From eb767d2c1cb65724f25479144d68a9d102d32dfa Mon Sep 17 00:00:00 2001 From: Joram Wilander Date: Tue, 7 Feb 2017 10:46:40 -0800 Subject: Implement password reset endpoints for APIv4 (#5256) --- api4/user.go | 51 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 48 insertions(+), 3 deletions(-) (limited to 'api4/user.go') diff --git a/api4/user.go b/api4/user.go index 56cfc5d90..348ccf46c 100644 --- a/api4/user.go +++ b/api4/user.go @@ -24,6 +24,8 @@ func InitUser() { BaseRoutes.User.Handle("", ApiSessionRequired(deleteUser)).Methods("DELETE") BaseRoutes.User.Handle("/roles", ApiSessionRequired(updateUserRoles)).Methods("PUT") BaseRoutes.User.Handle("/password", ApiSessionRequired(updatePassword)).Methods("PUT") + BaseRoutes.Users.Handle("/password/reset", ApiHandler(resetPassword)).Methods("POST") + BaseRoutes.Users.Handle("/password/reset/send", ApiHandler(sendPasswordReset)).Methods("POST") BaseRoutes.Users.Handle("/login", ApiHandler(login)).Methods("POST") BaseRoutes.Users.Handle("/logout", ApiHandler(logout)).Methods("POST") @@ -224,7 +226,7 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } } -func deleteUser(c *Context, w http.ResponseWriter, r *http.Request){ +func deleteUser(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireUserId() if c.Err != nil { return @@ -236,7 +238,7 @@ func deleteUser(c *Context, w http.ResponseWriter, r *http.Request){ c.SetPermissionError(model.PERMISSION_EDIT_OTHER_USERS) return } - + var user *model.User var err *model.AppError @@ -247,7 +249,7 @@ func deleteUser(c *Context, w http.ResponseWriter, r *http.Request){ if _, err := app.UpdateActive(user, false); err != nil { c.Err = err - return + return } ReturnStatusOK(w) @@ -319,6 +321,49 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { } } +func resetPassword(c *Context, w http.ResponseWriter, r *http.Request) { + props := model.MapFromJson(r.Body) + + code := props["code"] + if len(code) != model.PASSWORD_RECOVERY_CODE_SIZE { + c.SetInvalidParam("code") + return + } + + newPassword := props["new_password"] + + c.LogAudit("attempt - code=" + code) + + if err := app.ResetPasswordFromCode(code, newPassword, c.GetSiteURL()); err != nil { + c.LogAudit("fail - code=" + code) + c.Err = err + return + } + + c.LogAudit("success - code=" + code) + + ReturnStatusOK(w) +} + +func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) { + props := model.MapFromJson(r.Body) + + email := props["email"] + if len(email) == 0 { + c.SetInvalidParam("email") + return + } + + if sent, err := app.SendPasswordReset(email, c.GetSiteURL()); err != nil { + c.Err = err + return + } else if sent { + c.LogAudit("sent=" + email) + } + + ReturnStatusOK(w) +} + func login(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) -- cgit v1.2.3-1-g7c22