Generate reset password URL
This commit is contained in:
@ -55,6 +55,38 @@ pub struct AppConfig {
|
||||
/// Redis password
|
||||
#[clap(long, env, default_value = "secretredis")]
|
||||
redis_password: String,
|
||||
|
||||
/// Mail sender
|
||||
#[clap(long, env, default_value = "geneit@example.com")]
|
||||
pub mail_sender: String,
|
||||
|
||||
/// SMTP relay
|
||||
#[clap(long, env, default_value = "localhost")]
|
||||
pub smtp_relay: String,
|
||||
|
||||
/// SMTP port
|
||||
#[clap(long, env, default_value_t = 1025)]
|
||||
pub smtp_port: u16,
|
||||
|
||||
/// SMTP use TLS to connect to relay
|
||||
#[clap(long, env)]
|
||||
pub smtp_tls: bool,
|
||||
|
||||
/// SMTP username
|
||||
#[clap(long, env)]
|
||||
pub smtp_username: Option<String>,
|
||||
|
||||
/// SMTP password
|
||||
#[clap(long, env)]
|
||||
pub smtp_password: Option<String>,
|
||||
|
||||
/// Password reset URL
|
||||
#[clap(
|
||||
long,
|
||||
env,
|
||||
default_value = "http://localhost:3000/reset_password#TOKEN"
|
||||
)]
|
||||
pub reset_password_url: String,
|
||||
}
|
||||
|
||||
lazy_static::lazy_static! {
|
||||
@ -88,4 +120,9 @@ impl AppConfig {
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
/// Get password reset URL
|
||||
pub fn get_password_reset_url(&self, token: &str) -> String {
|
||||
self.reset_password_url.replace("TOKEN", token)
|
||||
}
|
||||
}
|
||||
|
||||
@ -39,9 +39,12 @@ pub async fn create_account(remote_ip: RemoteIP, req: web::Json<CreateAccountBod
|
||||
}
|
||||
|
||||
// Create the account
|
||||
let user_id = users_service::create_account(&req.name, &req.email).await?;
|
||||
let mut user = users_service::create_account(&req.name, &req.email).await?;
|
||||
|
||||
// TODO : trigger reset password (send mail)
|
||||
// Trigger reset password (send mail)
|
||||
users_service::request_reset_password(&mut user).await?;
|
||||
|
||||
// TODO : cleanup in a cron not validated accounts after 24 hours
|
||||
|
||||
// Account successfully created
|
||||
Ok(HttpResponse::Created().finish())
|
||||
|
||||
@ -3,20 +3,20 @@ use diesel::prelude::*;
|
||||
|
||||
/// User ID holder
|
||||
#[derive(Debug, Clone, Copy, serde::Serialize, serde::Deserialize)]
|
||||
pub struct UserID(i32);
|
||||
pub struct UserID(pub i32);
|
||||
|
||||
#[derive(Queryable, Debug)]
|
||||
pub struct User {
|
||||
id: i32,
|
||||
name: String,
|
||||
email: String,
|
||||
password: Option<String>,
|
||||
reset_password_token: Option<String>,
|
||||
time_create: i64,
|
||||
time_gen_reset_token: i64,
|
||||
time_activate: i64,
|
||||
active: bool,
|
||||
admin: bool,
|
||||
pub id: i32,
|
||||
pub name: String,
|
||||
pub email: String,
|
||||
pub password: Option<String>,
|
||||
pub reset_password_token: Option<String>,
|
||||
pub time_create: i64,
|
||||
pub time_gen_reset_token: i64,
|
||||
pub time_activate: i64,
|
||||
pub active: bool,
|
||||
pub admin: bool,
|
||||
}
|
||||
|
||||
impl User {
|
||||
|
||||
33
geneit_backend/src/services/mail_service.rs
Normal file
33
geneit_backend/src/services/mail_service.rs
Normal file
@ -0,0 +1,33 @@
|
||||
use crate::app_config::AppConfig;
|
||||
use lettre::message::header::ContentType;
|
||||
use lettre::transport::smtp::authentication::Credentials;
|
||||
use lettre::{Message, SmtpTransport, Transport};
|
||||
use std::fmt::Display;
|
||||
|
||||
pub async fn send_mail<D: Display>(to: &str, subject: &str, body: D) -> anyhow::Result<()> {
|
||||
let conf = AppConfig::get();
|
||||
|
||||
let email = Message::builder()
|
||||
.from(conf.mail_sender.parse()?)
|
||||
.to(to.parse()?)
