mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-22 09:00:10 +00:00
userpage: password resets
click "forgot password" on login modal, enter a contact method address/username, submit and check for a link. Requires link reset to be enabled.
This commit is contained in:
parent
db97c3b2d4
commit
86daa70ccb
@ -477,3 +477,58 @@ func (app *appContext) UnlinkMyMatrix(gc *gin.Context) {
|
||||
app.storage.DeleteMatrixKey(gc.GetString("jfId"))
|
||||
respondBool(200, true, gc)
|
||||
}
|
||||
|
||||
// @Summary Generate & send a password reset link if the given email/contact method exists. Doesn't give you any info about it's success.
|
||||
// @Produce json
|
||||
// @Param address path string true "address/contact method associated w/ your account."
|
||||
// @Success 204 {object} boolResponse
|
||||
// @Failure 400 {object} boolResponse
|
||||
// @Failure 500 {object} boolResponse
|
||||
// @Router /my/password/reset/{address} [post]
|
||||
// @tags Users
|
||||
func (app *appContext) ResetMyPassword(gc *gin.Context) {
|
||||
address := gc.Param("address")
|
||||
if address == "" {
|
||||
app.debug.Println("Ignoring empty request for PWR")
|
||||
respondBool(400, false, gc)
|
||||
return
|
||||
}
|
||||
var pwr InternalPWR
|
||||
var err error
|
||||
|
||||
jfID := app.reverseUserSearch(address)
|
||||
if jfID == "" {
|
||||
app.debug.Printf("Ignoring PWR request: User not found")
|
||||
respondBool(204, true, gc)
|
||||
return
|
||||
}
|
||||
pwr, err = app.GenInternalReset(jfID)
|
||||
if err != nil {
|
||||
app.err.Printf("Failed to get user from Jellyfin: %v", err)
|
||||
respondBool(500, false, gc)
|
||||
return
|
||||
}
|
||||
if app.internalPWRs == nil {
|
||||
app.internalPWRs = map[string]InternalPWR{}
|
||||
}
|
||||
app.internalPWRs[pwr.PIN] = pwr
|
||||
// FIXME: Send to all contact methods
|
||||
msg, err := app.email.constructReset(
|
||||
PasswordReset{
|
||||
Pin: pwr.PIN,
|
||||
Username: pwr.Username,
|
||||
Expiry: pwr.Expiry,
|
||||
Internal: true,
|
||||
}, app, false,
|
||||
)
|
||||
if err != nil {
|
||||
app.err.Printf("Failed to construct password reset message for \"%s\": %v", pwr.Username, err)
|
||||
respondBool(500, false, gc)
|
||||
return
|
||||
} else if err := app.sendByID(msg, jfID); err != nil {
|
||||
app.err.Printf("Failed to send password reset message to \"%s\": %v", address, err)
|
||||
} else {
|
||||
app.info.Printf("Sent password reset message to \"%s\"", address)
|
||||
}
|
||||
respondBool(204, true, gc)
|
||||
}
|
||||
|
75
email.go
75
email.go
@ -522,18 +522,6 @@ func (emailer *Emailer) constructCreated(code, username, address string, invite
|
||||
return email, nil
|
||||
}
|
||||
|
||||
// GenResetLink generates and returns a password reset link.
|
||||
func (app *appContext) GenResetLink(pin string) (string, error) {
|
||||
url := app.config.Section("password_resets").Key("url_base").String()
|
||||
var pinLink string
|
||||
if url == "" {
|
||||
return pinLink, fmt.Errorf("disabled as no URL Base provided. Set in Settings > Password Resets.")
|
||||
}
|
||||
// Strip /invite from end of this URL, ik it's ugly.
|
||||
pinLink = fmt.Sprintf("%s/reset?pin=%s", url, pin)
|
||||
return pinLink, nil
|
||||
}
|
||||
|
||||
func (emailer *Emailer) resetValues(pwr PasswordReset, app *appContext, noSub bool) map[string]interface{} {
|
||||
d, t, expiresIn := emailer.formatExpiry(pwr.Expiry, true, app.datePattern, app.timePattern)
|
||||
message := app.config.Section("messages").Key("message").String()
|
||||
@ -835,38 +823,37 @@ func (emailer *Emailer) send(email *Message, address ...string) error {
|
||||
return emailer.sender.Send(emailer.fromName, emailer.fromAddr, email, address...)
