Initial commit of password reset workflow.
This commit is contained in:
mikestefanello
parent
b4de8e58f9
commit
e6a5fa58c7
6 changed files with 184 additions and 16 deletions
39
auth/auth.go
39
auth/auth.go
|
|
@ -4,9 +4,11 @@ import (
|
|||
"crypto/rand"
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"goweb/config"
|
||||
"goweb/ent"
|
||||
"goweb/ent/passwordtoken"
|
||||
"goweb/ent/user"
|
||||
|
||||
"github.com/labstack/echo-contrib/session"
|
||||
|
|
@ -20,6 +22,13 @@ const (
|
|||
sessionKeyAuthenticated = "authenticated"
|
||||
)
|
||||
|
||||
type NotAuthenticatedError struct{}
|
||||
|
||||
// Error implements the error interface.
|
||||
func (e NotAuthenticatedError) Error() string {
|
||||
return "user not authenticated"
|
||||
}
|
||||
|
||||
type Client struct {
|
||||
config *config.Config
|
||||
orm *ent.Client
|
||||
|
|
@ -61,7 +70,7 @@ func (c *Client) GetAuthenticatedUserID(ctx echo.Context) (int, error) {
|
|||
return sess.Values[sessionKeyUserID].(int), nil
|
||||
}
|
||||
|
||||
return 0, errors.New("user not authenticated")
|
||||
return 0, NotAuthenticatedError{}
|
||||
}
|
||||
|
||||
func (c *Client) GetAuthenticatedUser(ctx echo.Context) (*ent.User, error) {
|
||||
|
|
@ -71,7 +80,7 @@ func (c *Client) GetAuthenticatedUser(ctx echo.Context) (*ent.User, error) {
|
|||
First(ctx.Request().Context())
|
||||
}
|
||||
|
||||
return nil, errors.New("user not authenticated")
|
||||
return nil, NotAuthenticatedError{}
|
||||
}
|
||||
|
||||
func (c *Client) HashPassword(password string) (string, error) {
|
||||
|
|
@ -106,6 +115,32 @@ func (c *Client) GeneratePasswordResetToken(ctx echo.Context, userID int) (strin
|
|||
return token, pt, err
|
||||
}
|
||||
|
||||
func (c *Client) GetValidPasswordToken(ctx echo.Context, token string) (*ent.PasswordToken, error) {
|
||||
// Hash the token in order to match in the database
|
||||
hash, err := c.HashPassword(token)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Query to find a matching token
|
||||
pt, err := c.orm.PasswordToken.
|
||||
Query().
|
||||
Where(passwordtoken.Hash(hash)).
|
||||
First(ctx.Request().Context())
|
||||
|
||||
if err != nil {
|
||||
ctx.Logger().Error(err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Check if the token is no longer valid
|
||||
if pt.CreatedAt.Before(time.Now().Add(-c.config.App.PasswordTokenExpiration)) {
|
||||
return nil, errors.New("token has expired")
|
||||
}
|
||||
|
||||
return pt, nil
|
||||
}
|
||||
|
||||
func (c *Client) RandomToken(length int) string {
|
||||
b := make([]byte, length)
|
||||
if _, err := rand.Read(b); err != nil {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue