MCPcopy Index your code
hub / github.com/dnote/dnote / PasswordUpdate

Method PasswordUpdate

pkg/server/controllers/users.go:463–506  ·  view source on GitHub ↗
(w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

461}
462
463func (u *Users) PasswordUpdate(w http.ResponseWriter, r *http.Request) {
464 vd := views.Data{}
465
466 user := context.User(r.Context())
467 if user == nil {
468 handleHTMLError(w, r, app.ErrLoginRequired, "No authenticated user found", u.SettingView, vd)
469 return
470 }
471
472 var form updatePasswordForm
473 if err := parseRequestData(r, &form); err != nil {
474 handleHTMLError(w, r, err, "parsing payload", u.LoginView, vd)
475 return
476 }
477
478 if form.OldPassword == "" || form.NewPassword == "" {
479 handleHTMLError(w, r, app.ErrInvalidPasswordChangeInput, "invalid params", u.SettingView, vd)
480 return
481 }
482 if form.NewPassword != form.NewPasswordConfirmation {
483 handleHTMLError(w, r, app.ErrPasswordConfirmationMismatch, "passwords do not match", u.SettingView, vd)
484 return
485 }
486
487 password := []byte(form.OldPassword)
488 if err := bcrypt.CompareHashAndPassword([]byte(user.Password.String), password); err != nil {
489 log.WithFields(log.Fields{
490 "user_id": user.ID,
491 }).Warn("invalid password update attempt")
492 handleHTMLError(w, r, app.ErrInvalidPassword, "invalid password", u.SettingView, vd)
493 return
494 }
495
496 if err := app.UpdateUserPassword(u.app.DB, user, form.NewPassword); err != nil {
497 handleHTMLError(w, r, err, "updating password", u.SettingView, vd)
498 return
499 }
500
501 alert := views.Alert{
502 Level: views.AlertLvlSuccess,
503 Message: "Password change successful",
504 }
505 views.RedirectAlert(w, r, "/", http.StatusFound, alert)
506}
507
508type updateProfileForm struct {
509 Email string `schema:"email"`

Callers

nothing calls this directly

Calls 7

UserFunction · 0.92
WithFieldsFunction · 0.92
UpdateUserPasswordFunction · 0.92
RedirectAlertFunction · 0.92
handleHTMLErrorFunction · 0.85
parseRequestDataFunction · 0.85
WarnMethod · 0.80

Tested by

no test coverage detected