From 6ed9da44690d5f68a5bb4e398c0a4ad4083ed6fa Mon Sep 17 00:00:00 2001
From: vantezzen <hello@vantezzen.io>
Date: Thu, 2 Apr 2020 17:09:11 +0200
Subject: #16 Implement Password reset

---
 app/Controllers/Http/DashboardController.js | 61 +++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

(limited to 'app/Controllers/Http')

diff --git a/app/Controllers/Http/DashboardController.js b/app/Controllers/Http/DashboardController.js
index a47beb6..3de4816 100644
--- a/app/Controllers/Http/DashboardController.js
+++ b/app/Controllers/Http/DashboardController.js
@@ -5,6 +5,7 @@ const {
 
 const Service = use('App/Models/Service');
 const Workspace = use('App/Models/Workspace');
+const Persona = use('Persona');
 
 const crypto = require('crypto');
 const uuid = require('uuid/v4');
@@ -47,6 +48,66 @@ class DashboardController {
     return response.redirect('/user/account');
   }
 
+  async forgotPassword({
+    request,
+    view,
+  }) {
+    const validation = await validateAll(request.all(), {
+      mail: 'required|email',
+    });
+    if (validation.fails()) {
+      return view.render('others.message', {
+        heading: 'Cannot reset your password',
+        text: 'If your provided E-Mail address is linked to an account, we have just sent an E-Mail to that address.',
+      });
+    }
+    try {
+      await Persona.forgotPassword(request.input('mail'));
+    } catch(e) {}
+
+    return view.render('others.message', {
+      heading: 'Reset password',
+      text: 'If your provided E-Mail address is linked to an account, we have just sent an E-Mail to that address.',
+    });
+  }
+
+  async resetPassword({
+    request,
+    view,
+  }) {
+    const validation = await validateAll(request.all(), {
+      password: 'required',
+      password_confirmation: 'required',
+      token: 'required',
+    });
+    if (validation.fails()) {
+      session.withErrors({
+        type: 'danger',
+        message: 'Passwords do not match',
+      });
+      return response.redirect('back');
+    }
+
+    const payload = {
+      password: crypto.createHash('sha256').update(request.input('password')).digest('base64'),
+      password_confirmation: crypto.createHash('sha256').update(request.input('password_confirmation')).digest('base64'),
+    }
+
+    try {
+      await Persona.updatePasswordByToken(request.input('token'), payload);
+    } catch(e) {
+      return view.render('others.message', {
+        heading: 'Cannot reset your password',
+        text: 'Please make sure you are using a valid and recent link to reset your password and that your passwords entered match.',
+      });
+    }
+
+    return view.render('others.message', {
+      heading: 'Reset password',
+      text: 'Successfully reset your password. You can now login to your account using your new password.',
+    });
+  }
+
   async account({
     auth,
     view,
-- 
cgit v1.2.3-54-g00ecf