mirror of
https://gitlab.com/fabinfra/fabaccess/bffh.git
synced 2024-11-22 06:47:56 +01:00
Implement password change functionality
This commit is contained in:
parent
1fc13405e8
commit
70c94feced
@ -79,12 +79,21 @@ impl info::Server for User {
|
|||||||
impl manage::Server for User {
|
impl manage::Server for User {
|
||||||
fn pwd(
|
fn pwd(
|
||||||
&mut self,
|
&mut self,
|
||||||
_params: manage::PwdParams,
|
params: manage::PwdParams,
|
||||||
_results: manage::PwdResults,
|
_results: manage::PwdResults,
|
||||||
) -> Promise<(), ::capnp::Error> {
|
) -> Promise<(), ::capnp::Error> {
|
||||||
Promise::err(::capnp::Error::unimplemented(
|
let params = pry!(params.get());
|
||||||
"method not implemented".to_string(),
|
let old_pw = pry!(params.get_old_pwd());
|
||||||
))
|
let new_pw = pry!(params.get_new_pwd());
|
||||||
|
|
||||||
|
let uid = self.user.get_username();
|
||||||
|
if let Some(mut user) = self.session.users.get_user(uid) {
|
||||||
|
if let Ok(true) = user.check_password(old_pw.as_bytes()) {
|
||||||
|
user.set_pw(new_pw.as_bytes());
|
||||||
|
self.session.users.put_user(uid, &user);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
Promise::ok(())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -148,9 +157,17 @@ impl admin::Server for User {
|
|||||||
|
|
||||||
Promise::ok(())
|
Promise::ok(())
|
||||||
}
|
}
|
||||||
fn pwd(&mut self, _: admin::PwdParams, _: admin::PwdResults) -> Promise<(), ::capnp::Error> {
|
fn pwd(
|
||||||
Promise::err(::capnp::Error::unimplemented(
|
&mut self,
|
||||||
"method not implemented".to_string(),
|
param: admin::PwdParams,
|
||||||
))
|
_: admin::PwdResults,
|
||||||
|
) -> Promise<(), ::capnp::Error> {
|
||||||
|
let new_pw = pry!(pry!(param.get()).get_new_pwd());
|
||||||
|
let uid = self.user.get_username();
|
||||||
|
if let Some(mut user) = self.session.users.get_user(uid) {
|
||||||
|
user.set_pw(new_pw.as_bytes());
|
||||||
|
self.session.users.put_user(uid, &user);
|
||||||
|
}
|
||||||
|
Promise::ok(())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -27,6 +27,12 @@ pub struct User {
|
|||||||
pub userdata: UserData,
|
pub userdata: UserData,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn hash_pw(pw: &[u8]) -> argon2::Result<String> {
|
||||||
|
let config = argon2::Config::default();
|
||||||
|
let salt: [u8; 16] = rand::random();
|
||||||
|
argon2::hash_encoded(pw, &salt, &config)
|
||||||
|
}
|
||||||
|
|
||||||
impl User {
|
impl User {
|
||||||
pub fn check_password(&self, pwd: &[u8]) -> miette::Result<bool> {
|
pub fn check_password(&self, pwd: &[u8]) -> miette::Result<bool> {
|
||||||
if let Some(ref encoded) = self.userdata.passwd {
|
if let Some(ref encoded) = self.userdata.passwd {
|
||||||
@ -39,9 +45,7 @@ impl User {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub fn new_with_plain_pw(username: &str, password: impl AsRef<[u8]>) -> Self {
|
pub fn new_with_plain_pw(username: &str, password: impl AsRef<[u8]>) -> Self {
|
||||||
let config = argon2::Config::default();
|
let hash = hash_pw(password.as_ref())
|
||||||
let salt: [u8; 16] = rand::random();
|
|
||||||
let hash = argon2::hash_encoded(password.as_ref(), &salt, &config)
|
|
||||||
.expect(&format!("Failed to hash password for {}: ", username));
|
.expect(&format!("Failed to hash password for {}: ", username));
|
||||||
tracing::debug!("Hashed pw for {} to {}", username, hash);
|
tracing::debug!("Hashed pw for {} to {}", username, hash);
|
||||||
|
|
||||||
@ -53,6 +57,13 @@ impl User {
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn set_pw(&mut self, password: impl AsRef<[u8]>) {
|
||||||
|
self.userdata.passwd = Some(hash_pw(password.as_ref()).expect(&format!(
|
||||||
|
"failed to update hashed password for {}",
|
||||||
|
&self.id
|
||||||
|
)));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(
|
#[derive(
|
||||||
|
Loading…
Reference in New Issue
Block a user