package Auth
|
|
|
|
import (
|
|
"encoding/json"
|
|
"io/ioutil"
|
|
"net/http"
|
|
|
|
"git.tovijaeschke.xyz/tovi/Envelope/Backend/Database"
|
|
"git.tovijaeschke.xyz/tovi/Envelope/Backend/Models"
|
|
)
|
|
|
|
type rawChangePassword struct {
|
|
OldPassword string `json:"old_password"`
|
|
NewPassword string `json:"new_password"`
|
|
NewPasswordConfirm string `json:"new_password_confirm"`
|
|
PrivateKey string `json:"private_key"`
|
|
}
|
|
|
|
// ChangePassword handle change password action
|
|
func ChangePassword(w http.ResponseWriter, r *http.Request) {
|
|
var (
|
|
user Models.User
|
|
changePassword rawChangePassword
|
|
requestBody []byte
|
|
err error
|
|
)
|
|
|
|
user, err = CheckCookieCurrentUser(w, r)
|
|
if err != nil {
|
|
// Don't bother showing an error here, as the middleware handles auth
|
|
return
|
|
}
|
|
|
|
requestBody, err = ioutil.ReadAll(r.Body)
|
|
if err != nil {
|
|
http.Error(w, "Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
err = json.Unmarshal(requestBody, &changePassword)
|
|
if err != nil {
|
|
http.Error(w, "Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
if !CheckPasswordHash(changePassword.OldPassword, user.Password) {
|
|
http.Error(w, "Invalid Current Password", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
// This should never occur, due to frontend validation
|
|
if changePassword.NewPassword != changePassword.NewPasswordConfirm {
|
|
http.Error(w, "Invalid New Password", http.StatusUnprocessableEntity)
|
|
return
|
|
}
|
|
|
|
user.Password, err = HashPassword(changePassword.NewPassword)
|
|
if err != nil {
|
|
http.Error(w, "Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
// Private key doesn't change at this point, is just re-encrypted with the new password
|
|
user.AsymmetricPrivateKey = changePassword.PrivateKey
|
|
|
|
err = Database.UpdateUser(
|
|
user.ID.String(),
|
|
&user,
|
|
)
|
|
if err != nil {
|
|
http.Error(w, "Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
}
|