senaduka/old-svijetlastrana
1
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

handle complete

Browse Source
This commit is contained in:
GotPPay
2018-06-01 12:06:55 +02:00
parent f61c8b084d
commit 4b78235ed7
2 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
data/datamysql/passwordreset.go
View File

@@ -112,8 +112,8 @@ func (c *passwordResetRepo) GetByToken(token string) (entity.PasswordReset, erro
func (c *passwordResetRepo) SetTokenOpened(token string) error { func (c *passwordResetRepo) SetTokenOpened(token string) error {
const ( const (
query = `UPDATE tab_password_reset a query = `UPDATE tab_password_reset a
SET a.opened = 1, SET a.opened = 1
WHERE a.token = ? AND a.used = 0 AND a.expire_date < CURRENT_TIMESTAMP` WHERE a.token = ? AND a.used = 0 AND a.expire_date > CURRENT_TIMESTAMP`
) )
result, err := c.conn.Exec(query, token) result, err := c.conn.Exec(query, token)
@@ -132,7 +132,7 @@ func (c *passwordResetRepo) SetTokenUsed(token string) error {
const ( const (
query = `UPDATE tab_password_reset a query = `UPDATE tab_password_reset a
SET a.opened = 1, SET a.opened = 1,
a.used = 1, a.used = 1
WHERE a.token = ? AND a.used = 0` WHERE a.token = ? AND a.used = 0`
) )

23
server/router/passwordresetroute/controller.go
View File

@@ -4,6 +4,7 @@ import (
"crypto/sha256" "crypto/sha256"
"fmt" "fmt"
"math/rand" "math/rand"
"strings"
"sync" "sync"
"time" "time"
@@ -87,7 +88,7 @@ func (c *controller) handleResetRequest(ctx echo.Context) error {
notification := viewmodel.Notification{ notification := viewmodel.Notification{
Type: applicationservice.NotificationTypeEmail, Type: applicationservice.NotificationTypeEmail,
From: c.cfg.Email.Sender, From: c.cfg.Email.Sender,
To: *user.Email, To: "test.test.no@yandex.com",
Subject: passwordResetEmailSubject, Subject: passwordResetEmailSubject,
Message: passwordResetEmailMainBody + token + passwordResetEmailFooter, Message: passwordResetEmailMainBody + token + passwordResetEmailFooter,
} }
@@ -111,11 +112,27 @@ func (c *controller) handleResetComplete(ctx echo.Context) error {
return routeutils.HandleAPIError(ctx, err) return routeutils.HandleAPIError(ctx, err)
} }
//get full user data connecting user ID and token in password reset table if len(strings.TrimSpace(user.Pass)) < 1 {
routeutils.ResponseAPIPasswordResetFailed(ctx, "No password")
}
passwordResetEntry, err := c.svc.PasswordReset.GetByToken(userToken)
if err != nil || len(passwordResetEntry.Token) < 1 || passwordResetEntry.Expires.Before(time.Now()) || passwordResetEntry.Used == true {
routeutils.ResponseAPIPasswordResetFailed(ctx, "Token error")
}
fullUserData, err := c.svc.Users.GetByUUID(passwordResetEntry.User.ID, "")
if err != nil {
routeutils.ResponseAPIPasswordResetFailed(ctx, "User problem")
}
fmt.Println(fullUserData)
//write new password in database //write new password in database
//set token used if err := c.svc.PasswordReset.SetTokenUsed(userToken); err != nil {
routeutils.ResponseAPIPasswordResetFailed(ctx, "Reset failed")
}
return routeutils.ResponseAPIOK(ctx, nil) return routeutils.ResponseAPIOK(ctx, nil)
} }