|
||||
}
|
||||
|
||||
func (app *appContext) sendByID(email *Message, ID ...string) error {
|
||||
func (app *appContext) sendByID(email *Message, ID ...string) (err error) {
|
||||
for _, id := range ID {
|
||||
var err error
|
||||
if tgChat, ok := app.storage.GetTelegramKey(id); ok && tgChat.Contact && telegramEnabled {
|
||||
err = app.telegram.Send(email, tgChat.ChatID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
}
|
||||
if dcChat, ok := app.storage.GetDiscordKey(id); ok && dcChat.Contact && discordEnabled {
|
||||
err = app.discord.Send(email, dcChat.ChannelID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
}
|
||||
if mxChat, ok := app.storage.GetMatrixKey(id); ok && mxChat.Contact && matrixEnabled {
|
||||
err = app.matrix.Send(email, mxChat)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
}
|
||||
if address, ok := app.storage.GetEmailsKey(id); ok && address.Contact && emailEnabled {
|
||||
err = app.email.send(email, address.Addr)
|
||||
if err != nil {
|
||||
return err
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
}
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
return
|
||||
}
|
||||
|
||||
func (app *appContext) getAddressOrName(jfID string) string {
|
||||
@ -879,5 +866,33 @@ func (app *appContext) getAddressOrName(jfID string) string {
|
||||
if addr, ok := app.storage.GetEmailsKey(jfID); ok {
|
||||
return addr.Addr
|
||||
}
|
||||
if mxChat, ok := app.storage.GetMatrixKey(jfID); ok && mxChat.Contact && matrixEnabled {
|
||||
return mxChat.UserID
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (app *appContext) reverseUserSearch(address string) string {
|
||||
for id, email := range app.storage.GetEmails() {
|
||||
if strings.ToLower(address) == strings.ToLower(email.Addr) {
|
||||
return id
|
||||
}
|
||||
}
|
||||
for id, dcUser := range app.storage.GetDiscord() {
|
||||
if RenderDiscordUsername(dcUser) == strings.ToLower(address) {
|
||||
return id
|
||||
}
|
||||
}
|
||||
tgUsername := strings.TrimPrefix(address, "@")
|
||||
for id, tgUser := range app.storage.GetTelegram() {
|
||||
if tgUsername == tgUser.Username {
|
||||
return id
|
||||
}
|
||||
}
|
||||
for id, mxUser := range app.storage.GetMatrix() {
|
||||
if address == mxUser.UserID {
|
||||
return id
|
||||
}
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
@ -410,6 +410,9 @@
|
||||
</span>
|
||||
<span class="button ~warning" alt="{{ .strings.theme }}" id="button-theme"><i class="ri-sun-line"></i></span>
|
||||
</div>
|
||||
<div class="top-4 right-4 absolute">
|
||||
<a class="button ~info" href="/my/account"><i class="ri-account-circle-fill mr-2"></i>{{ .strings.myAccount }}</a>
|
||||
</div>
|
||||
<div class="page-container">
|
||||
<div class="mb-4">
|
||||
<header class="flex flex-wrap items-center justify-between">
|
||||
|
@ -14,6 +14,11 @@
|
||||
<label>
|
||||
<input type="submit" class="unfocused">
|
||||
<span class="button ~urge @low full-width center supra submit">{{ .strings.login }}</span>
|
||||
{{ if index . "pwrEnabled" }}
|
||||
{{ if .pwrEnabled }}
|
||||
<span class="button ~info @low full-width center supra submit my-2" id="modal-login-pwr">{{ .strings.resetPassword }}</span>
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
</label>
|
||||
</form>
|
||||
</div>
|
||||
|
@ -6,6 +6,7 @@
|
||||
window.notificationsEnabled = {{ .notifications }};
|
||||
window.ombiEnabled = {{ .ombiEnabled }};
|
||||
window.langFile = JSON.parse({{ .language }});
|
||||
window.pwrEnabled = {{ .pwrEnabled }};
|
||||
window.linkResetEnabled = {{ .linkResetEnabled }};
|
||||
window.language = "{{ .langName }}";
|
||||
window.telegramEnabled = {{ .telegramEnabled }};
|
||||
@ -43,6 +44,30 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{ if .pwrEnabled }}
