Files
authorizer/server/resolvers/reset_password.go

75 lines
2.1 KiB
Go
Raw Normal View History

package resolvers
import (
"context"
"fmt"
"strings"
2022-01-08 23:01:06 +05:30
"time"
"github.com/authorizerdev/authorizer/server/constants"
2022-02-28 21:26:49 +05:30
"github.com/authorizerdev/authorizer/server/crypto"
2021-07-23 21:57:44 +05:30
"github.com/authorizerdev/authorizer/server/db"
2022-01-17 11:32:13 +05:30
"github.com/authorizerdev/authorizer/server/envstore"
2021-07-23 21:57:44 +05:30
"github.com/authorizerdev/authorizer/server/graph/model"
"github.com/authorizerdev/authorizer/server/token"
2022-03-02 17:42:31 +05:30
"github.com/authorizerdev/authorizer/server/utils"
)
2022-01-17 11:32:13 +05:30
// ResetPasswordResolver is a resolver for reset password mutation
func ResetPasswordResolver(ctx context.Context, params model.ResetPasswordInput) (*model.Response, error) {
var res *model.Response
2022-03-02 17:42:31 +05:30
gc, err := utils.GinContextFromContext(ctx)
if err != nil {
return res, err
}
2022-02-28 07:55:01 +05:30
if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableBasicAuthentication) {
return res, fmt.Errorf(`basic authentication is disabled for this instance`)
}
2022-01-21 13:34:04 +05:30
verificationRequest, err := db.Provider.GetVerificationRequestByToken(params.Token)
if err != nil {
return res, fmt.Errorf(`invalid token`)
}
if params.Password != params.ConfirmPassword {
return res, fmt.Errorf(`passwords don't match`)
}
// verify if token exists in db
2022-03-02 17:42:31 +05:30
hostname := utils.GetHost(gc)
claim, err := token.ParseJWTToken(params.Token, hostname, verificationRequest.Nonce, verificationRequest.Email)
if err != nil {
return res, fmt.Errorf(`invalid token`)
}
2022-03-02 17:42:31 +05:30
user, err := db.Provider.GetUserByEmail(claim["sub"].(string))
if err != nil {
return res, err
}
2022-02-28 21:26:49 +05:30
password, _ := crypto.EncryptPassword(params.Password)
2021-12-22 15:31:45 +05:30
user.Password = &password
signupMethod := user.SignupMethods
2022-01-17 11:32:13 +05:30
if !strings.Contains(signupMethod, constants.SignupMethodBasicAuth) {
signupMethod = signupMethod + "," + constants.SignupMethodBasicAuth
}
user.SignupMethods = signupMethod
2022-01-08 23:01:06 +05:30
// helpful if user has not signed up with basic auth
if user.EmailVerifiedAt == nil {
now := time.Now().Unix()
user.EmailVerifiedAt = &now
}
// delete from verification table
2022-01-21 13:34:04 +05:30
db.Provider.DeleteVerificationRequest(verificationRequest)
db.Provider.UpdateUser(user)
res = &model.Response{
Message: `Password updated successfully.`,
}
return res, nil
}