vikunja-api/routes/api/v1/user_update_password.go

78 lines
1.7 KiB
Go
Raw Normal View History

2018-06-10 11:11:41 +02:00
package v1
import (
"net/http"
"strconv"
2018-07-25 16:24:46 +02:00
"code.vikunja.io/api/models"
2018-06-10 11:11:41 +02:00
"github.com/labstack/echo"
)
type datPassword struct {
Password string `json:"password"`
}
// UserChangePassword is the handler to add a user
func UserChangePassword(c echo.Context) error {
// Get the ID
user := c.Param("id")
if user == "" {
return c.JSON(http.StatusBadRequest, models.Message{"User ID cannot be empty."})
}
// Make int
userID, err := strconv.ParseInt(user, 10, 64)
if err != nil {
return c.JSON(http.StatusBadRequest, models.Message{"User ID is invalid."})
}
// Check if the user is itself
userJWTinfo, err := models.GetCurrentUser(c)
if err != nil {
return c.JSON(http.StatusInternalServerError, models.Message{"Error getting current user."})
}
2018-06-10 11:11:41 +02:00
if userJWTinfo.ID != userID {
return echo.ErrUnauthorized
}
// Check for Request Content
pwFromString := c.FormValue("password")
var datPw datPassword
if pwFromString == "" {
if err := c.Bind(&datPw); err != nil {
return c.JSON(http.StatusBadRequest, models.Message{"No password provided."})
}
} else {
// Take the value directly from the input
datPw.Password = pwFromString
}
// Get User Infos
2018-08-30 19:14:02 +02:00
_, err = models.GetUserByID(userID)
2018-06-10 11:11:41 +02:00
if err != nil {
2018-08-30 19:14:02 +02:00
if models.IsErrUserDoesNotExist(err) {
return c.JSON(http.StatusNotFound, models.Message{"The user does not exist."})
}
2018-06-10 11:11:41 +02:00
return c.JSON(http.StatusInternalServerError, models.Message{"Error getting user infos."})
}
// Get the doer options
doer, err := models.GetCurrentUser(c)
if err != nil {
return err
}
err = models.UpdateUserPassword(userID, datPw.Password, &doer)
if err != nil {
return err
}
return c.JSON(http.StatusOK, models.Message{"The password was updated successfully"})
}