-
Notifications
You must be signed in to change notification settings - Fork 9
/
reset_password.go
55 lines (45 loc) · 1.68 KB
/
reset_password.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
package management
import (
"net/http"
l "github.com/madappgang/identifo/v2/localization"
"github.com/madappgang/identifo/v2/model"
)
func (ar *Router) getResetPasswordToken(w http.ResponseWriter, r *http.Request) {
locale := r.Header.Get("Accept-Language")
var d ResetPasswordTokenRequest
if ar.MustParseJSON(w, r, &d) != nil {
return
}
if d.Email != "" && !model.EmailRegexp.MatchString(d.Email) {
ar.Error(w, locale, http.StatusBadRequest, l.ErrorAPIRequestBodyEmailInvalid)
return
}
if len(d.Email) == 0 {
ar.Error(w, locale, http.StatusBadRequest, l.ErrorAPIRequestBodyEmailInvalid)
return
}
user, err := ar.server.Storages().User.UserByEmail(d.Email)
if err == model.ErrUserNotFound {
// return ok, but there is no user
ar.logger.Printf("Trying to reset password for the user, which is not exists: %s. Sending back ok to user for security reason.", d.Email)
result := map[string]string{"result": "ok"}
ar.ServeJSON(w, locale, http.StatusOK, result)
return
} else if err != nil {
ar.Error(w, locale, http.StatusInternalServerError, l.ErrorStorageFindUserEmailError, d.Email, err)
return
}
// TODO: add TFA support, now it ignores TFA support
resetToken, err := ar.server.Services().Token.NewResetToken(user.ID)
if err != nil {
ar.Error(w, locale, http.StatusInternalServerError, l.ErrorTokenUnableToCreateResetTokenError, err)
return
}
resetTokenString, err := ar.server.Services().Token.String(resetToken)
if err != nil {
ar.Error(w, locale, http.StatusInternalServerError, l.ErrorTokenUnableToCreateResetTokenError, err)
return
}
result := map[string]string{"result": "ok", "token": resetTokenString}
ar.ServeJSON(w, locale, http.StatusOK, result)
}