(app *App, w http.ResponseWriter, r *http.Request)
| 1242 | } |
| 1243 | |
| 1244 | func viewResetPassword(app *App, w http.ResponseWriter, r *http.Request) error { |
| 1245 | token := r.FormValue("t") |
| 1246 | resetting := false |
| 1247 | var userID int64 = 0 |
| 1248 | if token != "" { |
| 1249 | // Show new password page |
| 1250 | userID = app.db.GetUserFromPasswordReset(token) |
| 1251 | if userID == 0 { |
| 1252 | return impart.HTTPError{http.StatusNotFound, ""} |
| 1253 | } |
| 1254 | resetting = true |
| 1255 | } |
| 1256 | |
| 1257 | if r.Method == http.MethodPost { |
| 1258 | newPass := r.FormValue("new-pass") |
| 1259 | if newPass == "" { |
| 1260 | // Send password reset email |
| 1261 | return handleResetPasswordInit(app, w, r) |
| 1262 | } |
| 1263 | |
| 1264 | // Do actual password reset |
| 1265 | // Assumes token has been validated above |
| 1266 | err := doAutomatedPasswordChange(app, userID, newPass) |
| 1267 | if err != nil { |
| 1268 | return err |
| 1269 | } |
| 1270 | err = app.db.ConsumePasswordResetToken(token) |
| 1271 | if err != nil { |
| 1272 | log.Error("Couldn't consume token %s for user %d!!! %s", token, userID, err) |
| 1273 | } |
| 1274 | addSessionFlash(app, w, r, "Your password was reset. Now you can log in below.", nil) |
| 1275 | return impart.HTTPError{http.StatusFound, "/login"} |
| 1276 | } |
| 1277 | |
| 1278 | f, _ := getSessionFlashes(app, w, r, nil) |
| 1279 | |
| 1280 | // Show reset password page |
| 1281 | d := struct { |
| 1282 | page.StaticPage |
| 1283 | Flashes []string |
| 1284 | EmailEnabled bool |
| 1285 | CSRFField template.HTML |
| 1286 | Token string |
| 1287 | IsResetting bool |
| 1288 | IsSent bool |
| 1289 | }{ |
| 1290 | StaticPage: pageForReq(app, r), |
| 1291 | Flashes: f, |
| 1292 | EmailEnabled: app.cfg.Email.Enabled(), |
| 1293 | CSRFField: csrf.TemplateField(r), |
| 1294 | Token: token, |
| 1295 | IsResetting: resetting, |
| 1296 | IsSent: r.FormValue("sent") == "1", |
| 1297 | } |
| 1298 | err := pages["reset.tmpl"].ExecuteTemplate(w, "base", d) |
| 1299 | if err != nil { |
| 1300 | log.Error("Unable to render password reset page: %v", err) |
| 1301 | return err |
nothing calls this directly
no test coverage detected