commento/api/owner_reset_password.go

package main

import (
	"golang.org/x/crypto/bcrypt"
	"net/http"
)

func ownerResetPassword(resetHex string, password string) error {
	if resetHex == "" || password == "" {
		return errorMissingField
	}

	passwordHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
	if err != nil {
		logger.Errorf("cannot generate hash from password: %v\n", err)
		return errorInternal
	}

	statement := `
		UPDATE owners SET passwordHash=$1
		WHERE email IN (
			SELECT email FROM ownerResetHexes
			WHERE resetHex=$2
		);
	`
	res, err := db.Exec(statement, string(passwordHash), resetHex)
	if err != nil {
		logger.Errorf("cannot change user's password: %v\n", err)
		return errorInternal
	}

	count, err := res.RowsAffected()
	if err != nil {
		logger.Errorf("cannot count rows affected: %v\n", err)
		return errorInternal
	}

	if count == 0 {
		return errorNoSuchResetToken
	}

	statement = `
		DELETE FROM ownerResetHexes
    WHERE resetHex=$1;
	`
	_, err = db.Exec(statement, resetHex)
	if err != nil {
		logger.Warningf("cannot remove reset token: %v\n", err)
	}

	return nil
}

func ownerResetPasswordHandler(w http.ResponseWriter, r *http.Request) {
	type request struct {
		ResetHex *string `json:"resetHex"`
		Password *string `json:"password"`
	}

	var x request
	if err := bodyUnmarshal(r, &x); err != nil {
		bodyMarshal(w, response{"success": false, "message": err.Error()})
		return
	}

	if err := ownerResetPassword(*x.ResetHex, *x.Password); err != nil {
		bodyMarshal(w, response{"success": false, "message": err.Error()})
		return
	}

	bodyMarshal(w, response{"success": true})
}
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`package main`

			`import (`
			`"golang.org/x/crypto/bcrypt"`
			`"net/http"`
			`)`

			`func ownerResetPassword(resetHex string, password string) error {`
			`if resetHex == "" \|\| password == "" {`
			`return errorMissingField`
			`}`

			`passwordHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)`
			`if err != nil {`
			`logger.Errorf("cannot generate hash from password: %v\n", err)`
			`return errorInternal`
			`}`

			statement := `
			`UPDATE owners SET passwordHash=$1`
			`WHERE email IN (`
			`SELECT email FROM ownerResetHexes`
			`WHERE resetHex=$2`
			`);`
			`
			`res, err := db.Exec(statement, string(passwordHash), resetHex)`
			`if err != nil {`
			`logger.Errorf("cannot change user's password: %v\n", err)`
			`return errorInternal`
			`}`

			`count, err := res.RowsAffected()`
			`if err != nil {`
			`logger.Errorf("cannot count rows affected: %v\n", err)`
			`return errorInternal`
			`}`

			`if count == 0 {`
			`return errorNoSuchResetToken`
			`}`

			statement = `
			`DELETE FROM ownerResetHexes`
			`WHERE resetHex=$1;`
			`
			`_, err = db.Exec(statement, resetHex)`
			`if err != nil {`
			`logger.Warningf("cannot remove reset token: %v\n", err)`
			`}`

			`return nil`
			`}`

			`func ownerResetPasswordHandler(w http.ResponseWriter, r *http.Request) {`
			`type request struct {`
			ResetHex *string `json:"resetHex"`
			Password *string `json:"password"`
			`}`

			`var x request`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`if err := bodyUnmarshal(r, &x); err != nil {`
			`bodyMarshal(w, response{"success": false, "message": err.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`

			`if err := ownerResetPassword(x.ResetHex, x.Password); err != nil {`
api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`bodyMarshal(w, response{"success": false, "message": err.Error()})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`return`
			`}`

api: standardise marshal and unmarshal fn names 2018-07-24 14:58:43 +08:00			`bodyMarshal(w, response{"success": true})`
api: Add go files I know this is a huge commit, but I can't be bothered to check this in part by part. 2018-05-27 22:40:42 +08:00			`}`