-
Notifications
You must be signed in to change notification settings - Fork 16
/
reset_password_handler.go
79 lines (69 loc) · 2.63 KB
/
reset_password_handler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package httphandler
import (
"encoding/json"
"errors"
"net/http"
"github.com/stellar/stellar-disbursement-platform-backend/internal/utils"
"github.com/stellar/go/support/log"
"github.com/stellar/go/support/render/httpjson"
"github.com/stellar/stellar-disbursement-platform-backend/internal/serve/httperror"
"github.com/stellar/stellar-disbursement-platform-backend/stellar-auth/pkg/auth"
authUtils "github.com/stellar/stellar-disbursement-platform-backend/stellar-auth/pkg/utils"
)
// ResetPasswordHandler resets the user password by receiving a valid reset token
// and the new password.
type ResetPasswordHandler struct {
AuthManager auth.AuthManager
PasswordValidator *authUtils.PasswordValidator
}
type ResetPasswordRequest struct {
Password string `json:"password"`
ResetToken string `json:"reset_token"`
}
// ServeHTTP implements the http.Handler interface.
func (h ResetPasswordHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
var resetPasswordRequest ResetPasswordRequest
err := json.NewDecoder(r.Body).Decode(&resetPasswordRequest)
if err != nil {
httperror.BadRequest("invalid request body", err, nil).Render(w)
return
}
// validate password
badRequestExtras := map[string]interface{}{}
err = h.PasswordValidator.ValidatePassword(resetPasswordRequest.Password)
if err != nil {
var validatePasswordError *authUtils.ValidatePasswordError
if errors.As(err, &validatePasswordError) {
for k, v := range validatePasswordError.FailedValidations() {
badRequestExtras[k] = v
}
log.Ctx(ctx).Errorf("validating password in ResetPasswordHandler.ServeHTTP: %v", err)
} else {
httperror.InternalError(ctx, "Cannot update user password", err, nil).Render(w)
return
}
}
// validate reset token
if resetPasswordRequest.ResetToken == "" {
badRequestExtras["reset_token"] = "reset token is required"
}
// return 400 if there are any errors
if len(badRequestExtras) > 0 {
httperror.BadRequest("request invalid", err, badRequestExtras).Render(w)
return
}
// Reset password with a valid token
err = h.AuthManager.ResetPassword(ctx, resetPasswordRequest.ResetToken, resetPasswordRequest.Password)
if err != nil {
if errors.Is(err, auth.ErrInvalidResetPasswordToken) {
httperror.BadRequest("invalid reset password token", err, nil).Render(w)
return
}
httperror.InternalError(ctx, "Cannot reset password", err, nil).Render(w)
return
}
log.Ctx(ctx).Infof("[ResetUserPassword] - Reset password for user with token %s",
utils.TruncateString(resetPasswordRequest.ResetToken, len(resetPasswordRequest.ResetToken)/4))
httpjson.RenderStatus(w, http.StatusOK, nil, httpjson.JSON)
}