✨ Reset password APIs
This commit is contained in:
parent
7e334222ee
commit
e5d8f1ab3b
71
.idea/workspace.xml
generated
71
.idea/workspace.xml
generated
@ -4,9 +4,18 @@
|
||||
<option name="autoReloadType" value="ALL" />
|
||||
</component>
|
||||
<component name="ChangeListManager">
|
||||
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Fix API mapping issue">
|
||||
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":recycle: Improve notify API">
|
||||
<change afterPath="$PROJECT_DIR$/web/src/views/flow/password-reset.vue" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/services/notifications.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/notifications.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/models/tokens.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/tokens.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/accounts_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/accounts_api.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/factors_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/factors_api.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/index.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/security_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/security_api.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/services/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/accounts.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/pkg/internal/services/tokens.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/tokens.go" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/web/src/router/index.ts" beforeDir="false" afterPath="$PROJECT_DIR$/web/src/router/index.ts" afterDir="false" />
|
||||
<change beforePath="$PROJECT_DIR$/web/src/views/confirm.vue" beforeDir="false" afterPath="$PROJECT_DIR$/web/src/views/flow/confirm.vue" afterDir="false" />
|
||||
</list>
|
||||
<option name="SHOW_DIALOG" value="false" />
|
||||
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
||||
@ -41,48 +50,48 @@
|
||||
<option name="hideEmptyMiddlePackages" value="true" />
|
||||
<option name="showLibraryContents" value="true" />
|
||||
</component>
|
||||
<component name="PropertiesComponent">{
|
||||
"keyToString": {
|
||||
"DefaultGoTemplateProperty": "Go File",
|
||||
"Go Build.Backend.executor": "Run",
|
||||
"Go 构建.Backend.executor": "Run",
|
||||
"RunOnceActivity.ShowReadmeOnStart": "true",
|
||||
"RunOnceActivity.go.formatter.settings.were.checked": "true",
|
||||
"RunOnceActivity.go.migrated.go.modules.settings": "true",
|
||||
"RunOnceActivity.go.modules.automatic.dependencies.download": "true",
|
||||
"RunOnceActivity.go.modules.go.list.on.any.changes.was.set": "true",
|
||||
"git-widget-placeholder": "master",
|
||||
"go.import.settings.migrated": "true",
|
||||
"go.sdk.automatically.set": "true",
|
||||
"last_opened_file_path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/pkg/internal/server/api",
|
||||
"node.js.detected.package.eslint": "true",
|
||||
"node.js.selected.package.eslint": "(autodetect)",
|
||||
"nodejs_package_manager_path": "npm",
|
||||
"run.code.analysis.last.selected.profile": "pProject Default",
|
||||
"settings.editor.selected.configurable": "preferences.pluginManager",
|
||||
"ts.external.directory.path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib",
|
||||
"vue.rearranger.settings.migration": "true"
|
||||
<component name="PropertiesComponent"><![CDATA[{
|
||||
"keyToString": {
|
||||
"DefaultGoTemplateProperty": "Go File",
|
||||
"Go Build.Backend.executor": "Run",
|
||||
"Go 构建.Backend.executor": "Run",
|
||||
"RunOnceActivity.ShowReadmeOnStart": "true",
|
||||
"RunOnceActivity.go.formatter.settings.were.checked": "true",
|
||||
"RunOnceActivity.go.migrated.go.modules.settings": "true",
|
||||
"RunOnceActivity.go.modules.automatic.dependencies.download": "true",
|
||||