|
||||
.subject(subject)
|
||||
.header(ContentType::TEXT_PLAIN)
|
||||
.body(body.to_string())?;
|
||||
|
||||
let mut mailer = match conf.smtp_tls {
|
||||
true => SmtpTransport::relay(&conf.smtp_relay)?,
|
||||
false => SmtpTransport::builder_dangerous(&conf.smtp_relay),
|
||||
}
|
||||
.port(conf.smtp_port);
|
||||
|
||||
if let (Some(username), Some(password)) = (&conf.smtp_username, &conf.smtp_password) {
|
||||
mailer = mailer.credentials(Credentials::new(username.to_string(), password.to_string()))
|
||||
}
|
||||
|
||||
let mailer = mailer.build();
|
||||
|
||||
mailer.send(&email)?;
|
||||
log::debug!("A mail was sent to {} (subject = {})", to, subject);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
@ -1,4 +1,5 @@
|
||||
//! # Backend services
|
||||
|
||||
pub mod mail_service;
|
||||
pub mod rate_limiter_service;
|
||||
pub mod users_service;
|
||||
|
||||
@ -1,11 +1,19 @@
|
||||
//! # Users service
|
||||
|
||||
use crate::app_config::AppConfig;
|
||||
use crate::connections::db_connection;
|
||||
use crate::models::{NewUser, User};
|
||||
use crate::models::{NewUser, User, UserID};
|
||||
use crate::schema::users;
|
||||
use crate::services::mail_service;
|
||||
use crate::utils::string_utils::rand_str;
|
||||
use crate::utils::time_utils::time;
|
||||
use diesel::prelude::*;
|
||||
|
||||
/// Get the information of the user
|
||||
pub async fn get_by_id(id: UserID) -> anyhow::Result<User> {
|
||||
db_connection::execute(|conn| Ok(users::table.filter(users::dsl::id.eq(id.0)).first(conn)?))
|
||||
}
|
||||
|
||||
/// Create a new account
|
||||
pub async fn create_account(name: &str, email: &str) -> anyhow::Result<User> {
|
||||
db_connection::execute(|conn| {
|
||||
@ -32,3 +40,41 @@ pub async fn exists_email(email: &str) -> anyhow::Result<bool> {
|
||||
Ok(count != 0)
|
||||
})
|
||||
}
|
||||
|
||||
/// Request password reset
|
||||
pub async fn request_reset_password(user: &mut User) -> anyhow::Result<()> {
|
||||
// If required, regenerate reset token
|
||||
if user.reset_password_token.is_none() || user.time_gen_reset_token as u64 + 3600 * 2 < time() {
|
||||
user.reset_password_token = Some(rand_str(149));
|
||||
user.time_gen_reset_token = time() as i64;
|
||||
|
||||
db_connection::execute(|conn| {
|
||||
Ok(
|
||||
diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
|
||||
.set((
|
||||
users::dsl::time_gen_reset_token.eq(user.time_gen_reset_token),
|
||||
users::dsl::reset_password_token.eq(user.reset_password_token.clone()),
|
||||
))
|
||||
.execute(conn)?,
|
||||
)
|
||||
})?;
|
||||
}
|
||||
|
||||
// Send mail
|
||||
mail_service::send_mail(
|
||||
&user.email,
|
||||
"Réinitialisation de votre mot de passe",
|
||||
format!(
|
||||
"Bonjour, \n\n\
|
||||
Vous pouvez réinitialiser le mot de passe de votre compte à l'adresse suivante : {} \n\n\
|
||||
Ce lien est valide durant 24 heures.\n\n\
|
||||
Cordialement,\n\n\
|
||||
L'équipe de GeneIT",
|
||||
AppConfig::get()
|
||||
.get_password_reset_url(user.reset_password_token.as_deref().unwrap_or(""))
|
||||
),
|
||||
)
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
//! # App utilities
|
||||
|
||||
pub mod string_utils;
|
||||
pub mod time_utils;
|
||||
|
||||
11
geneit_backend/src/utils/string_utils.rs
Normal file
11
geneit_backend/src/utils/string_utils.rs
Normal file
@ -0,0 +1,11 @@
|
||||
use rand::distributions::Alphanumeric;
|
||||
use rand::Rng;
|
||||
|
||||
/// Generate a random string of a given size
|
||||
pub fn rand_str(len: usize) -> String {
|
||||
rand::thread_rng()
|
||||
.sample_iter(&Alphanumeric)
|
||||
.map(char::from)
|
||||
.take(len)
|
||||
.collect()
|
||||
}
|
||||
Reference in New Issue
Block a user