Move change_password API method to /api/v1/settings/change_password

This commit is contained in:
silverpill 2022-11-25 23:37:04 +00:00
parent fde8309bb9
commit dd268634ef
6 changed files with 56 additions and 50 deletions

View file

@ -157,29 +157,6 @@ paths:
$ref: '#/components/schemas/AccountWithSource' $ref: '#/components/schemas/AccountWithSource'
400: 400:
description: Invalid user data. description: Invalid user data.
/api/v1/accounts/change_password:
post:
summary: Set or change user's password.
security:
- tokenAuth: []
requestBody:
content:
application/json:
schema:
type: object
properties:
new_password:
description: New password.
type: string
responses:
200:
description: Successful operation.
content:
application/json:
schema:
$ref: '#/components/schemas/AccountWithSource'
400:
description: Invalid request data.
/api/v1/accounts/signed_update: /api/v1/accounts/signed_update:
get: get:
summary: Build Update(Person) activity for signing (experimental). summary: Build Update(Person) activity for signing (experimental).
@ -633,6 +610,29 @@ paths:
type: array type: array
items: items:
$ref: '#/components/schemas/Notification' $ref: '#/components/schemas/Notification'
/api/v1/settings/change_password:
post:
summary: Set or change user's password.
security:
- tokenAuth: []
requestBody:
content:
application/json:
schema:
type: object
properties:
new_password:
description: New password.
type: string
responses:
200:
description: Successful operation.
content:
application/json:
schema:
$ref: '#/components/schemas/AccountWithSource'
400:
description: Invalid request data.
/api/v1/settings/export_followers: /api/v1/settings/export_followers:
get: get:
summary: Export followers to CSV file summary: Export followers to CSV file

View file

@ -262,11 +262,6 @@ impl AccountUpdateData {
} }
} }
#[derive(Deserialize)]
pub struct PasswordChangeRequest {
pub new_password: String,
}
#[derive(Serialize)] #[derive(Serialize)]
pub struct UnsignedUpdate { pub struct UnsignedUpdate {
pub internal_activity_id: Uuid, pub internal_activity_id: Uuid,

View file

@ -67,10 +67,9 @@ use crate::models::relationships::queries::{
}; };
use crate::models::subscriptions::queries::get_incoming_subscriptions; use crate::models::subscriptions::queries::get_incoming_subscriptions;
use crate::models::users::queries::{ use crate::models::users::queries::{
is_valid_invite_code,
create_user, create_user,
get_user_by_did, get_user_by_did,
set_user_password, is_valid_invite_code,
}; };
use crate::models::users::types::UserCreateData; use crate::models::users::types::UserCreateData;
use crate::utils::{ use crate::utils::{
@ -95,7 +94,6 @@ use super::types::{
IdentityClaim, IdentityClaim,
IdentityClaimQueryParams, IdentityClaimQueryParams,
IdentityProofData, IdentityProofData,
PasswordChangeRequest,
RelationshipQueryParams, RelationshipQueryParams,
SearchAcctQueryParams, SearchAcctQueryParams,
SearchDidQueryParams, SearchDidQueryParams,
@ -232,22 +230,6 @@ async fn update_credentials(
Ok(HttpResponse::Ok().json(account)) Ok(HttpResponse::Ok().json(account))
} }
#[post("/change_password")]
async fn change_password_view(
auth: BearerAuth,
config: web::Data<Config>,
db_pool: web::Data<Pool>,
request_data: web::Json<PasswordChangeRequest>,
) -> Result<HttpResponse, HttpError> {
let db_client = &**get_database_client(&db_pool).await?;
let current_user = get_current_user(db_client, auth.token()).await?;
let password_hash = hash_password(&request_data.new_password)
.map_err(|_| HttpError::InternalError)?;
set_user_password(db_client, &current_user.id, password_hash).await?;
let account = Account::from_user(current_user, &config.instance_url());
Ok(HttpResponse::Ok().json(account))
}
#[get("/signed_update")] #[get("/signed_update")]
async fn get_unsigned_update( async fn get_unsigned_update(
auth: BearerAuth, auth: BearerAuth,
@ -728,7 +710,6 @@ pub fn account_api_scope() -> Scope {
.service(create_account) .service(create_account)
.service(verify_credentials) .service(verify_credentials)
.service(update_credentials) .service(update_credentials)
.service(change_password_view)
.service(get_unsigned_update) .service(get_unsigned_update)
.service(send_signed_update) .service(send_signed_update)
.service(get_identity_claim) .service(get_identity_claim)

View file

@ -1,2 +1,3 @@
mod helpers; mod helpers;
mod types;
pub mod views; pub mod views;

View file

@ -0,0 +1,6 @@
use serde::Deserialize;
#[derive(Deserialize)]
pub struct PasswordChangeRequest {
pub new_password: String,
}

View file

@ -1,11 +1,33 @@
use actix_web::{get, web, HttpResponse, Scope}; use actix_web::{get, post, web, HttpResponse, Scope};
use actix_web_httpauth::extractors::bearer::BearerAuth; use actix_web_httpauth::extractors::bearer::BearerAuth;
use crate::config::Config; use crate::config::Config;
use crate::database::{Pool, get_database_client}; use crate::database::{Pool, get_database_client};
use crate::errors::HttpError; use crate::errors::HttpError;
use crate::mastodon_api::oauth::auth::get_current_user; use crate::mastodon_api::{
accounts::types::Account,
oauth::auth::get_current_user,
};
use crate::models::users::queries::set_user_password;
use crate::utils::passwords::hash_password;
use super::helpers::{export_followers, export_follows}; use super::helpers::{export_followers, export_follows};
use super::types::PasswordChangeRequest;
#[post("/change_password")]
async fn change_password_view(
auth: BearerAuth,
config: web::Data<Config>,
db_pool: web::Data<Pool>,
request_data: web::Json<PasswordChangeRequest>,
) -> Result<HttpResponse, HttpError> {
let db_client = &**get_database_client(&db_pool).await?;
let current_user = get_current_user(db_client, auth.token()).await?;
let password_hash = hash_password(&request_data.new_password)
.map_err(|_| HttpError::InternalError)?;
set_user_password(db_client, &current_user.id, password_hash).await?;
let account = Account::from_user(current_user, &config.instance_url());
Ok(HttpResponse::Ok().json(account))
}
#[get("/export_followers")] #[get("/export_followers")]
async fn export_followers_view( async fn export_followers_view(
@ -47,6 +69,7 @@ async fn export_follows_view(
pub fn settings_api_scope() -> Scope { pub fn settings_api_scope() -> Scope {
web::scope("/api/v1/settings") web::scope("/api/v1/settings")
.service(change_password_view)
.service(export_followers_view) .service(export_followers_view)
.service(export_follows_view) .service(export_follows_view)
} }