server/handle_server_reset_password.go at main · hailey.at/cocoon

hailey.at / cocoon
An atproto PDS written in Go
cocoon / server / handle_server_reset_password.go
at main 1.6 kB view raw
 1package server
 2
 3import (
 4	"time"
 5
 6	"github.com/Azure/go-autorest/autorest/to"
 7	"github.com/haileyok/cocoon/internal/helpers"
 8	"github.com/haileyok/cocoon/models"
 9	"github.com/labstack/echo/v4"
10	"golang.org/x/crypto/bcrypt"
11)
12
13type ComAtprotoServerResetPasswordRequest struct {
14	Token    string `json:"token" validate:"required"`
15	Password string `json:"password" validate:"required"`
16}
17
18func (s *Server) handleServerResetPassword(e echo.Context) error {
19	urepo := e.Get("repo").(*models.RepoActor)
20
21	var req ComAtprotoServerResetPasswordRequest
22	if err := e.Bind(&req); err != nil {
23		s.logger.Error("error binding", "error", err)
24		return helpers.ServerError(e, nil)
25	}
26
27	if err := e.Validate(req); err != nil {
28		return helpers.InputError(e, nil)
29	}
30
31	if urepo.PasswordResetCode == nil || urepo.PasswordResetCodeExpiresAt == nil {
32		return helpers.InputError(e, to.StringPtr("InvalidToken"))
33	}
34
35	if *urepo.PasswordResetCode != req.Token {
36		return helpers.InvalidTokenError(e)
37	}
38
39	if time.Now().UTC().After(*urepo.PasswordResetCodeExpiresAt) {
40		return helpers.ExpiredTokenError(e)
41	}
42
43	hash, err := bcrypt.GenerateFromPassword([]byte(req.Password), 10)
44	if err != nil {
45		s.logger.Error("error creating hash", "error", err)
46		return helpers.ServerError(e, nil)
47	}
48
49	if err := s.db.Exec("UPDATE repos SET password_reset_code = NULL, password_reset_code_expires_at = NULL, password = ? WHERE did = ?", nil, hash, urepo.Repo.Did).Error; err != nil {
50		s.logger.Error("error updating repo", "error", err)
51		return helpers.ServerError(e, nil)
52	}
53
54	return e.NoContent(200)
55}