub async fn get_by_id(id: UserID) -> anyhow::Result<User> {
|
pub async fn get_by_id(id: UserID) -> anyhow::Result<User> {
|
||||||
db_connection::execute(|conn| Ok(users::table.filter(users::dsl::id.eq(id.0)).first(conn)?))
|
db_connection::execute(|conn| Ok(users::table.filter(users::dsl::id.eq(id.0)).first(conn)?))
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Get the information of the user, by its password reset token
|
/// Get the information of a user, by its mail
|
||||||
|
pub async fn get_by_mail(mail: &str) -> anyhow::Result<User> {
|
||||||
|
db_connection::execute(|conn| {
|
||||||
|
Ok(users::table
|
||||||
|
.filter(users::dsl::email.eq(mail))
|
||||||
|
.first(conn)?)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Get the information of a user, by its password reset token
|
||||||
pub async fn get_by_pwd_reset_token(token: &str) -> anyhow::Result<User> {
|
pub async fn get_by_pwd_reset_token(token: &str) -> anyhow::Result<User> {
|
||||||
if token.is_empty() {
|
if token.is_empty() {
|
||||||
return Err(anyhow::Error::from(std::io::Error::new(
|
return Err(anyhow::Error::from(std::io::Error::new(
|
||||||
|
Loading…
Reference in New Issue
Block a user