feat: add update password api route

This commit is contained in:
Derrick Hammer 2024-03-19 10:04:27 -04:00
parent 3473551f6c
commit aff371a844
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
4 changed files with 61 additions and 0 deletions

View File

@ -304,6 +304,24 @@ func (s AccountServiceDefault) UpdateAccountEmail(userId uint, email string, pas
return s.updateAccountInfo(userId, update)
}
func (s AccountServiceDefault) UpdateAccountPassword(userId uint, password string, newPassword string) error {
valid, _, err := s.ValidLoginByUserID(userId, password)
if err != nil {
return err
}
if !valid {
return NewAccountError(ErrKeyInvalidPassword, nil)
}
passwordHash, err := s.HashPassword(newPassword)
if err != nil {
return err
}
return s.updateAccountInfo(userId, models.User{PasswordHash: passwordHash})
}
func (s AccountServiceDefault) AddPubkeyToAccount(user models.User, pubkey string) error {
var model models.PublicKey

View File

@ -334,6 +334,22 @@ func (a AccountAPI) updateEmail(c jape.Context) {
}
}
func (a AccountAPI) updatePassword(c jape.Context) {
user := middleware.GetUserFromContext(c.Request.Context())
var request UpdatePasswordRequest
if c.Decode(&request) != nil {
return
}
err := a.accounts.UpdateAccountPassword(user, request.CurrentPassword, request.NewPassword)
if c.Check("failed to update password", err) != nil {
return
}
}
func (a *AccountAPI) Routes() (*httprouter.Router, error) {
loginAuthMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
Identity: a.identity,
@ -416,6 +432,7 @@ func (a *AccountAPI) Routes() (*httprouter.Router, error) {
"POST /api/account/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, corsMw.Handler, middleware.ProxyMiddleware),
"POST /api/account/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, corsMw.Handler, middleware.ProxyMiddleware),
"POST /api/account/update-email": middleware.ApplyMiddlewares(a.updateEmail, corsMw.Handler, authMw, middleware.ProxyMiddleware),
"POST /api/account/update-password": middleware.ApplyMiddlewares(a.updatePassword, corsMw.Handler, authMw, middleware.ProxyMiddleware),
"GET /*path": middleware.ApplyMiddlewares(getHandler, corsMw.Handler),
}

View File

@ -62,3 +62,7 @@ type UpdateEmailRequest struct {
Email string `json:"email"`
Password string `json:"password"`
}
type UpdatePasswordRequest struct {
CurrentPassword string `json:"current_password"`
NewPassword string `json:"new_password"`
}

View File

@ -160,6 +160,18 @@ paths:
responses:
'200':
description: Email updated successfully
/api/account/update-password:
post:
summary: Update password
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/UpdatePasswordRequest'
responses:
'200':
description: Password updated successfully
/api/upload-limit:
get:
summary: Get the basic file upload (POST) upload limit set by the portal
@ -270,6 +282,16 @@ components:
type: string
password:
type: string
UpdatePasswordRequest:
type: object
required:
- current_password
- new_password
properties:
current_password:
type: string
new_password:
type: string
PingResponse:
type: object
properties: