diff options
Diffstat (limited to 'src/handlers/users.rs')
-rw-r--r-- | src/handlers/users.rs | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/src/handlers/users.rs b/src/handlers/users.rs index e6b0415..c7bc870 100644 --- a/src/handlers/users.rs +++ b/src/handlers/users.rs | |||
@@ -104,3 +104,40 @@ pub async fn user_details( | |||
104 | } | 104 | } |
105 | } | 105 | } |
106 | } | 106 | } |
107 | |||
108 | #[derive(Deserialize, Debug)] | ||
109 | pub struct ChangePassword { | ||
110 | old_password: String, | ||
111 | new_password: String, | ||
112 | } | ||
113 | |||
114 | pub async fn change_password( | ||
115 | cookie: Identity, | ||
116 | password_details: web::Json<ChangePassword>, | ||
117 | pool: web::Data<TPool>, | ||
118 | ) -> impl Responder { | ||
119 | info!("Change password request: {:?}", password_details); | ||
120 | let conn = pool.get().unwrap(); | ||
121 | if let Some(uname) = cookie.identity() { | ||
122 | let entered_pass = &password_details.old_password; | ||
123 | let new_password = &password_details.new_password; | ||
124 | let selected_user = members | ||
125 | .filter(username.eq(&uname)) | ||
126 | .limit(1) | ||
127 | .first::<Member>(&conn) | ||
128 | .expect("Couldn't connect to DB"); | ||
129 | let hashed_pass = selected_user.password; | ||
130 | if verify(entered_pass, &hashed_pass).unwrap() { | ||
131 | let hashed_new_password = | ||
132 | hash(&new_password, DEFAULT_COST).unwrap(); | ||
133 | diesel::update(members.filter(id.eq(selected_user.id))) | ||
134 | .set(password.eq(hashed_new_password)) | ||
135 | .execute(&conn) | ||
136 | .unwrap(); | ||
137 | return HttpResponse::Ok().body("Changed password successfully"); | ||
138 | } else { | ||
139 | return HttpResponse::Ok().body("Invalid password"); | ||
140 | } | ||
141 | } | ||
142 | return HttpResponse::Unauthorized().body("Login first"); | ||
143 | } | ||