#16 Implement Password reset

author: vantezzen <hello@vantezzen.io> 2020-04-02 17:09:11 +0200
committer: vantezzen <hello@vantezzen.io> 2020-04-02 17:09:11 +0200
commit: 6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa (patch)
tree: 77778897d7411d7c273d1b1bdf7caf7ba75f85e2 /app
parent: Upgrade dependencies (diff)
download: ferdium-server-6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa.tar.gz
ferdium-server-6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa.tar.zst
ferdium-server-6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa.zip
2 files changed, 64 insertions, 0 deletions
diff --git a/app/Controllers/Http/DashboardController.js b/app/Controllers/Http/DashboardController.js
index a47beb6..3de4816 100644
--- a/app/Controllers/Http/DashboardController.js
+++ b/app/Controllers/Http/DashboardController.js
@@ -5,6 +5,7 @@ const {
 const Service = use('App/Models/Service');
 const Workspace = use('App/Models/Workspace');
+const Persona = use('Persona');
 const crypto = require('crypto');
 const uuid = require('uuid/v4');
@@ -47,6 +48,66 @@ class DashboardController {
    return response.redirect('/user/account');
  }
+  async forgotPassword({
+    request,
+    view,
+  }) {
+    const validation = await validateAll(request.all(), {
+      mail: 'required|email',
+    });
+    if (validation.fails()) {
+      return view.render('others.message', {
+        heading: 'Cannot reset your password',
+        text: 'If your provided E-Mail address is linked to an account, we have just sent an E-Mail to that address.',
+      });
+    }
+    try {
+      await Persona.forgotPassword(request.input('mail'));
+    } catch(e) {}
+    return view.render('others.message', {
+      heading: 'Reset password',
+      text: 'If your provided E-Mail address is linked to an account, we have just sent an E-Mail to that address.',
+    });
+  }
+  async resetPassword({
+    request,
+    view,
+  }) {
+    const validation = await validateAll(request.all(), {
+      password: 'required',
+      password_confirmation: 'required',
+      token: 'required',
+    });
+    if (validation.fails()) {
+      session.withErrors({
+        type: 'danger',
+        message: 'Passwords do not match',
+      });
+      return response.redirect('back');
+    }
+    const payload = {
+      password: crypto.createHash('sha256').update(request.input('password')).digest('base64'),
+      password_confirmation: crypto.createHash('sha256').update(request.input('password_confirmation')).digest('base64'),
+    }
+    try {
+      await Persona.updatePasswordByToken(request.input('token'), payload);
+    } catch(e) {
+      return view.render('others.message', {
+        heading: 'Cannot reset your password',
+        text: 'Please make sure you are using a valid and recent link to reset your password and that your passwords entered match.',
+      });
+    }
+    return view.render('others.message', {
+      heading: 'Reset password',
+      text: 'Successfully reset your password. You can now login to your account using your new password.',
+    });
+  }
  async account({
    auth,
    view,
diff --git a/app/Models/Token.js b/app/Models/Token.js
index f6bec08..50bcf1d 100644
--- a/app/Models/Token.js
+++ b/app/Models/Token.js
@@ -3,6 +3,9 @@
 const Model = use('Model');
 class Token extends Model {
+  user() {
+    return this.belongsTo('App/Models/User')
+  }
 }
 module.exports = Token;
author	vantezzen <hello@vantezzen.io>	2020-04-02 17:09:11 +0200
committer	vantezzen <hello@vantezzen.io>	2020-04-02 17:09:11 +0200
commit	6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa (patch)
tree	77778897d7411d7c273d1b1bdf7caf7ba75f85e2 /app
parent	Upgrade dependencies (diff)
download	ferdium-server-6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa.tar.gz ferdium-server-6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa.tar.zst ferdium-server-6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa.zip

diff --git a/app/Controllers/Http/DashboardController.js b/app/Controllers/Http/DashboardController.js index a47beb6..3de4816 100644 --- a/app/Controllers/Http/DashboardController.js +++ b/app/Controllers/Http/DashboardController.js
@@ -5,6 +5,7 @@ const {
5		5
6	const Service = use('App/Models/Service');	6	const Service = use('App/Models/Service');
7	const Workspace = use('App/Models/Workspace');	7	const Workspace = use('App/Models/Workspace');
		8	const Persona = use('Persona');
8		9
9	const crypto = require('crypto');	10	const crypto = require('crypto');
10	const uuid = require('uuid/v4');	11	const uuid = require('uuid/v4');
@@ -47,6 +48,66 @@ class DashboardController {
47	return response.redirect('/user/account');	48	return response.redirect('/user/account');
48	}	49	}
49		50
		51	async forgotPassword({
		52	request,
		53	view,
		54	}) {
		55	const validation = await validateAll(request.all(), {
		56	mail: 'required\|email',
		57	});
		58	if (validation.fails()) {
		59	return view.render('others.message', {
		60	heading: 'Cannot reset your password',
		61	text: 'If your provided E-Mail address is linked to an account, we have just sent an E-Mail to that address.',
		62	});
		63	}
		64	try {
		65	await Persona.forgotPassword(request.input('mail'));
		66	} catch(e) {}
		67
		68	return view.render('others.message', {
		69	heading: 'Reset password',
		70	text: 'If your provided E-Mail address is linked to an account, we have just sent an E-Mail to that address.',
		71	});
		72	}
		73
		74	async resetPassword({
		75	request,
		76	view,
		77	}) {
		78	const validation = await validateAll(request.all(), {
		79	password: 'required',
		80	password_confirmation: 'required',
		81	token: 'required',
		82	});
		83	if (validation.fails()) {
		84	session.withErrors({
		85	type: 'danger',
		86	message: 'Passwords do not match',
		87	});
		88	return response.redirect('back');
		89	}
		90
		91	const payload = {
		92	password: crypto.createHash('sha256').update(request.input('password')).digest('base64'),
		93	password_confirmation: crypto.createHash('sha256').update(request.input('password_confirmation')).digest('base64'),
		94	}
		95
		96	try {
		97	await Persona.updatePasswordByToken(request.input('token'), payload);
		98	} catch(e) {
		99	return view.render('others.message', {
		100	heading: 'Cannot reset your password',
		101	text: 'Please make sure you are using a valid and recent link to reset your password and that your passwords entered match.',
		102	});
		103	}
		104
		105	return view.render('others.message', {
		106	heading: 'Reset password',
		107	text: 'Successfully reset your password. You can now login to your account using your new password.',
		108	});
		109	}
		110
50	async account({	111	async account({
51	auth,	112	auth,
52	view,	113	view,


diff --git a/app/Models/Token.js b/app/Models/Token.js index f6bec08..50bcf1d 100644 --- a/app/Models/Token.js +++ b/app/Models/Token.js
@@ -3,6 +3,9 @@
3	const Model = use('Model');	3	const Model = use('Model');
4		4
5	class Token extends Model {	5	class Token extends Model {
		6	user() {
		7	return this.belongsTo('App/Models/User')
		8	}
6	}	9	}
7		10
8	module.exports = Token;	11	module.exports = Token;