2019-06-24 19:01:56 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2023-01-02 20:38:50 +00:00
|
|
|
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
|
2019-06-24 19:01:56 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.Web.TwitterAPI.PasswordController do
|
|
|
|
@moduledoc """
|
2023-12-27 23:15:32 +00:00
|
|
|
The module contains functions for password reset.
|
2019-06-24 19:01:56 +00:00
|
|
|
"""
|
|
|
|
|
|
|
|
use Pleroma.Web, :controller
|
|
|
|
|
|
|
|
require Logger
|
|
|
|
|
2021-12-03 06:02:49 +00:00
|
|
|
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
|
|
|
|
|
2019-06-24 19:01:56 +00:00
|
|
|
alias Pleroma.PasswordResetToken
|
|
|
|
alias Pleroma.Repo
|
|
|
|
alias Pleroma.User
|
2021-12-03 06:02:49 +00:00
|
|
|
alias Pleroma.Web.TwitterAPI.TwitterAPI
|
|
|
|
|
|
|
|
plug(Pleroma.Web.Plugs.RateLimiter, [name: :request] when action == :request)
|
|
|
|
|
|
|
|
@doc "POST /auth/password"
|
|
|
|
def request(conn, params) do
|
|
|
|
nickname_or_email = params["email"] || params["nickname"]
|
|
|
|
|
|
|
|
TwitterAPI.password_reset(nickname_or_email)
|
|
|
|
|
|
|
|
json_response(conn, :no_content, "")
|
|
|
|
end
|
2019-06-24 19:01:56 +00:00
|
|
|
|
|
|
|
def reset(conn, %{"token" => token}) do
|
|
|
|
with %{used: false} = token <- Repo.get_by(PasswordResetToken, %{token: token}),
|
2020-11-19 11:27:06 +00:00
|
|
|
false <- PasswordResetToken.expired?(token),
|
2019-06-24 19:01:56 +00:00
|
|
|
%User{} = user <- User.get_cached_by_id(token.user_id) do
|
|
|
|
render(conn, "reset.html", %{
|
|
|
|
token: token,
|
|
|
|
user: user
|
|
|
|
})
|
|
|
|
else
|
|
|
|
_e -> render(conn, "invalid_token.html")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def do_reset(conn, %{"data" => data}) do
|
|
|
|
with {:ok, _} <- PasswordResetToken.reset_password(data["token"], data) do
|
|
|
|
render(conn, "reset_success.html")
|
|
|
|
else
|
|
|
|
_e -> render(conn, "reset_failed.html")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|