60 lines
1.9 KiB
Rust
60 lines
1.9 KiB
Rust
use crate::{
|
|
authentication::{self, AuthenticatedUser, Credentials, validate_credentials},
|
|
routes::AdminError,
|
|
startup::AppState,
|
|
};
|
|
use axum::{
|
|
Extension, Form,
|
|
extract::State,
|
|
response::{IntoResponse, Redirect, Response},
|
|
};
|
|
use axum_messages::Messages;
|
|
use secrecy::{ExposeSecret, SecretString};
|
|
|
|
#[derive(serde::Deserialize)]
|
|
pub struct PasswordFormData {
|
|
pub current_password: SecretString,
|
|
pub new_password: SecretString,
|
|
pub new_password_check: SecretString,
|
|
}
|
|
|
|
pub async fn change_password(
|
|
Extension(AuthenticatedUser { user_id, username }): Extension<AuthenticatedUser>,
|
|
State(AppState {
|
|
connection_pool, ..
|
|
}): State<AppState>,
|
|
messages: Messages,
|
|
Form(form): Form<PasswordFormData>,
|
|
) -> Result<Response, AdminError> {
|
|
let credentials = Credentials {
|
|
username,
|
|
password: form.current_password,
|
|
};
|
|
if form.new_password.expose_secret() != form.new_password_check.expose_secret() {
|
|
messages.error("You entered two different passwords - the field values must match.");
|
|
Err(AdminError::ChangePassword)
|
|
} else if validate_credentials(credentials, &connection_pool)
|
|
.await
|
|
.is_err()
|
|
{
|
|
messages.error("The current password is incorrect.");
|
|
Err(AdminError::ChangePassword)
|
|
} else if let Err(e) = verify_password(form.new_password.expose_secret()) {
|
|
messages.error(e);
|
|
Err(AdminError::ChangePassword)
|
|
} else {
|
|
authentication::change_password(user_id, form.new_password, &connection_pool)
|
|
.await
|
|
.map_err(|_| AdminError::ChangePassword)?;
|
|
messages.success("Your password has been changed.");
|
|
Ok(Redirect::to("/admin/password").into_response())
|
|
}
|
|
}
|
|
|
|
fn verify_password(password: &str) -> Result<(), String> {
|
|
if password.len() < 12 || password.len() > 128 {
|
|
return Err("The password must contain between 12 and 128 characters.".into());
|
|
}
|
|
Ok(())
|
|
}
|