|
||||
<div id="modal-pwr" class="modal">
|
||||
<div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3 ~neutral @low">
|
||||
<span class="heading">{{ .strings.resetPassword }}</span>
|
||||
<p class="content my-2">
|
||||
{{ if .linkResetEnabled }}
|
||||
{{ .strings.resetPasswordThroughLink }}
|
||||
{{ else }}
|
||||
{{ .strings.resetPasswordThroughJellyfin }}
|
||||
{{ end }}
|
||||
</p>
|
||||
<div class="row">
|
||||
<input type="text" class="col sm field ~neutral @low input" id="pwr-address" placeholder="example@example.com | user#1234 | @user:host | @username">
|
||||
</div>
|
||||
{{ if .linkResetEnabled }}
|
||||
<span class="button ~info @low full-width center mt-4" id="pwr-submit">
|
||||
{{ .strings.submit }}
|
||||
</span>
|
||||
{{ else }}
|
||||
<a class="button ~info @low full-width center mt-4" href="{{ .jfLink }}" target="_blank">{{ .strings.continue }}</a>
|
||||
{{ end }}
|
||||
</div>
|
||||
</div>
|
||||
{{ end }}
|
||||
{{ template "login-modal.html" . }}
|
||||
{{ template "account-linking.html" . }}
|
||||
<div id="notification-box"></div>
|
||||
@ -68,6 +93,8 @@
|
||||
</span>
|
||||
<span class="button ~warning" alt="{{ .strings.theme }}" id="button-theme"><i class="ri-sun-line"></i></span>
|
||||
<span class="button ~critical @low mb-4 unfocused" id="logout-button">{{ .strings.logout }}</span>
|
||||
</div>
|
||||
<div class="top-4 right-4 absolute">
|
||||
<a class="button ~info unfocused" href="/" id="admin-back-button"><i class="ri-arrow-left-fill mr-2"></i>{{ .strings.admin }}</a>
|
||||
</div>
|
||||
<div class="page-container unfocused">
|
||||
|
@ -38,7 +38,8 @@
|
||||
"expiry": "Expiry",
|
||||
"add": "Add",
|
||||
"edit": "Edit",
|
||||
"delete": "Delete"
|
||||
"delete": "Delete",
|
||||
"myAccount": "My Account"
|
||||
},
|
||||
"notifications": {
|
||||
"errorLoginBlank": "The username and/or password were left blank.",
|
||||
|
@ -27,7 +27,11 @@
|
||||
"customMessagePlaceholderHeader": "Customize this card",
|
||||
"customMessagePlaceholderContent": "Click the user page edit button in settings to customize this card, or show one on the login screen, and don't worry, the user can't see this.",
|
||||
"userPageSuccessMessage": "You can see and change details about your account later on the {myAccount} page.",
|
||||
"myAccount": "My Account"
|
||||
"resetPassword": "Reset Password",
|
||||
"resetPasswordThroughJellyfin": "To reset your password, visit {jfLink} and press the \"Forgot Password\" button.",
|
||||
"resetPasswordThroughLink": "To reset your password, enter your email address or a linked contact method username, and submit. A link will be sent to reset your password.",
|
||||
"resetSent": "Reset Sent.",
|
||||
"resetSentDescription": "If an account with the given contact method exists, a password reset link has been sent to all contact methods available. The code will expire in 30 minutes."
|
||||
},
|
||||
"notifications": {
|
||||
"errorUserExists": "User already exists.",
|
||||
|
13
pwreset.go
13
pwreset.go
@ -2,6 +2,7 @@ package main
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
@ -25,6 +26,18 @@ func (app *appContext) GenInternalReset(userID string) (InternalPWR, error) {
|
||||
return pwr, nil
|
||||
}
|
||||
|
||||
// GenResetLink generates and returns a password reset link.
|
||||
func (app *appContext) GenResetLink(pin string) (string, error) {
|
||||
url := app.config.Section("password_resets").Key("url_base").String()
|
||||
var pinLink string
|
||||
if url == "" {
|
||||
return pinLink, fmt.Errorf("disabled as no URL Base provided. Set in Settings > Password Resets.")
|
||||
}
|
||||
// Strip /invite from end of this URL, ik it's ugly.
