2 use actix_web::web::Data;
3 use lemmy_api_common::{
5 person::{LoginResponse, PasswordChangeAfterReset},
6 utils::password_length_check,
9 source::{local_user::LocalUser, password_reset_request::PasswordResetRequest},
12 use lemmy_db_views::structs::SiteView;
15 error::{LemmyError, LemmyErrorExt, LemmyErrorType},
18 #[async_trait::async_trait(?Send)]
19 impl Perform for PasswordChangeAfterReset {
20 type Response = LoginResponse;
22 #[tracing::instrument(skip(self, context))]
23 async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
24 let data: &PasswordChangeAfterReset = self;
26 // Fetch the user_id from the token
27 let token = data.token.clone();
28 let local_user_id = PasswordResetRequest::read_from_token(&mut context.pool(), &token)
30 .map(|p| p.local_user_id)?;
32 password_length_check(&data.password)?;
34 // Make sure passwords match
35 if data.password != data.password_verify {
36 return Err(LemmyErrorType::PasswordsDoNotMatch)?;
39 // Update the user with the new password
40 let password = data.password.clone();
41 let updated_local_user =
42 LocalUser::update_password(&mut context.pool(), local_user_id, &password)
44 .with_lemmy_type(LemmyErrorType::CouldntUpdateUser)?;
46 // Return the jwt if login is allowed
47 let site_view = SiteView::read_local(&mut context.pool()).await?;
48 let jwt = if site_view.local_site.registration_mode == RegistrationMode::RequireApplication
49 && !updated_local_user.accepted_application
55 updated_local_user.id.0,
56 &context.secret().jwt_secret,
57 &context.settings().hostname,
65 verify_email_sent: false,
66 registration_created: false,