"RunOnceActivity.go.modules.go.list.on.any.changes.was.set": "true",
|
||||
"git-widget-placeholder": "master",
|
||||
"go.import.settings.migrated": "true",
|
||||
"go.sdk.automatically.set": "true",
|
||||
"last_opened_file_path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/src/views",
|
||||
"node.js.detected.package.eslint": "true",
|
||||
"node.js.selected.package.eslint": "(autodetect)",
|
||||
"nodejs_package_manager_path": "npm",
|
||||
"run.code.analysis.last.selected.profile": "pProject Default",
|
||||
"settings.editor.selected.configurable": "preferences.pluginManager",
|
||||
"ts.external.directory.path": "/Users/littlesheep/Documents/Projects/Hydrogen/Passport/web/node_modules/typescript/lib",
|
||||
"vue.rearranger.settings.migration": "true"
|
||||
},
|
||||
"keyToStringList": {
|
||||
"DatabaseDriversLRU": [
|
||||
"postgresql"
|
||||
"keyToStringList": {
|
||||
"DatabaseDriversLRU": [
|
||||
"postgresql"
|
||||
]
|
||||
}
|
||||
}</component>
|
||||
}]]></component>
|
||||
<component name="RecentsManager">
|
||||
<key name="CopyFile.RECENT_KEYS">
|
||||
<recent name="$PROJECT_DIR$/web/src/views" />
|
||||
<recent name="$PROJECT_DIR$/pkg/internal/server/api" />
|
||||
<recent name="$PROJECT_DIR$/web" />
|
||||
<recent name="$PROJECT_DIR$/pkg/services" />
|
||||
<recent name="$PROJECT_DIR$/pkg/server/ui" />
|
||||
<recent name="$PROJECT_DIR$/pkg/views/users" />
|
||||
</key>
|
||||
<key name="MoveFile.RECENT_KEYS">
|
||||
<recent name="$PROJECT_DIR$/web/src/views/flow" />
|
||||
<recent name="$PROJECT_DIR$/pkg/internal/server/exts" />
|
||||
<recent name="$PROJECT_DIR$/pkg/internal/server/api" />
|
||||
<recent name="$PROJECT_DIR$/pkg/internal" />
|
||||
<recent name="$PROJECT_DIR$/pkg" />
|
||||
<recent name="$PROJECT_DIR$/pkg/views/users/directory" />
|
||||
</key>
|
||||
</component>
|
||||
<component name="RunAnythingCache">
|
||||
@ -152,7 +161,6 @@
|
||||
</option>
|
||||
</component>
|
||||
<component name="VcsManagerConfiguration">
|
||||
<MESSAGE value=":bug: Fix frontend" />
|
||||
<MESSAGE value=":card_file_box: Add the status model" />
|
||||
<MESSAGE value=":bug: Authenticate wrong payload hotfix" />
|
||||
<MESSAGE value=":sparkles: Can pick up mfa request" />
|
||||
@ -177,7 +185,8 @@
|
||||
<MESSAGE value=":sparkles: Admin notify all API" />
|
||||
<MESSAGE value=":bug: Fix request body validation" />
|
||||
<MESSAGE value=":bug: Fix API mapping issue" />
|
||||
<option name="LAST_COMMIT_MESSAGE" value=":bug: Fix API mapping issue" />
|
||||
<MESSAGE value=":recycle: Improve notify API" />
|
||||
<option name="LAST_COMMIT_MESSAGE" value=":recycle: Improve notify API" />
|
||||
</component>
|
||||
<component name="VgoProject">
|
||||
<settings-migrated>true</settings-migrated>
|
||||
|
@ -7,6 +7,7 @@ type MagicTokenType = int8
|
||||
const (
|
||||
ConfirmMagicToken = MagicTokenType(iota)
|
||||
RegistrationMagicToken
|
||||
ResetPasswordMagicToken
|
||||
)
|
||||
|
||||
type MagicToken struct {
|
||||
|
@ -123,23 +123,6 @@ func editUserinfo(c *fiber.Ctx) error {
|
||||
return c.SendStatus(fiber.StatusOK)
|
||||
}
|
||||
|
||||
func killTicket(c *fiber.Ctx) error {
|
||||
if err := exts.EnsureAuthenticated(c); err != nil {
|
||||
return err
|
||||
}
|
||||
user := c.Locals("user").(models.Account)
|
||||
id, _ := c.ParamsInt("ticketId", 0)
|
||||
|
||||
if err := database.C.Delete(&models.AuthTicket{}, &models.AuthTicket{
|
||||
BaseModel: models.BaseModel{ID: uint(id)},
|
||||
AccountID: user.ID,
|
||||
}).Error; err != nil {
|
||||
return fiber.NewError(fiber.StatusNotFound, err.Error())
|
||||
}
|
||||
|
||||
return c.SendStatus(fiber.StatusOK)
|
||||
}
|
||||
|
||||
func doRegister(c *fiber.Ctx) error {
|
||||
var data struct {
|
||||
Name string `json:"name" validate:"required,lowercase,alphanum,min=4,max=16"`
|
||||
|
@ -2,6 +2,7 @@ package api
