feat: add password reset endpoints
This commit is contained in:
parent
25b4286011
commit
33af108d39
GPG Key ID:
C997C339BE476FF2
|
|
@ -217,6 +217,46 @@ func (a AccountAPI) otpDisable(jc jape.Context) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (a AccountAPI) passwordResetRequest(jc jape.Context) {
|
||||||
|
var request PasswordResetRequest
|
||||||
|
|
||||||
|
if jc.Decode(&request) != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
exists, user, err := a.accounts.EmailExists(request.Email)
|
||||||
|
if jc.Check("invalid request", err) != nil || !exists {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
err = a.accounts.SendPasswordReset(user)
|
||||||
|
if jc.Check("failed to request password reset", err) != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
jc.ResponseWriter.WriteHeader(http.StatusOK)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (a AccountAPI) passwordResetConfirm(jc jape.Context) {
|
||||||
|
var request PasswordResetVerifyRequest
|
||||||
|
|
||||||
|
if jc.Decode(&request) != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
exists, _, err := a.accounts.EmailExists(request.Email)
|
||||||
|
if jc.Check("invalid request", err) != nil || !exists {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
err = a.accounts.ResetPassword(request.Email, request.Password, request.Token)
|
||||||
|
if jc.Check("failed to reset password", err) != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
jc.ResponseWriter.WriteHeader(http.StatusOK)
|
||||||
|
}
|
||||||
|
|
||||||
func (a AccountAPI) Routes() (*httprouter.Router, error) {
|
func (a AccountAPI) Routes() (*httprouter.Router, error) {
|
||||||
authMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
|
authMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
|
||||||
Identity: a.identity,
|
Identity: a.identity,
|
||||||
|
|
@ -240,6 +280,8 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) {
|
||||||
"POST /api/auth/otp/verify": middleware.ApplyMiddlewares(a.otpVerify, authMw, middleware.ProxyMiddleware),
|
"POST /api/auth/otp/verify": middleware.ApplyMiddlewares(a.otpVerify, authMw, middleware.ProxyMiddleware),
|
||||||
"POST /api/auth/otp/validate": middleware.ApplyMiddlewares(a.otpValidate, authMw, middleware.ProxyMiddleware),
|
"POST /api/auth/otp/validate": middleware.ApplyMiddlewares(a.otpValidate, authMw, middleware.ProxyMiddleware),
|
||||||
"POST /api/auth/otp/disable": middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware),
|
"POST /api/auth/otp/disable": middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware),
|
||||||
|
"POST /api/auth/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, middleware.ProxyMiddleware),
|
||||||
|
"POST /api/auth/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, middleware.ProxyMiddleware),
|
||||||
}), nil
|
}), nil
|
||||||
}
|
}
|
||||||
func (a AccountAPI) Can(w http.ResponseWriter, r *http.Request) bool {
|
func (a AccountAPI) Can(w http.ResponseWriter, r *http.Request) bool {
|
||||||
|
|
|
||||||
|
|
@ -30,3 +30,11 @@ type VerifyEmailRequest struct {
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
Token string `json:"token"`
|
Token string `json:"token"`
|
||||||
}
|
}
|
||||||
|
type PasswordResetRequest struct {
|
||||||
|
Email string `json:"email"`
|
||||||
|
}
|
||||||
|
type PasswordResetVerifyRequest struct {
|
||||||
|
Email string `json:"email"`
|
||||||
|
Token string `json:"token"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue