2018-06-10 11:11:41 +02:00
|
|
|
package v1
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"strconv"
|
|
|
|
|
2018-07-25 16:24:46 +02:00
|
|
|
"code.vikunja.io/api/models"
|
2018-06-10 11:11:41 +02:00
|
|
|
"github.com/labstack/echo"
|
|
|
|
)
|
|
|
|
|
|
|
|
type datPassword struct {
|
|
|
|
Password string `json:"password"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// UserChangePassword is the handler to add a user
|
|
|
|
func UserChangePassword(c echo.Context) error {
|
|
|
|
|
|
|
|
// Get the ID
|
|
|
|
user := c.Param("id")
|
|
|
|
|
|
|
|
if user == "" {
|
|
|
|
return c.JSON(http.StatusBadRequest, models.Message{"User ID cannot be empty."})
|
|
|
|
}
|
|
|
|
|
|
|
|
// Make int
|
|
|
|
userID, err := strconv.ParseInt(user, 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
return c.JSON(http.StatusBadRequest, models.Message{"User ID is invalid."})
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check if the user is itself
|
|
|
|
userJWTinfo, err := models.GetCurrentUser(c)
|
2018-09-23 21:15:14 +02:00
|
|
|
if err != nil {
|
|
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"Error getting current user."})
|
|
|
|
}
|
2018-06-10 11:11:41 +02:00
|
|
|
|
|
|
|
if userJWTinfo.ID != userID {
|
|
|
|
return echo.ErrUnauthorized
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check for Request Content
|
|
|
|
pwFromString := c.FormValue("password")
|
|
|
|
var datPw datPassword
|
|
|
|
|
|
|
|
if pwFromString == "" {
|
|
|
|
if err := c.Bind(&datPw); err != nil {
|
|
|
|
return c.JSON(http.StatusBadRequest, models.Message{"No password provided."})
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// Take the value directly from the input
|
|
|
|
datPw.Password = pwFromString
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get User Infos
|
2018-08-30 19:14:02 +02:00
|
|
|
_, err = models.GetUserByID(userID)
|
2018-06-10 11:11:41 +02:00
|
|
|
|
|
|
|
if err != nil {
|
2018-08-30 19:14:02 +02:00
|
|
|
if models.IsErrUserDoesNotExist(err) {
|
|
|
|
return c.JSON(http.StatusNotFound, models.Message{"The user does not exist."})
|
|
|
|
}
|
2018-06-10 11:11:41 +02:00
|
|
|
return c.JSON(http.StatusInternalServerError, models.Message{"Error getting user infos."})
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the doer options
|
|
|
|
doer, err := models.GetCurrentUser(c)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = models.UpdateUserPassword(userID, datPw.Password, &doer)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return c.JSON(http.StatusOK, models.Message{"The password was updated successfully"})
|
|
|
|
}
|