lemmy/crates/api/src/local_user/change_password.rs

use crate::Perform;
use actix_web::web::Data;
use bcrypt::verify;
use lemmy_api_common::{
  context::LemmyContext,
  person::{ChangePassword, LoginResponse},
  utils::{local_user_view_from_jwt, password_length_check},
};
use lemmy_db_schema::source::local_user::LocalUser;
use lemmy_utils::{claims::Claims, error::LemmyError};

#[async_trait::async_trait(?Send)]
impl Perform for ChangePassword {
  type Response = LoginResponse;

  #[tracing::instrument(skip(self, context))]
  async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
    let data: &ChangePassword = self;
    let local_user_view = local_user_view_from_jwt(data.auth.as_ref(), context).await?;

    password_length_check(&data.new_password)?;

    // Make sure passwords match
    if data.new_password != data.new_password_verify {
      return Err(LemmyError::from_message("passwords_dont_match"));
    }

    // Check the old password
    let valid: bool = verify(
      &data.old_password,
      &local_user_view.local_user.password_encrypted,
    )
    .unwrap_or(false);
    if !valid {
      return Err(LemmyError::from_message("password_incorrect"));
    }

    let local_user_id = local_user_view.local_user.id;
    let new_password = data.new_password.clone();
    let updated_local_user =
      LocalUser::update_password(context.pool(), local_user_id, &new_password).await?;

    // Return the jwt
    Ok(LoginResponse {
      jwt: Some(
        Claims::jwt(
          updated_local_user.id.0,
          &context.secret().jwt_secret,
          &context.settings().hostname,
        )?
        .into(),
      ),
      verify_email_sent: false,
      registration_created: false,
    })
  }
}
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`use crate::Perform;`
			`use actix_web::web::Data;`
			`use bcrypt::verify;`
			`use lemmy_api_common::{`
Add SendActivity trait so that api crates compile in parallel with lemmy_apub 2022-11-28 14:29:33 +00:00			`context::LemmyContext,`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`person::{ChangePassword, LoginResponse},`
Dont return error in case optional auth is invalid (#2879) * Dont return error in case optional auth is invalid * fixes 2023-05-25 14:50:07 +00:00			`utils::{local_user_view_from_jwt, password_length_check},`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`};`
			`use lemmy_db_schema::source::local_user::LocalUser;`
Remove chatserver (#2919) * Remove chatserver * fix clippy * Remove captchas (fixes #2922) * fix prettier * fix api_common build * cargo fmt 2023-06-06 16:27:22 +00:00			`use lemmy_utils::{claims::Claims, error::LemmyError};`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
			`#[async_trait::async_trait(?Send)]`
			`impl Perform for ChangePassword {`
			`type Response = LoginResponse;`

Remove chatserver (#2919) * Remove chatserver * fix clippy * Remove captchas (fixes #2922) * fix prettier * fix api_common build * cargo fmt 2023-06-06 16:27:22 +00:00			`#[tracing::instrument(skip(self, context))]`
			`async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`let data: &ChangePassword = self;`
Dont return error in case optional auth is invalid (#2879) * Dont return error in case optional auth is invalid * fixes 2023-05-25 14:50:07 +00:00			`let local_user_view = local_user_view_from_jwt(data.auth.as_ref(), context).await?;`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
			`password_length_check(&data.new_password)?;`

			`// Make sure passwords match`
			`if data.new_password != data.new_password_verify {`
			`return Err(LemmyError::from_message("passwords_dont_match"));`
			`}`

			`// Check the old password`
			`let valid: bool = verify(`
			`&data.old_password,`
			`&local_user_view.local_user.password_encrypted,`
			`)`
			`.unwrap_or(false);`
			`if !valid {`
			`return Err(LemmyError::from_message("password_incorrect"));`
			`}`

			`let local_user_id = local_user_view.local_user.id;`
Various pedantic clippy fixes (#2568) * Various pedantic clippy fixes * more clippy pedantic fixes * try to fix ci * add fix clippy script, use rust 1.65 * fix clippy 2022-11-19 04:33:54 +00:00			`let new_password = data.new_password.clone();`
Add diesel_async, get rid of blocking function (#2510) * Moving settings to Database. - Moves many settings into the database. Fixes #2285 - Adds a local_site and instance table. Fixes #2365 . Fixes #2368 - Separates SQL update an insert forms, to avoid runtime errors. - Adds TypedBuilder to all the SQL forms, instead of default. * Fix weird clippy issue. * Removing extra lines. * Some fixes from suggestions. * Fixing apub tests. * Using instance creation helper function. * Move forms to their own line. * Trying to fix local_site_data, still broken. * Testing out async * Testing out async 2 * Fixing federation tests. * Trying to fix check features 1. * Starting on adding diesel async. 1/4th done. * Added async to views and schema. * Adding some more async * Compiling now. * Added diesel async. Fixes #2465 * Running clippy --fix * Trying to fix cargo test on drone. * Trying new muslrust. * Trying a custom dns * Trying a custom dns 2 * Trying a custom dns 3 * Trying a custom dns 4 * Trying a custom dns 5 * Trying a custom dns 6 * Trying a custom dns 7 * Addressing PR comments. * Adding check_apub to all verify functions. * Reverting back drone. * Fixing merge * Fix docker images. * Adding missing discussion_languages. * Trying to fix federation tests. * Fix site setup user creation. * Fix clippy * Fix clippy 2 * Test api faster * Try to fix 1 * Try to fix 2 * What are these lines about * Trying to fix 3 * Moving federation test back to top. * Remove logging cat. 2022-11-09 10:05:00 +00:00			`let updated_local_user =`
			`LocalUser::update_password(context.pool(), local_user_id, &new_password).await?;`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
			`// Return the jwt`
			`Ok(LoginResponse {`
			`jwt: Some(`
			`Claims::jwt(`
			`updated_local_user.id.0,`
			`&context.secret().jwt_secret,`
			`&context.settings().hostname,`
			`)?`
			`.into(),`
			`),`
			`verify_email_sent: false,`
			`registration_created: false,`
			`})`
			`}`
			`}`