]> Untitled Git - lemmy.git/commitdiff
Moving ChangePassword to its own API action. Fixes #1471
authorDessalines <tyhou13@gmx.com>
Thu, 1 Apr 2021 21:39:01 +0000 (17:39 -0400)
committerDessalines <tyhou13@gmx.com>
Thu, 1 Apr 2021 21:39:01 +0000 (17:39 -0400)
crates/api/src/lib.rs
crates/api/src/local_user.rs
crates/api_common/src/person.rs
crates/websocket/src/lib.rs
src/api_routes.rs

index 5dc678be66d7ff0ce3aa6f9236fefba23050843a..d25d0bbcd34d583fef8e4bda2aa34e5bdb6982b0 100644 (file)
@@ -63,6 +63,9 @@ pub async fn match_websocket_operation(
     UserOperation::SaveUserSettings => {
       do_websocket_operation::<SaveUserSettings>(context, id, op, data).await
     }
+    UserOperation::ChangePassword => {
+      do_websocket_operation::<ChangePassword>(context, id, op, data).await
+    }
     UserOperation::GetReportCount => {
       do_websocket_operation::<GetReportCount>(context, id, op, data).await
     }
index 656ddf9719fec29b859659f04cae6be112228143..d19171496fd6a08a9e932c2f334917ee74bbf3e7 100644 (file)
@@ -191,44 +191,9 @@ impl Perform for SaveUserSettings {
 
     let local_user_id = local_user_view.local_user.id;
     let person_id = local_user_view.person.id;
-    let password_encrypted = match &data.new_password {
-      Some(new_password) => {
-        match &data.new_password_verify {
-          Some(new_password_verify) => {
-            password_length_check(&new_password)?;
-
-            // Make sure passwords match
-            if new_password != new_password_verify {
-              return Err(ApiError::err("passwords_dont_match").into());
-            }
-
-            // Check the old password
-            match &data.old_password {
-              Some(old_password) => {
-                let valid: bool =
-                  verify(old_password, &local_user_view.local_user.password_encrypted)
-                    .unwrap_or(false);
-                if !valid {
-                  return Err(ApiError::err("password_incorrect").into());
-                }
-                let new_password = new_password.to_owned();
-                let user = blocking(context.pool(), move |conn| {
-                  LocalUser::update_password(conn, local_user_id, &new_password)
-                })
-                .await??;
-                user.password_encrypted
-              }
-              None => return Err(ApiError::err("password_incorrect").into()),
-            }
-          }
-          None => return Err(ApiError::err("passwords_dont_match").into()),
-        }
-      }
-      None => local_user_view.local_user.password_encrypted,
-    };
-
     let default_listing_type = data.default_listing_type;
     let default_sort_type = data.default_sort_type;
+    let password_encrypted = local_user_view.local_user.password_encrypted;
 
     let person_form = PersonForm {
       name: local_user_view.person.name,
@@ -301,6 +266,49 @@ impl Perform for SaveUserSettings {
   }
 }
 
+#[async_trait::async_trait(?Send)]
+impl Perform for ChangePassword {
+  type Response = LoginResponse;
+
+  async fn perform(
+    &self,
+    context: &Data<LemmyContext>,
+    _websocket_id: Option<ConnectionId>,
+  ) -> Result<LoginResponse, LemmyError> {
+    let data: &ChangePassword = &self;
+    let local_user_view = get_local_user_view_from_jwt(&data.auth, context.pool()).await?;
+
+    password_length_check(&data.new_password)?;
+
+    // Make sure passwords match
+    if data.new_password != data.new_password_verify {
+      return Err(ApiError::err("passwords_dont_match").into());
+    }
+
+    // Check the old password
+    let valid: bool = verify(
+      &data.old_password,
+      &local_user_view.local_user.password_encrypted,
+    )
+    .unwrap_or(false);
+    if !valid {
+      return Err(ApiError::err("password_incorrect").into());
+    }
+
+    let local_user_id = local_user_view.local_user.id;
+    let new_password = data.new_password.to_owned();
+    let updated_local_user = blocking(context.pool(), move |conn| {
+      LocalUser::update_password(conn, local_user_id, &new_password)
+    })
+    .await??;
+
+    // Return the jwt
+    Ok(LoginResponse {
+      jwt: Claims::jwt(updated_local_user.id.0)?,
+    })
+  }
+}
+
 #[async_trait::async_trait(?Send)]
 impl Perform for AddAdmin {
   type Response = AddAdminResponse;
index 7767da460d82e118f7b21c51774eb0fcf6e2aad9..53033a9205083b73ab285f0b4d5d79ae89436adb 100644 (file)
@@ -57,14 +57,19 @@ pub struct SaveUserSettings {
   pub email: Option<String>,
   pub bio: Option<String>,
   pub matrix_user_id: Option<String>,
-  pub new_password: Option<String>,
-  pub new_password_verify: Option<String>,
-  pub old_password: Option<String>,
   pub show_avatars: Option<bool>,
   pub send_notifications_to_email: Option<bool>,
   pub auth: String,
 }
 
+#[derive(Deserialize)]
+pub struct ChangePassword {
+  pub new_password: String,
+  pub new_password_verify: String,
+  pub old_password: String,
+  pub auth: String,
+}
+
 #[derive(Serialize)]
 pub struct LoginResponse {
   pub jwt: String,
index 0b2a9fb4fbd69f6ad7b441f7d4d79ddb0528730b..f5f5f08045e5dfb69bd3cbcbb49d79dfb0e18019 100644 (file)
@@ -123,6 +123,7 @@ pub enum UserOperation {
   PostJoin,
   CommunityJoin,
   ModJoin,
+  ChangePassword,
 }
 
 #[derive(EnumString, ToString, Debug, Clone)]
index e0158c33826008f774a41a568d24482ca386e5ea..f8e8f7e18bf6ec91f6055aae727c1ed2957b6399 100644 (file)
@@ -182,6 +182,10 @@ pub fn config(cfg: &mut web::ServiceConfig, rate_limit: &RateLimit) {
             "/save_user_settings",
             web::put().to(route_post::<SaveUserSettings>),
           )
+          .route(
+            "/change_password",
+            web::put().to(route_post::<ChangePassword>),
+          )
           .route("/report_count", web::get().to(route_get::<GetReportCount>)),
       )
       // Admin Actions