enhance password reset

This commit is contained in:
Joerg Lehmann 2020-04-13 10:04:56 +02:00
parent 868fdf8fb7
commit 4b5de36111
4 changed files with 32 additions and 8 deletions

View File

@ -83,7 +83,7 @@ func loginHandler(response http.ResponseWriter, request *http.Request) {
func resetPasswordHandler(response http.ResponseWriter, request *http.Request) { func resetPasswordHandler(response http.ResponseWriter, request *http.Request) {
name := request.FormValue("email") name := request.FormValue("email")
pass := request.FormValue("password") pass := request.FormValue("password")
redirectTarget := "/" redirectTarget := "/wait_for_password_confirmation.html"
logit(fmt.Sprintf("resetPasswordHandler: request for User %s", name)) logit(fmt.Sprintf("resetPasswordHandler: request for User %s", name))
if name != "" && pass != "" { if name != "" && pass != "" {
if checkUserAvailable(name) { if checkUserAvailable(name) {
@ -122,6 +122,9 @@ func logoutHandler(response http.ResponseWriter, request *http.Request) {
func confirmHandler(response http.ResponseWriter, request *http.Request) { func confirmHandler(response http.ResponseWriter, request *http.Request) {
confirm_id := request.URL.Query().Get("id") confirm_id := request.URL.Query().Get("id")
logit(fmt.Sprintf("Confirm ID: %s\n", confirm_id)) logit(fmt.Sprintf("Confirm ID: %s\n", confirm_id))
confirmUser(confirm_id) if confirmUser(confirm_id) {
http.Redirect(response, request, "/", 302) http.Redirect(response, request, "/password_changed.html", 302)
} else {
http.Redirect(response, request, "/", 302)
}
} }

View File

@ -361,28 +361,30 @@ func updateLoginTime(username string) {
} }
} }
func confirmUser(confirm_id string) { func confirmUser(confirm_id string) bool {
conn := globalPool.Get() conn := globalPool.Get()
defer conn.Close() defer conn.Close()
u, err := redis.String(conn.Do("GET", confirmPrefix+confirm_id)) u, err := redis.String(conn.Do("GET", confirmPrefix+confirm_id))
if err != nil { if err != nil {
logit("confirmUser: Error with searching confirm_id: " + confirm_id) logit("confirmUser: Error with searching confirm_id: " + confirm_id)
return return false
} }
new_password, err := redis.String(conn.Do("HGET", userPrefix+u, "new_password")) new_password, err := redis.String(conn.Do("HGET", userPrefix+u, "new_password"))
if err != nil { if err != nil {
logit("confirmUser: Error with getting new_password: " + u) logit("confirmUser: Error with getting new_password: " + u)
return return false
} }
_, err = conn.Do("HMSET", userPrefix+u, "confirm_id", "", "password", new_password) _, err = conn.Do("HMSET", userPrefix+u, "confirm_id", "", "password", new_password)
if err != nil { if err != nil {
logit("confirmUser: Error updateing User: " + u) logit("confirmUser: Error updateing User: " + u)
return return false
} }
_, err = conn.Do("DEL", confirmPrefix+confirm_id) _, err = conn.Do("DEL", confirmPrefix+confirm_id)
if err != nil { if err != nil {
logit("confirmUser: Error deleting confirm_id: " + confirm_id) logit("confirmUser: Error deleting confirm_id: " + confirm_id)
return return false
} }
return true
} }

View File

@ -0,0 +1,9 @@
{{define "body_content"}}
{{ if ne .UserName "" }}
Sie sind bereits eingeloggt!
{{ else }}
<div class="notification is-info">
Passwort wurde erfolgreich ge&auml;ndert!
</div>
{{ end }}
{{end}}

View File

@ -0,0 +1,10 @@
{{define "body_content"}}
{{ if ne .UserName "" }}
Sie sind bereits eingeloggt!
{{ else }}
<p class="title is-4">Passwort zur&uuml;cksetzen - warte auf Best&auml;tigung</p>
<div class="notification is-info">
<p>Bitte checken Sie Ihre Mailbox. Das neue Passwort wird erst g&uuml;ltig, wenn Sie die Best&auml;tigung durchgef&uuml;hrt haben.</p>
</div>
{{end}}
{{end}}