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
|
||||
"git.solsynth.dev/hydrogen/passport/pkg/internal/services"
|
||||
"github.com/gofiber/fiber/v2"
|
||||
)
|
||||
@ -40,3 +41,43 @@ func requestFactorToken(c *fiber.Ctx) error {
|
||||
return c.SendStatus(fiber.StatusOK)
|
||||
}
|
||||
}
|
||||
|
||||
func requestResetPassword(c *fiber.Ctx) error {
|
||||
var data struct {
|
||||
UserID uint `json:"user_id" validate:"required"`
|
||||
}
|
||||
|
||||
if err := exts.BindAndValidate(c, &data); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
user, err := services.GetAccount(data.UserID)
|
||||
if err != nil {
|
||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||
}
|
||||
|
||||
if err = services.CheckAbleToResetPassword(user); err != nil {
|
||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||
} else if err = services.RequestResetPassword(user); err != nil {
|
||||
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||
}
|
||||
|
||||
return c.SendStatus(fiber.StatusOK)
|
||||
}
|
||||
|
||||
func confirmResetPassword(c *fiber.Ctx) error {
|
||||
var data struct {
|
||||
Code string `json:"code" validate:"required"`
|
||||
NewPassword string `json:"new_password" validate:"required"`
|
||||
}
|
||||
|
||||
if err := exts.BindAndValidate(c, &data); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := services.ConfirmResetPassword(data.Code, data.NewPassword); err != nil {
|
||||
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
||||
}
|
||||
|
||||
return c.SendStatus(fiber.StatusOK)
|
||||
}
|
||||
|
@ -34,6 +34,8 @@ func MapAPIs(app *fiber.App) {
|
||||
me.Delete("/tickets/:ticketId", killTicket)
|
||||
|
||||
me.Post("/confirm", doRegisterConfirm)
|
||||
me.Post("/reset-password", requestResetPassword)
|
||||
me.Patch("/reset-password", confirmResetPassword)
|
||||
|
||||
me.Get("/status", getMyselfStatus)
|
||||
me.Post("/status", setStatus)
|
||||
|
@ -38,3 +38,20 @@ func getTickets(c *fiber.Ctx) error {
|
||||
"data": tickets,
|
||||
})
|
||||
}
|
||||
|
||||
func killTicket(c *fiber.Ctx) error {
|
||||
if err := exts.EnsureAuthenticated(c); err != nil {
|
||||
return err
|
||||
}
|
||||
user := c.Locals("user").(models.Account)
|
||||
id, _ := c.ParamsInt("ticketId", 0)
|
||||
|
||||
if err := database.C.Delete(&models.AuthTicket{}, &models.AuthTicket{
|
||||
BaseModel: models.BaseModel{ID: uint(id)},
|
||||
AccountID: user.ID,
|
||||
}).Error; err != nil {
|
||||
return fiber.NewError(fiber.StatusNotFound, err.Error())
|
||||
}
|
||||
|
||||
return c.SendStatus(fiber.StatusOK)
|
||||
}
|
||||
|
@ -101,6 +101,8 @@ func ConfirmAccount(code string) error {
|
||||
token, err := ValidateMagicToken(code, models.ConfirmMagicToken)
|
||||
if err != nil {
|
||||
return err
|
||||
} else if token.AccountID == nil {
|
||||
return fmt.Errorf("magic token didn't assign a valid account")
|
||||
}
|
||||
|
||||
var user models.Account
|
||||
@ -134,6 +136,61 @@ func ConfirmAccount(code string) error {
|
||||
})
|
||||
}
|
||||
|
||||
func CheckAbleToResetPassword(user models.Account) error {
|
||||
var count int64
|
||||
if err := database.C.
|
||||
Where("account_id = ?", user.ID).
|
||||
Where("expired_at < ?", time.Now()).
|
||||
Model(&models.MagicToken{}).
|
||||
Count(&count).Error; err != nil {
|
||||
return fmt.Errorf("unable to check reset password ability: %v", err)
|
||||
} else if count == 0 {
|
||||
return fmt.Errorf("you requested reset password recently")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func RequestResetPassword(user models.Account) error {
|
||||
if tk, err := NewMagicToken(
|
||||
models.ResetPasswordMagicToken,
|
||||
&user,
|
||||
lo.ToPtr(time.Now().Add(24*time.Hour)),
|
||||
); err != nil {
|
||||
return err
|
||||
} else if err := NotifyMagicToken(tk); err != nil {
|
||||
log.Error().
|
||||
Err(err).
|
||||
Str("code", tk.Code).
|
||||
Uint("user", user.ID).