|
||||
pinLink = fmt.Sprintf("%s/reset?pin=%s", url, pin)
|
||||
return pinLink, nil
|
||||
}
|
||||
|
||||
func (app *appContext) StartPWR() {
|
||||
app.info.Println("Starting password reset daemon")
|
||||
path := app.config.Section("password_resets").Key("watch_directory").String()
|
||||
|
@ -148,6 +148,7 @@ func (app *appContext) loadRoutes(router *gin.Engine) {
|
||||
router.GET(p+"/my/token/login", app.getUserTokenLogin)
|
||||
router.GET(p+"/my/token/refresh", app.getUserTokenRefresh)
|
||||
router.GET(p+"/my/confirm/:jwt", app.ConfirmMyAction)
|
||||
router.POST(p+"/my/password/reset/:address", app.ResetMyPassword)
|
||||
}
|
||||
}
|
||||
if *SWAGGER {
|
||||
|
@ -110,6 +110,7 @@ declare interface Modals {
|
||||
discord: Modal;
|
||||
matrix: Modal;
|
||||
sendPWR?: Modal;
|
||||
pwr?: Modal;
|
||||
logs: Modal;
|
||||
email?: Modal;
|
||||
}
|
||||
|
29
ts/user.ts
29
ts/user.ts
@ -16,6 +16,7 @@ interface userWindow extends Window {
|
||||
discordInviteLink: boolean;
|
||||
matrixUserID: string;
|
||||
discordSendPINMessage: string;
|
||||
pwrEnabled: string;
|
||||
}
|
||||
|
||||
declare var window: userWindow;
|
||||
@ -44,10 +45,38 @@ window.modals = {} as Modals;
|
||||
if (window.matrixEnabled) {
|
||||
window.modals.matrix = new Modal(document.getElementById("modal-matrix"), false);
|
||||
}
|
||||
if (window.pwrEnabled) {
|
||||
window.modals.pwr = new Modal(document.getElementById("modal-pwr"), false);
|
||||
window.modals.pwr.onclose = () => {
|
||||
window.modals.login.show();
|
||||
};
|
||||
const resetButton = document.getElementById("modal-login-pwr");
|
||||
resetButton.onclick = () => {
|
||||
window.modals.login.close();
|
||||
window.modals.pwr.show();
|
||||
}
|
||||
}
|
||||
})();
|
||||
|
||||
window.notifications = new notificationBox(document.getElementById('notification-box') as HTMLDivElement, 5);
|
||||
|
||||
if (window.pwrEnabled && window.linkResetEnabled) {
|
||||
const submitButton = document.getElementById("pwr-submit");
|
||||
const input = document.getElementById("pwr-address") as HTMLInputElement;
|
||||
submitButton.onclick = () => _post("/my/password/reset/" + input.value, null, (req: XMLHttpRequest) => {
|
||||
if (req.readyState != 4) return;
|
||||
if (req.status != 204) {
|
||||
window.notifications.customError("unkownError", window.lang.notif("errorUnknown"));;
|
||||
window.modals.pwr.close();
|
||||
return;
|
||||
}
|
||||
window.modals.pwr.modal.querySelector(".heading").textContent = window.lang.strings("resetSent");
|
||||
window.modals.pwr.modal.querySelector(".content").textContent = window.lang.strings("resetSentDescription");
|
||||
submitButton.classList.add("unfocused");
|
||||
input.classList.add("unfocused");
|
||||
});
|
||||
}
|
||||
|
||||
const grid = document.querySelector(".grid");
|
||||
var rootCard = document.getElementById("card-user");
|
||||
var contactCard = document.getElementById("card-contact");
|
||||
|
3
views.go
3
views.go
@ -157,6 +157,7 @@ func (app *appContext) AdminPage(gc *gin.Context) {
|
||||
"jellyfinLogin": app.jellyfinLogin,
|
||||
"jfAdminOnly": jfAdminOnly,
|
||||
"jfAllowAll": jfAllowAll,
|
||||
"userPageEnabled": app.config.Section("user_page").Key("enabled").MustBool(false),
|
||||
})
|
||||
}
|
||||
|
||||
@ -177,6 +178,7 @@ func (app *appContext) MyUserPage(gc *gin.Context) {
|
||||
"discordEnabled": discordEnabled,
|
||||
"matrixEnabled": matrixEnabled,
|
||||
"ombiEnabled": ombiEnabled,
|
||||
"pwrEnabled": app.config.Section("password_resets").Key("enabled").MustBool(false),
|
||||
"linkResetEnabled": app.config.Section("password_resets").Key("link_reset").MustBool(false),
|
||||
"notifications": notificationsEnabled,
|
||||
"username": !app.config.Section("email").Key("no_username").MustBool(false),
|
||||
@ -184,6 +186,7 @@ func (app *appContext) MyUserPage(gc *gin.Context) {
|
||||
"validationStrings": app.storage.lang.User[lang].ValidationStrings,
|
||||
"language": app.storage.lang.User[lang].JSON,
|
||||
"langName": lang,
|
||||
"jfLink": app.config.Section("ui").Key("redirect_url").String(),
|
||||
}
|
||||
if telegramEnabled {
|
||||
data["telegramUsername"] = app.telegram.username
|
||||
|
Loading…
Reference in New Issue
Block a user