2 use actix_web::web::Data;
3 use lemmy_api_common::{
5 person::{LoginResponse, PasswordChangeAfterReset},
6 utils::password_length_check,
9 source::{local_user::LocalUser, password_reset_request::PasswordResetRequest},
12 use lemmy_db_views::structs::SiteView;
15 error::{LemmyError, LemmyErrorExt, LemmyErrorType},
18 #[async_trait::async_trait(?Send)]
19 impl Perform for PasswordChangeAfterReset {
20 type Response = LoginResponse;
22 #[tracing::instrument(skip(self, context))]
23 async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
24 let data: &PasswordChangeAfterReset = self;
26 // Fetch the user_id from the token
27 let token = data.token.clone();
28 let local_user_id = PasswordResetRequest::read_from_token(context.pool(), &token)
30 .map(|p| p.local_user_id)?;
32 password_length_check(&data.password)?;
34 // Make sure passwords match
35 if data.password != data.password_verify {
36 return Err(LemmyErrorType::PasswordsDoNotMatch)?;
39 // Update the user with the new password
40 let password = data.password.clone();
41 let updated_local_user = LocalUser::update_password(context.pool(), local_user_id, &password)
43 .with_lemmy_type(LemmyErrorType::CouldntUpdateUser)?;
45 // Return the jwt if login is allowed
46 let site_view = SiteView::read_local(context.pool()).await?;
47 let jwt = if site_view.local_site.registration_mode == RegistrationMode::RequireApplication
48 && !updated_local_user.accepted_application
54 updated_local_user.id.0,
55 &context.secret().jwt_secret,
56 &context.settings().hostname,
64 verify_email_sent: false,
65 registration_created: false,