2 use actix_web::web::Data;
3 use lemmy_api_common::{
5 person::{PasswordReset, PasswordResetResponse},
6 utils::send_password_reset_email,
8 use lemmy_db_schema::source::password_reset_request::PasswordResetRequest;
9 use lemmy_db_views::structs::LocalUserView;
10 use lemmy_utils::error::{LemmyError, LemmyErrorExt, LemmyErrorType};
12 #[async_trait::async_trait(?Send)]
13 impl Perform for PasswordReset {
14 type Response = PasswordResetResponse;
16 #[tracing::instrument(skip(self, context))]
19 context: &Data<LemmyContext>,
20 ) -> Result<PasswordResetResponse, LemmyError> {
21 let data: &PasswordReset = self;
24 let email = data.email.to_lowercase();
25 let local_user_view = LocalUserView::find_by_email(&mut context.pool(), &email)
27 .with_lemmy_type(LemmyErrorType::IncorrectLogin)?;
29 // Check for too many attempts (to limit potential abuse)
30 let recent_resets_count = PasswordResetRequest::get_recent_password_resets_count(
32 local_user_view.local_user.id,
35 if recent_resets_count >= 3 {
36 return Err(LemmyErrorType::PasswordResetLimitReached)?;
39 // Email the pure token to the user.
40 send_password_reset_email(&local_user_view, &mut context.pool(), context.settings()).await?;
41 Ok(PasswordResetResponse {})