generated from datumforge/go-template
-
Notifications
You must be signed in to change notification settings - Fork 7
/
forgotpassword.go
114 lines (91 loc) · 3.4 KB
/
forgotpassword.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package handlers
import (
"context"
"net/http"
"github.com/cenkalti/backoff/v4"
echo "github.com/datumforge/echox"
"github.com/datumforge/datum/internal/ent/enums"
ent "github.com/datumforge/datum/internal/ent/generated"
"github.com/datumforge/datum/internal/ent/privacy/viewer"
"github.com/datumforge/datum/pkg/rout"
"github.com/datumforge/datum/pkg/utils/marionette"
)
// ForgotPasswordRequest contains fields for a forgot password request
type ForgotPasswordRequest struct {
Email string `json:"email"`
}
// ForgotPasswordReply contains fields for a forgot password response
type ForgotPasswordReply struct {
rout.Reply
Message string `json:"message,omitempty"`
}
// ForgotPassword will send an forgot password email if the provided
// email exists
func (h *Handler) ForgotPassword(ctx echo.Context) error {
out := &ForgotPasswordReply{
Reply: rout.Reply{
Success: true,
},
Message: "We've received your request to have the password associated with this email reset. Please check your email.",
}
var in ForgotPasswordRequest
if err := ctx.Bind(&in); err != nil {
return ctx.JSON(http.StatusBadRequest, rout.ErrorResponse(err))
}
if err := validateForgotPasswordRequest(&in); err != nil {
return ctx.JSON(http.StatusBadRequest, rout.ErrorResponse(err))
}
entUser, err := h.getUserByEmail(ctx.Request().Context(), in.Email, enums.AuthProviderCredentials)
if err != nil {
if ent.IsNotFound(err) {
// return a 200 response even if user is not found to avoid
// exposing confidential information
return ctx.JSON(http.StatusOK, out)
}
h.Logger.Errorf("error retrieving user email", "error", err)
return ctx.JSON(http.StatusInternalServerError, rout.ErrorResponse(ErrProcessingRequest))
}
// create password reset email token
user := &User{
FirstName: entUser.FirstName,
LastName: entUser.LastName,
Email: entUser.Email,
ID: entUser.ID,
}
viewerCtx := viewer.NewContext(ctx.Request().Context(), viewer.NewUserViewerFromID(entUser.ID, true))
if _, err = h.storeAndSendPasswordResetToken(viewerCtx, user); err != nil {
return ctx.JSON(http.StatusInternalServerError, rout.ErrorResponse(ErrProcessingRequest))
}
return ctx.JSON(http.StatusOK, out)
}
// validateResendRequest validates the required fields are set in the user request
func validateForgotPasswordRequest(req *ForgotPasswordRequest) error {
if req.Email == "" {
return rout.NewMissingRequiredFieldError("email")
}
return nil
}
func (h *Handler) storeAndSendPasswordResetToken(ctx context.Context, user *User) (*ent.PasswordResetToken, error) {
if err := h.expireAllResetTokensUserByEmail(ctx, user.Email); err != nil {
h.Logger.Errorw("error expiring existing tokens", "error", err)
return nil, err
}
if err := user.CreatePasswordResetToken(); err != nil {
h.Logger.Errorw("unable to create password reset token", "error", err)
return nil, err
}
meowtoken, err := h.createPasswordResetToken(ctx, user)
if err != nil {
return nil, err
}
// send emails via TaskMan as to not create blocking operations in the server
if err := h.TaskMan.Queue(marionette.TaskFunc(func(ctx context.Context) error {
return h.SendPasswordResetRequestEmail(user)
}), marionette.WithRetries(3), //nolint: gomnd
marionette.WithBackoff(backoff.NewExponentialBackOff()),
marionette.WithErrorf("could not send password reset email to user %s", user.ID),
); err != nil {
return nil, err
}
return meowtoken, nil
}