|
||||
Msg("Failed to notify password reset magic token...")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func ConfirmResetPassword(code, newPassword string) error {
|
||||
token, err := ValidateMagicToken(code, models.ResetPasswordMagicToken)
|
||||
if err != nil {
|
||||
return err
|
||||
} else if token.AccountID == nil {
|
||||
return fmt.Errorf("magic token didn't assign a valid account")
|
||||
}
|
||||
|
||||
factor, err := GetPasswordTypeFactor(*token.AccountID)
|
||||
if err != nil {
|
||||
factor = models.AuthFactor{
|
||||
Type: models.PasswordAuthFactor,
|
||||
Secret: HashPassword(newPassword),
|
||||
AccountID: *token.AccountID,
|
||||
}
|
||||
} else {
|
||||
factor.Secret = HashPassword(newPassword)
|
||||
}
|
||||
|
||||
return database.C.Save(&factor).Error
|
||||
}
|
||||
|
||||
func DeleteAccount(id uint) error {
|
||||
tx := database.C.Begin()
|
||||
|
||||
|
@ -27,6 +27,21 @@ Once again, thank you for choosing us. We look forward to serving you and hope y
|
||||
Best regards,
|
||||
%s`
|
||||
|
||||
const ResetPasswordTemplate = `Dear %s,
|
||||
|
||||
We received a request to reset the password for your account at %s. If you did not request a password reset, please ignore this email.
|
||||
|
||||
To confirm your password reset request and create a new password, please use the link below:
|
||||
|
||||
%s
|
||||
|
||||
This link will expire in 24 hours. If you do not reset your password within this time frame, you will need to submit a new password reset request.
|
||||
|
||||
If you have any questions or need further assistance, please do not hesitate to contact our support team.
|
||||
|
||||
Best regards,
|
||||
%s`
|
||||
|
||||
func ValidateMagicToken(code string, mode models.MagicTokenType) (models.MagicToken, error) {
|
||||
var tk models.MagicToken
|
||||
if err := database.C.Where(models.MagicToken{Code: code, Type: mode}).First(&tk).Error; err != nil {
|
||||
@ -74,7 +89,7 @@ func NotifyMagicToken(token models.MagicToken) error {
|
||||
var content string
|
||||
switch token.Type {
|
||||
case models.ConfirmMagicToken:
|
||||
link := fmt.Sprintf("https://%s/me/confirm?tk=%s", viper.GetString("domain"), token.Code)
|
||||
link := fmt.Sprintf("https://%s/flow/confirm?code=%s", viper.GetString("domain"), token.Code)
|
||||
subject = fmt.Sprintf("[%s] Confirm your registration", viper.GetString("name"))
|
||||
content = fmt.Sprintf(
|
||||
ConfirmRegistrationTemplate,
|
||||
@ -84,6 +99,16 @@ func NotifyMagicToken(token models.MagicToken) error {
|
||||
link,
|
||||
viper.GetString("maintainer"),
|
||||
)
|
||||
case models.ResetPasswordMagicToken:
|
||||
link := fmt.Sprintf("https://%s/flow/password-reset?code=%s", viper.GetString("domain"), token.Code)
|
||||
subject = fmt.Sprintf("[%s] Reset your password", viper.GetString("name"))
|
||||
content = fmt.Sprintf(
|
||||
ResetPasswordTemplate,
|
||||
user.Name,
|
||||
viper.GetString("name"),
|
||||
link,
|
||||
viper.GetString("maintainer"),
|
||||
)
|
||||
default:
|
||||
return fmt.Errorf("unsupported magic token type to notify")
|
||||
}
|
||||
|
@ -51,17 +51,28 @@ const router = createRouter({
|
||||
meta: { public: true, title: "Sign up" },
|
||||
},
|
||||
{
|
||||
path: "authorize",
|
||||
path: "/authorize",
|
||||
name: "oauth.authorize",
|
||||
component: () => import("@/views/auth/authorize.vue"),
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
path: "/users/me/confirm",
|
||||
name: "callback.confirm",
|
||||
component: () => import("@/views/confirm.vue"),
|
||||
meta: { public: true, title: "Confirm registration" },
|
||||
path: "/flow",
|
||||
children: [
|
||||
{
|
||||
path: "confirm",
|
||||
name: "callback.confirm",
|
||||
component: () => import("@/views/flow/confirm.vue"),
