Password updates and matching LS updates.

2019-12-07 23:57:40 +01:00 · 2019-12-07 23:57:40 +01:00 · a2d633f4fb
parent 4b7caff906
commit a2d633f4fb
4 changed files with 110 additions and 21 deletions
--- a/client/authws.ls
+++ b/client/authws.ls
@ -13,6 +13,7 @@ AuthWS = (socket-url) ->
 		"register":                5
 		"get-extra":               6
 		"set-extra":               7
+		"update-password":         8
 	}

 	response-types = {
@ -107,6 +108,13 @@ AuthWS = (socket-url) ->
 			extra: extra
 		}

+	self.update-password = (login, old-password, new-password) ->
+		self.send request-types[\update-password], JSON.stringify {
+			login: login
+			old_password: old-password
+			new_password: new-password
+		}
+
 	# TODO: authd overhaul required
 	#self.add-user = (login, password) ->
 	#	self.send request-types[\add-user], JSON.stringify {
--- a/client/user-configuration-panel.ls
+++ b/client/user-configuration-panel.ls
@ -80,6 +80,12 @@ UserConfigurationPanel = (args) ->

 		on-model-update: args.on-model-update || ->

+		model: args.model || [
+			["fullName", "Full Name", "string"]
+			["avatar", "Profile Picture", "image-url"]
+			["email", "Mail Address", "string"]
+		]
+
 		input: {}
 	}

@ -117,40 +123,99 @@ UserConfigurationPanel = (args) ->
 					h \div.box {key: \profile} [
 						h \div.form [
 							h \div.title.is-4 [ "Profile" ]
-							h \div.label {key: \full-name-label} [ "Full Name" ]
-							Fields.render-text-input self.token, auth-ws, "fullName", self.input, self.profile

-							h \div.label {key: \profile-picture-label} [ "Profile Picture" ]
-							Fields.render-text-input self.token, auth-ws, "avatar", self.input, self.profile
+							for element in self.model
+								[key, label, type] = element
+
+								switch type
+								when "string", "image-url"
+									h \div.field { key: key } [
+										h \div.label [ label ]
+										Fields.render-text-input self.token, auth-ws, key, self.input, self.profile
+									]
 						]
 					]
 				else
 					# FIXME: urk, ugly loader.
 					h \div.button.is-loading

-				h \div.box {key: \passwd} [
-					h \div.title.is-4 [ "Permissions" ]
-
-					h \div.form [
-						h \div.field {key: \uid} [
-							h \div.label [ "User ID" ]
-							h \div.control [ self.user.uid.to-string! ]
+				h \div.box { key: \password } [
+					h \div.title.is-4 [ "Password" ]
+					h \div.label [ "Old #{label}" ]
+					h \div.control [
+						h \input.input {
+							type: \password
+							oninput: (e) ->
+								self.input["password.old"] = e.target.value
+						}
+					]
+					h \div.label [ "New #{label}" ]
+					h \div.control [
+						h \input.input {
+							type: \password
+							oninput: (e) ->
+								self.input["password.new"] = e.target.value
+						}
+					]
+					h \div.label [ "New #{label} (repeat)" ]
+					h \div.field.has-addons [
+						h \div.control.is-expanded [
+							h \input.input {
+								type: \password
+								oninput: (e) ->
+									self.input["password.new2"] = e.target.value
+							}
 						]
+						h \div.control [
+							h \div.button {
+								classes: {
+									"is-danger": self.input["password.new"] && self.input["password.new"] != self.input["password.new2"]
+									"is-static": (!self.input["password.new"]) && self.input["password.new"] != self.input["password.new2"]
+								}
+								onclick: ->
+									if self.input["password.new"] != self.input["password.new2"]
+										return

-						h \div.field {key: \gid} [
-							h \div.label [ "Group ID" ]
-							h \div.control [ self.user.gid.to-string! ]
-						]
+									auth-ws.update-password self.user.login, self.input["password.old"], self.input["password.new"]

-						h \div.field {key: \groups} [
-							h \div.label [ "Groups" ]
-							h \div.control.is-grouped [
-								h \div.tags self.user.groups.map (group) ->
-									h \div.tag [ group ]
-							]
+							} [ "Update" ]
 						]
 					]
 				]
+
+				if self.show-developer
+					h \div.box {key: \passwd} [
+						h \div.title.is-4 [ "Permissions" ]
+
+						h \div.form [
+							h \div.field {key: \uid} [
+								h \div.label [ "User ID" ]
+								h \div.control [ self.user.uid.to-string! ]
+							]
+
+							h \div.field {key: \gid} [
+								h \div.label [ "Group ID" ]
+								h \div.control [ self.user.gid.to-string! ]
+							]
+
+							h \div.field {key: \groups} [
+								h \div.label [ "Groups" ]
+								h \div.control.is-grouped [
+									h \div.tags self.user.groups.map (group) ->
+										h \div.tag [ group ]
+								]
+							]
+						]
+					]
+				else
+					h \a.is-pulled-right.is-small.has-text-grey {
+						key: \passwd
+						onclick: ->
+							self.show-developer := true
+							self.on-model-update!
+					} [
+						"Show developer data!"
+					]
 			]
 		]

--- a/src/authd.cr
+++ b/src/authd.cr
@ -218,6 +218,12 @@ class AuthD::Request
 		property extra      : JSON::Any
 	end

+	class Request::UpdatePassword < Request
+		property login      : String
+		property old_password : String
+		property new_password : String
+	end
+
 	# This creates a Request::Type enumeration. One entry for each request type.
 	{% begin %}
 		enum Type
--- a/src/main.cr
+++ b/src/main.cr
@ -99,6 +99,16 @@ class AuthD::Service
 			storage[request.name] = request.extra

 			Response::ExtraUpdated.new user.uid, request.name, request.extra
+		when Request::UpdatePassword
+			user = @passwd.get_user request.login, request.old_password
+
+			return Response::Error.new "invalid credentials" unless user
+
+			password_hash = Passwd.hash_password request.new_password
+
+			@passwd.mod_user user.uid, password_hash: password_hash
+
+			Response::UserEdited.new user.uid
 		else
 			Response::Error.new "unhandled request type"
 		end