98 lines
2.3 KiB
Go
Executable File
98 lines
2.3 KiB
Go
Executable File
package auth
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rand"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"time"
|
|
|
|
"git.coopgo.io/coopgo-platform/mobility-accounts/grpcapi"
|
|
)
|
|
|
|
func (h *AuthHandler) LostPasswordInit(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method == "POST" {
|
|
r.ParseForm()
|
|
email := r.FormValue("email")
|
|
if email != "" {
|
|
account, err := h.services.GRPC.MobilityAccounts.GetAccountUsername(context.TODO(), &grpcapi.GetAccountUsernameRequest{
|
|
Username: email,
|
|
Namespace: "parcoursmob",
|
|
})
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
http.Redirect(w, r, "/app/", http.StatusFound)
|
|
return
|
|
}
|
|
|
|
b := make([]byte, 16)
|
|
if _, err := io.ReadFull(rand.Reader, b); err != nil {
|
|
fmt.Println(err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
key := base64.RawURLEncoding.EncodeToString(b)
|
|
|
|
passwordretrieval := map[string]any{
|
|
"username": email,
|
|
"account_id": account.Account.Id,
|
|
"key": key,
|
|
}
|
|
|
|
h.cache.PutWithTTL("retrieve-password/"+key, passwordretrieval, 72*time.Hour)
|
|
|
|
if err := h.emailing.Send("auth.retrieve_password", email, passwordretrieval); err != nil {
|
|
fmt.Println(err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
http.Redirect(w, r, "/app/", http.StatusFound)
|
|
}
|
|
}
|
|
h.Renderer.LostPasswordInit(w, r)
|
|
|
|
}
|
|
|
|
func (h *AuthHandler) LostPasswordRecover(w http.ResponseWriter, r *http.Request) {
|
|
r.ParseForm()
|
|
|
|
key := r.FormValue("key")
|
|
recover, err := h.cache.Get("retrieve-password/" + key)
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
h.Renderer.LostPasswordRecoverKO(w, r, key)
|
|
return
|
|
}
|
|
|
|
if r.Method == "POST" {
|
|
newpassword := r.FormValue("password")
|
|
if newpassword == "" {
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
w.Write([]byte("Password is empty"))
|
|
return
|
|
}
|
|
|
|
_, err := h.services.GRPC.MobilityAccounts.ChangePassword(context.TODO(), &grpcapi.ChangePasswordRequest{
|
|
Id: recover.(map[string]any)["account_id"].(string),
|
|
Password: newpassword,
|
|
})
|
|
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
}
|
|
|
|
err = h.cache.Delete("retrieve-password/" + key)
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
}
|
|
|
|
http.Redirect(w, r, "/app/", http.StatusFound)
|
|
|
|
}
|
|
h.Renderer.LostPasswordRecover(w, r, recover)
|
|
}
|