|
||||
meta: { public: true, title: "Confirm registration" },
|
||||
},
|
||||
{
|
||||
path: "password-reset",
|
||||
name: "callback.password-reset",
|
||||
component: () => import("@/views/flow/password-reset.vue"),
|
||||
meta: { public: true, title: "Reset password" },
|
||||
},
|
||||
],
|
||||
},
|
||||
],
|
||||
})
|
||||
|
104
web/src/views/flow/confirm.vue
Executable file
104
web/src/views/flow/confirm.vue
Executable file
@ -0,0 +1,104 @@
|
||||
<template>
|
||||
<v-container class="h-screen flex flex-col gap-3 items-center justify-center">
|
||||
<v-card class="w-full max-w-[720px] overflow-auto" :loading="loading">
|
||||
<v-card-text class="card-grid pa-9">
|
||||
<div>
|
||||
<v-avatar color="accent" icon="mdi-check-decagram" size="large" class="card-rounded mb-2" />
|
||||
<h1 class="text-2xl">Confirm registration</h1>
|
||||
<p>Confirm your account to keep your account longer than 48 hours.</p>
|
||||
</div>
|
||||
|
||||
<v-window :touch="false" :model-value="panel" class="pa-2 mx-[-0.5rem]">
|
||||
<v-window-item value="confirm">
|
||||
<div>
|
||||
<v-expand-transition>
|
||||
<v-alert v-show="error" variant="tonal" type="error" class="text-xs mb-3">
|
||||
Something went wrong... {{ error }}
|
||||
</v-alert>
|
||||
</v-expand-transition>
|
||||
|
||||
<v-progress-circular v-if="!error" indeterminate size="32" color="grey-darken-3" class="mb-3" />
|
||||
|
||||
<h1 class="font-bold text-xl">Confirming</h1>
|
||||
<p>We are confirming your account. Please stand by, this won't took a long time...</p>
|
||||
</div>
|
||||
</v-window-item>
|
||||
<v-window-item value="callback">
|
||||
<div>
|
||||
<v-icon icon="mdi-fire" size="32" color="grey-darken-3" class="mb-3" />
|
||||
|
||||
<h1 class="font-bold text-xl">Confirmed</h1>
|
||||
<p>You're done! We successfully confirmed your account.</p>
|
||||
|
||||
<p class="mt-3">Now you can continue use Solarpass, we will redirect to dashboard you soon.</p>
|
||||
</div>
|
||||
</v-window-item>
|
||||
</v-window>
|
||||
</v-card-text>
|
||||
</v-card>
|
||||
|
||||
<copyright />
|
||||
</v-container>
|
||||
</template>
|
||||
|
||||
<script setup lang="ts">
|
||||
import { ref } from "vue"
|
||||
import { useRoute, useRouter } from "vue-router"
|
||||
import { request } from "@/scripts/request"
|
||||
import { useUserinfo } from "@/stores/userinfo"
|
||||
import Copyright from "@/components/Copyright.vue"
|
||||
|
||||
const route = useRoute()
|
||||
const router = useRouter()
|
||||
const { readProfiles } = useUserinfo()
|
||||
|
||||
const error = ref<string | null>(null)
|
||||
|
||||
const loading = ref(false)
|
||||
|
||||
const panel = ref("confirm")
|
||||
|
||||
async function confirm() {
|
||||
if (!route.query["code"]) {
|
||||
error.value = "code was not exists"
|
||||
return
|
||||
}
|
||||
|
||||
const res = await request("/api/users/me/confirm", {
|
||||
method: "POST",
|
||||
headers: { "Content-Type": "application/json" },
|
||||
body: JSON.stringify({
|
||||
code: route.query["code"],
|
||||
}),
|
||||
})
|
||||
if (res.status !== 200) {
|
||||
error.value = await res.text()
|
||||
} else {
|
||||
loading.value = true
|
||||
panel.value = "callback"
|
||||
await readProfiles()
|
||||
router.push({ name: "dashboard" })
|
||||
}
|
||||
loading.value = false
|
||||
}
|
||||
|
||||
confirm()
|
||||
</script>
|
||||
|
||||
<style scoped>
|
||||
.card-grid {
|
||||
display: grid;
|
||||
grid-template-columns: 1fr 1fr;
|
||||
gap: 1rem;
|
||||
}
|
||||
|
||||
@media (max-width: 768px) {
|
||||
.card-grid {
|
||||
grid-template-columns: 1fr;
|
||||
}
|
||||
}
|
||||
|
||||
.card-rounded {
|
||||
border-radius: 8px;
|
||||
}
|
||||
</style>
|
Loading…
Reference in New Issue
Block a user