2 use actix_web::web::Data;
3 use lemmy_api_common::{
5 person::{LoginResponse, PasswordChangeAfterReset},
6 utils::password_length_check,
8 use lemmy_db_schema::source::{
9 local_site::RegistrationMode,
10 local_user::LocalUser,
11 password_reset_request::PasswordResetRequest,
13 use lemmy_db_views::structs::SiteView;
14 use lemmy_utils::{claims::Claims, error::LemmyError, ConnectionId};
16 #[async_trait::async_trait(?Send)]
17 impl Perform for PasswordChangeAfterReset {
18 type Response = LoginResponse;
20 #[tracing::instrument(skip(self, context, _websocket_id))]
23 context: &Data<LemmyContext>,
24 _websocket_id: Option<ConnectionId>,
25 ) -> Result<LoginResponse, LemmyError> {
26 let data: &PasswordChangeAfterReset = self;
28 // Fetch the user_id from the token
29 let token = data.token.clone();
30 let local_user_id = PasswordResetRequest::read_from_token(context.pool(), &token)
32 .map(|p| p.local_user_id)?;
34 password_length_check(&data.password)?;
36 // Make sure passwords match
37 if data.password != data.password_verify {
38 return Err(LemmyError::from_message("passwords_dont_match"));
41 // Update the user with the new password
42 let password = data.password.clone();
43 let updated_local_user = LocalUser::update_password(context.pool(), local_user_id, &password)
45 .map_err(|e| LemmyError::from_error_message(e, "couldnt_update_user"))?;
47 // Return the jwt if login is allowed
48 let site_view = SiteView::read_local(context.pool()).await?;
49 let jwt = if site_view.local_site.registration_mode == RegistrationMode::RequireApplication
50 && !updated_local_user.accepted_application
56 updated_local_user.id.0,
57 &context.secret().jwt_secret,
58 &context.settings().hostname,
66 verify_email_sent: false,
67 registration_created: false,