MCPcopy
hub / github.com/knadh/listmonk / doForgotPassword

Method doForgotPassword

cmd/auth.go:581–645  ·  view source on GitHub ↗

doForgotPassword handles the forgot password form submission.

(c echo.Context)

Source from the content-addressed store, hash-verified

579
580// doForgotPassword handles the forgot password form submission.
581func (a *App) doForgotPassword(c echo.Context) error {
582 var (
583 email = strings.ToLower(strings.TrimSpace(c.FormValue("email")))
584 )
585
586 // Validate email format.
587 if !utils.ValidateEmail(email) {
588 return c.Render(http.StatusOK, tplMessage, makeMsgTpl(a.i18n.T("users.resetPassword"), "", a.i18n.T("users.resetLinkSent")))
589 }
590
591 // Get the user by email.
592 user, err := a.core.GetUser(0, "", email)
593 if err != nil {
594 return c.Render(http.StatusOK, tplMessage, makeMsgTpl(a.i18n.T("users.resetPassword"), "", a.i18n.T("users.resetLinkSent")))
595 }
596
597 // If the password login is disabled, do not proceed, but show success message to prevent email enumeration.
598 if !user.PasswordLogin {
599 return c.Render(http.StatusOK, tplMessage, makeMsgTpl(a.i18n.T("users.resetPassword"), "", a.i18n.T("users.resetLinkSent")))
600 }
601
602 // Generate a random token.
603 token, err := generateRandomString(tmpAuthTokenLen)
604 if err != nil {
605 a.log.Printf("error generating reset token: %v", err)
606 return echo.NewHTTPError(http.StatusInternalServerError, a.i18n.T("globals.messages.internalError"))
607 }
608
609 // Store the reset token in tmptokens.
610 tmptokens.Set(email, passwordResetTTL, token)
611
612 // Prepare the reset URL.
613 resetURL := fmt.Sprintf("%s/admin/reset?token=%s&email=%s", a.urlCfg.RootURL, token, url.QueryEscape(email))
614
615 // Prepare the email.
616 var msg bytes.Buffer
617 data := struct {
618 ResetURL string
619 L *i18n.I18n
620 }{
621 ResetURL: resetURL,
622 L: a.i18n,
623 }
624
625 // Render the email template.
626 if err := notifs.Tpls.ExecuteTemplate(&msg, notifs.TplForgotPassword, data); err != nil {
627 a.log.Printf("error compiling notification template '%s': %v", notifs.TplForgotPassword, err)
628 return echo.NewHTTPError(http.StatusInternalServerError, a.i18n.T("globals.messages.internalError"))
629 }
630
631 subject, body := notifs.GetTplSubject(a.i18n.T("email.forgotPassword.subject"), msg.Bytes())
632
633 // Send the email.
634 if err := a.emailMsgr.Push(models.Message{
635 From: a.cfg.FromEmail,
636 To: []string{email},
637 Subject: subject,
638 Body: body,

Callers 1

ForgotPageMethod · 0.95

Calls 9

ValidateEmailFunction · 0.92
SetFunction · 0.92
GetTplSubjectFunction · 0.92
makeMsgTplFunction · 0.85
generateRandomStringFunction · 0.85
TMethod · 0.80
PushMethod · 0.65
RenderMethod · 0.45
GetUserMethod · 0.45

Tested by

no test coverage detected