class AuthD::Request IPC::JSON.message UpdatePassword, 7 do property login : String property old_password : String property new_password : String def initialize(@login, @old_password, @new_password) end def handle(authd : AuthD::Service) user = authd.users_per_login.get? @login unless user return Response::Error.new "invalid credentials" end if authd.hash_password(@old_password) != user.password_hash return Response::Error.new "invalid credentials" end user.password_hash = authd.hash_password @new_password authd.users_per_uid.update user.uid.to_s, user Response::UserEdited.new user.uid end end AuthD.requests << UpdatePassword IPC::JSON.message PasswordRecovery, 11 do property user : Int32 | String property password_renew_key : String property new_password : String def initialize(@user, @password_renew_key, @new_password) end def handle(authd : AuthD::Service) uid_or_login = @user user = if uid_or_login.is_a? Int32 authd.users_per_uid.get? uid_or_login.to_s else authd.users_per_login.get? uid_or_login end if user.nil? return Response::Error.new "user not found" end if user.password_renew_key == @password_renew_key user.password_hash = authd.hash_password @new_password else return Response::Error.new "renew key not valid" end user.password_renew_key = nil authd.users_per_uid.update user.uid.to_s, user Response::PasswordRecovered.new user.to_public end end AuthD.requests << PasswordRecovery IPC::JSON.message AskPasswordRecovery, 12 do property user : Int32 | String property email : String def initialize(@user, @email) end def handle(authd : AuthD::Service) uid_or_login = @user user = if uid_or_login.is_a? Int32 authd.users_per_uid.get? uid_or_login.to_s else authd.users_per_login.get? uid_or_login end if user.nil? return Response::Error.new "no such user" end if user.contact.email != @email # Same error as when users are not found. return Response::Error.new "no such user" end user.password_renew_key = UUID.random.to_s authd.users_per_uid.update user.uid.to_s, user unless (activation_url = authd.configuration.activation_url).nil? field_from = authd.configuration.field_from.not_nil! activation_url = authd.configuration.activation_url.not_nil! # Once the user is created and stored, we try to contact him if authd.configuration.print_password_recovery_parameters pp! user.login, user.contact.email.not_nil!, field_from, activation_url, user.password_renew_key.not_nil! end unless Process.run("password-recovery-mailer", [ "-l", user.login, "-e", user.contact.email.not_nil!, "-t", "Password recovery email", "-f", field_from, "-u", activation_url, "-a", user.password_renew_key.not_nil! ]).success? return Response::Error.new "cannot contact the user for password recovery" end end Response::PasswordRecoverySent.new user.to_public end end AuthD.requests << AskPasswordRecovery end