2021-07-21 08:06:26 +00:00
|
|
|
package resolvers
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"fmt"
|
2021-08-04 10:25:13 +00:00
|
|
|
"strings"
|
2022-01-08 17:31:06 +00:00
|
|
|
"time"
|
2021-07-21 08:06:26 +00:00
|
|
|
|
2021-07-28 09:52:11 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/constants"
|
2022-02-28 15:56:49 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/crypto"
|
2021-07-23 16:27:44 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/db"
|
2022-01-17 06:02:13 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/envstore"
|
2021-07-23 16:27:44 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/graph/model"
|
2022-01-22 19:54:41 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/token"
|
2022-03-02 12:12:31 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/utils"
|
2021-07-21 08:06:26 +00:00
|
|
|
)
|
|
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// ResetPasswordResolver is a resolver for reset password mutation
|
|
|
|
|
func ResetPasswordResolver(ctx context.Context, params model.ResetPasswordInput) (*model.Response, error) {
|
2021-07-21 08:06:26 +00:00
|
|
|
var res *model.Response
|
2022-03-02 12:12:31 +00:00
|
|
|
gc, err := utils.GinContextFromContext(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return res, err
|
|
|
|
|
}
|
2022-02-28 02:25:01 +00:00
|
|
|
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
|
2021-07-28 09:52:11 +00:00
|
|
|
return res, fmt.Errorf(`basic authentication is disabled for this instance`)
|
|
|
|
|
}
|
2021-07-21 08:06:26 +00:00
|
|
|
|
2022-01-21 08:04:04 +00:00
|
|
|
verificationRequest, err := db.Provider.GetVerificationRequestByToken(params.Token)
|
2021-07-21 08:06:26 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return res, fmt.Errorf(`invalid token`)
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-10 16:50:24 +00:00
|
|
|
if params.Password != params.ConfirmPassword {
|
|
|
|
|
return res, fmt.Errorf(`passwords don't match`)
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-21 08:06:26 +00:00
|
|
|
// verify if token exists in db
|
2022-03-02 12:12:31 +00:00
|
|
|
hostname := utils.GetHost(gc)
|
2022-03-08 07:06:26 +00:00
|
|
|
claim, err := token.ParseJWTToken(params.Token, hostname, verificationRequest.Nonce, verificationRequest.Email)
|
2021-07-21 08:06:26 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return res, fmt.Errorf(`invalid token`)
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-02 12:12:31 +00:00
|
|
|
user, err := db.Provider.GetUserByEmail(claim["sub"].(string))
|
2021-07-21 08:06:26 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return res, err
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-28 15:56:49 +00:00
|
|
|
password, _ := crypto.EncryptPassword(params.Password)
|
2021-12-22 10:01:45 +00:00
|
|
|
user.Password = &password
|
2021-07-21 08:06:26 +00:00
|
|
|
|
2021-12-22 05:21:12 +00:00
|
|
|
signupMethod := user.SignupMethods
|
2022-01-17 06:02:13 +00:00
|
|
|
if !strings.Contains(signupMethod, constants.SignupMethodBasicAuth) {
|
|
|
|
|
signupMethod = signupMethod + "," + constants.SignupMethodBasicAuth
|
2021-08-04 10:25:13 +00:00
|
|
|
}
|
2021-12-22 05:21:12 +00:00
|
|
|
user.SignupMethods = signupMethod
|
2021-08-04 10:25:13 +00:00
|
|
|
|
2022-01-08 17:31:06 +00:00
|
|
|
// helpful if user has not signed up with basic auth
|
|
|
|
|
if user.EmailVerifiedAt == nil {
|
|
|
|
|
now := time.Now().Unix()
|
|
|
|
|
user.EmailVerifiedAt = &now
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-21 08:06:26 +00:00
|
|
|
// delete from verification table
|
2022-01-21 08:04:04 +00:00
|
|
|
db.Provider.DeleteVerificationRequest(verificationRequest)
|
|
|
|
|
db.Provider.UpdateUser(user)
|
2021-07-21 08:06:26 +00:00
|
|
|
|
|
|
|
|
res = &model.Response{
|
|
|
|
|
Message: `Password updated successfully.`,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res, nil
|
|
|
|
|
}
|
