-
Notifications
You must be signed in to change notification settings - Fork 0
/
setpasswordhash.go
52 lines (41 loc) · 1.71 KB
/
setpasswordhash.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package handler
import (
"fmt"
"time"
"github.com/HailoOSS/protobuf/proto"
"github.com/HailoOSS/login-service/dao"
"github.com/HailoOSS/login-service/domain"
setpwd "github.com/HailoOSS/login-service/proto/setpasswordhash"
"github.com/HailoOSS/platform/errors"
"github.com/HailoOSS/platform/server"
)
func SetPasswordHash(req *server.Request) (proto.Message, errors.Error) {
request := &setpwd.Request{}
if err := req.Unmarshal(request); err != nil {
return nil, errors.BadRequest(server.Name+".setpasswordhash.unmarshal", err.Error())
}
if len(request.GetPasswordHash()) == 0 {
return nil, errors.BadRequest(server.Name+".setpasswordhash.nopassword", "No password hash given")
}
app := domain.Application(request.GetApplication())
// 1. Check User exists
user, err := dao.ReadUser(app, request.GetUid())
if err != nil {
return nil, errors.InternalServerError(server.Name+".setpasswordhash.readuser", fmt.Sprintf("Error reading user: %v", err))
}
if user == nil {
return nil, errors.NotFound(server.Name+".setpasswordhash.readuser", fmt.Sprintf("Could not find user with id %s", request.GetUid()))
}
if string(user.Password) == request.GetPasswordHash() {
// already got password hash, ignore
return &setpwd.Response{}, nil
}
user.Password = []byte(request.GetPasswordHash())
user.PasswordHistory = append(user.PasswordHistory, user.Password)
// @TODO should maybe trim history, but this endpoint should not be called often so will just append for now
user.PasswordChange = time.Now()
if err := dao.UpdateUser(user); err != nil {
return nil, errors.InternalServerError(server.Name+".setpasswordhash.dao", fmt.Sprintf("Failed to set user's password hash: %v", err))
}
return &setpwd.Response{}, nil
}