LemmyNet/lemmy
2
0
Fork 0
mirror of https://github.com/LemmyNet/lemmy.git synced 2024-11-16 09:24:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Moving ChangePassword to its own API action. Fixes #1471

Browse source
This commit is contained in:
Dessalines 2021-04-01 17:39:01 -04:00
parent fac024b90c
commit f33f763278
5 changed files with 60 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
crates/api/src/lib.rs
View file

@ -63,6 +63,9 @@ pub async fn match_websocket_operation(
UserOperation::SaveUserSettings => { UserOperation::SaveUserSettings => {
do_websocket_operation::<SaveUserSettings>(context, id, op, data).await do_websocket_operation::<SaveUserSettings>(context, id, op, data).await
} }
UserOperation::ChangePassword => {
do_websocket_operation::<ChangePassword>(context, id, op, data).await
}
UserOperation::GetReportCount => { UserOperation::GetReportCount => {
do_websocket_operation::<GetReportCount>(context, id, op, data).await do_websocket_operation::<GetReportCount>(context, id, op, data).await
} }

80
crates/api/src/local_user.rs
View file

@ -191,44 +191,9 @@ impl Perform for SaveUserSettings {
let local_user_id = local_user_view.local_user.id; let local_user_id = local_user_view.local_user.id;
let person_id = local_user_view.person.id; let person_id = local_user_view.person.id;
let password_encrypted = match &data.new_password {
Some(new_password) => {
match &data.new_password_verify {
Some(new_password_verify) => {
password_length_check(&new_password)?;
// Make sure passwords match
if new_password != new_password_verify {
return Err(ApiError::err("passwords_dont_match").into());
}
// Check the old password
match &data.old_password {
Some(old_password) => {
let valid: bool =
verify(old_password, &local_user_view.local_user.password_encrypted)
.unwrap_or(false);
if !valid {
return Err(ApiError::err("password_incorrect").into());
}
let new_password = new_password.to_owned();
let user = blocking(context.pool(), move |conn| {
LocalUser::update_password(conn, local_user_id, &new_password)
})
.await??;
user.password_encrypted
}
None => return Err(ApiError::err("password_incorrect").into()),
}
}
None => return Err(ApiError::err("passwords_dont_match").into()),
}
}
None => local_user_view.local_user.password_encrypted,
};
let default_listing_type = data.default_listing_type; let default_listing_type = data.default_listing_type;
let default_sort_type = data.default_sort_type; let default_sort_type = data.default_sort_type;
let password_encrypted = local_user_view.local_user.password_encrypted;
let person_form = PersonForm { let person_form = PersonForm {
name: local_user_view.person.name, name: local_user_view.person.name,
@ -301,6 +266,49 @@ impl Perform for SaveUserSettings {
} }
} }
#[async_trait::async_trait(?Send)]
impl Perform for ChangePassword {
type Response = LoginResponse;
async fn perform(
&self,
context: &Data<LemmyContext>,
_websocket_id: Option<ConnectionId>,
) -> Result<LoginResponse, LemmyError> {
let data: &ChangePassword = &self;
let local_user_view = get_local_user_view_from_jwt(&data.auth, context.pool()).await?;
password_length_check(&data.new_password)?;
// Make sure passwords match
if data.new_password != data.new_password_verify {
return Err(ApiError::err("passwords_dont_match").into());
}
// Check the old password
let valid: bool = verify(
&data.old_password,
&local_user_view.local_user.password_encrypted,
)
.unwrap_or(false);
if !valid {
return Err(ApiError::err("password_incorrect").into());
}
let local_user_id = local_user_view.local_user.id;
let new_password = data.new_password.to_owned();
let updated_local_user = blocking(context.pool(), move |conn| {
LocalUser::update_password(conn, local_user_id, &new_password)
})
.await??;
// Return the jwt
Ok(LoginResponse {
jwt: Claims::jwt(updated_local_user.id.0)?,
})
}
}
#[async_trait::async_trait(?Send)] #[async_trait::async_trait(?Send)]
impl Perform for AddAdmin { impl Perform for AddAdmin {
type Response = AddAdminResponse; type Response = AddAdminResponse;

11
crates/api_common/src/person.rs
View file

@ -57,14 +57,19 @@ pub struct SaveUserSettings {
pub email: Option<String>, pub email: Option<String>,
pub bio: Option<String>, pub bio: Option<String>,
pub matrix_user_id: Option<String>, pub matrix_user_id: Option<String>,
pub new_password: Option<String>,
pub new_password_verify: Option<String>,
pub old_password: Option<String>,
pub show_avatars: Option<bool>, pub show_avatars: Option<bool>,
pub send_notifications_to_email: Option<bool>, pub send_notifications_to_email: Option<bool>,
pub auth: String, pub auth: String,
} }
#[derive(Deserialize)]
pub struct ChangePassword {
pub new_password: String,
pub new_password_verify: String,
pub old_password: String,
pub auth: String,
}
#[derive(Serialize)] #[derive(Serialize)]
pub struct LoginResponse { pub struct LoginResponse {
pub jwt: String, pub jwt: String,

1
crates/websocket/src/lib.rs
View file

@ -123,6 +123,7 @@ pub enum UserOperation {
PostJoin, PostJoin,
CommunityJoin, CommunityJoin,
ModJoin, ModJoin,
ChangePassword,
} }
#[derive(EnumString, ToString, Debug, Clone)] #[derive(EnumString, ToString, Debug, Clone)]

4
src/api_routes.rs
View file

@ -182,6 +182,10 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
"/save_user_settings", "/save_user_settings",
web::put().to(route_post::<SaveUserSettings>), web::put().to(route_post::<SaveUserSettings>),
) )
.route(
"/change_password",
web::put().to(route_post::<ChangePassword>),
)
.route("/report_count", web::get().to(route_get::<GetReportCount>)), .route("/report_count", web::get().to(route_get::<GetReportCount>)),
) )
// Admin Actions // Admin Actions