Password updates and matching LS updates.

This commit is contained in:
Luka Vandervelden 2019-12-07 23:57:40 +01:00
parent 4b7caff906
commit a2d633f4fb
4 changed files with 110 additions and 21 deletions

View File

@ -13,6 +13,7 @@ AuthWS = (socket-url) ->
"register": 5
"get-extra": 6
"set-extra": 7
"update-password": 8
}
response-types = {
@ -107,6 +108,13 @@ AuthWS = (socket-url) ->
extra: extra
}
self.update-password = (login, old-password, new-password) ->
self.send request-types[\update-password], JSON.stringify {
login: login
old_password: old-password
new_password: new-password
}
# TODO: authd overhaul required
#self.add-user = (login, password) ->
# self.send request-types[\add-user], JSON.stringify {

View File

@ -80,6 +80,12 @@ UserConfigurationPanel = (args) ->
on-model-update: args.on-model-update || ->
model: args.model || [
["fullName", "Full Name", "string"]
["avatar", "Profile Picture", "image-url"]
["email", "Mail Address", "string"]
]
input: {}
}
@ -117,40 +123,99 @@ UserConfigurationPanel = (args) ->
h \div.box {key: \profile} [
h \div.form [
h \div.title.is-4 [ "Profile" ]
h \div.label {key: \full-name-label} [ "Full Name" ]
Fields.render-text-input self.token, auth-ws, "fullName", self.input, self.profile
h \div.label {key: \profile-picture-label} [ "Profile Picture" ]
Fields.render-text-input self.token, auth-ws, "avatar", self.input, self.profile
for element in self.model
[key, label, type] = element
switch type
when "string", "image-url"
h \div.field { key: key } [
h \div.label [ label ]
Fields.render-text-input self.token, auth-ws, key, self.input, self.profile
]
]
]
else
# FIXME: urk, ugly loader.
h \div.button.is-loading
h \div.box {key: \passwd} [
h \div.title.is-4 [ "Permissions" ]
h \div.form [
h \div.field {key: \uid} [
h \div.label [ "User ID" ]
h \div.control [ self.user.uid.to-string! ]
h \div.box { key: \password } [
h \div.title.is-4 [ "Password" ]
h \div.label [ "Old #{label}" ]
h \div.control [
h \input.input {
type: \password
oninput: (e) ->
self.input["password.old"] = e.target.value
}
]
h \div.label [ "New #{label}" ]
h \div.control [
h \input.input {
type: \password
oninput: (e) ->
self.input["password.new"] = e.target.value
}
]
h \div.label [ "New #{label} (repeat)" ]
h \div.field.has-addons [
h \div.control.is-expanded [
h \input.input {
type: \password
oninput: (e) ->
self.input["password.new2"] = e.target.value
}
]
h \div.control [
h \div.button {
classes: {
"is-danger": self.input["password.new"] && self.input["password.new"] != self.input["password.new2"]
"is-static": (!self.input["password.new"]) && self.input["password.new"] != self.input["password.new2"]
}
onclick: ->
if self.input["password.new"] != self.input["password.new2"]
return
h \div.field {key: \gid} [
h \div.label [ "Group ID" ]
h \div.control [ self.user.gid.to-string! ]
]
auth-ws.update-password self.user.login, self.input["password.old"], self.input["password.new"]
h \div.field {key: \groups} [
h \div.label [ "Groups" ]
h \div.control.is-grouped [
h \div.tags self.user.groups.map (group) ->
h \div.tag [ group ]
]
} [ "Update" ]
]
]
]
if self.show-developer
h \div.box {key: \passwd} [
h \div.title.is-4 [ "Permissions" ]
h \div.form [
h \div.field {key: \uid} [
h \div.label [ "User ID" ]
h \div.control [ self.user.uid.to-string! ]
]
h \div.field {key: \gid} [
h \div.label [ "Group ID" ]
h \div.control [ self.user.gid.to-string! ]
]
h \div.field {key: \groups} [
h \div.label [ "Groups" ]
h \div.control.is-grouped [
h \div.tags self.user.groups.map (group) ->
h \div.tag [ group ]
]
]
]
]
else
h \a.is-pulled-right.is-small.has-text-grey {
key: \passwd
onclick: ->
self.show-developer := true
self.on-model-update!
} [
"Show developer data!"
]
]
]

View File

@ -218,6 +218,12 @@ class AuthD::Request
property extra : JSON::Any
end
class Request::UpdatePassword < Request
property login : String
property old_password : String
property new_password : String
end
# This creates a Request::Type enumeration. One entry for each request type.
{% begin %}
enum Type

View File

@ -99,6 +99,16 @@ class AuthD::Service
storage[request.name] = request.extra
Response::ExtraUpdated.new user.uid, request.name, request.extra
when Request::UpdatePassword
user = @passwd.get_user request.login, request.old_password
return Response::Error.new "invalid credentials" unless user
password_hash = Passwd.hash_password request.new_password
@passwd.mod_user user.uid, password_hash: password_hash
Response::UserEdited.new user.uid
else
Response::Error.new "unhandled request type"
end