1 files changed, 37 insertions, 0 deletions
diff --git a/src/handlers/users.rs b/src/handlers/users.rs
index e6b0415..c7bc870 100644
--- a/src/handlers/users.rs
+++ b/src/handlers/users.rs
@@ -104,3 +104,40 @@ pub async fn user_details(
        }
    }
 }
+#[derive(Deserialize, Debug)]
+pub struct ChangePassword {
+    old_password: String,
+    new_password: String,
+}
+pub async fn change_password(
+    cookie: Identity,
+    password_details: web::Json<ChangePassword>,
+    pool: web::Data<TPool>,
+) -> impl Responder {
+    info!("Change password request: {:?}", password_details);
+    let conn = pool.get().unwrap();
+    if let Some(uname) = cookie.identity() {
+        let entered_pass = &password_details.old_password;
+        let new_password = &password_details.new_password;
+        let selected_user = members
+            .filter(username.eq(&uname))
+            .limit(1)
+            .first::<Member>(&conn)
+            .expect("Couldn't connect to DB");
+        let hashed_pass = selected_user.password;
+        if verify(entered_pass, &hashed_pass).unwrap() {
+            let hashed_new_password =
+                hash(&new_password, DEFAULT_COST).unwrap();
+            diesel::update(members.filter(id.eq(selected_user.id)))
+                .set(password.eq(hashed_new_password))
+                .execute(&conn)
+                .unwrap();
+            return HttpResponse::Ok().body("Changed password successfully");
+        } else {
+            return HttpResponse::Ok().body("Invalid password");
+        }
+    }
+    return HttpResponse::Unauthorized().body("Login first");
+}

diff --git a/src/handlers/users.rs b/src/handlers/users.rs index e6b0415..c7bc870 100644 --- a/src/handlers/users.rs +++ b/src/handlers/users.rs
@@ -104,3 +104,40 @@ pub async fn user_details(
104	}	104	}
105	}	105	}
106	}	106	}
		107
		108	#[derive(Deserialize, Debug)]
		109	pub struct ChangePassword {
		110	old_password: String,
		111	new_password: String,
		112	}
		113
		114	pub async fn change_password(
		115	cookie: Identity,
		116	password_details: web::Json<ChangePassword>,
		117	pool: web::Data<TPool>,
		118	) -> impl Responder {
		119	info!("Change password request: {:?}", password_details);
		120	let conn = pool.get().unwrap();
		121	if let Some(uname) = cookie.identity() {
		122	let entered_pass = &password_details.old_password;
		123	let new_password = &password_details.new_password;
		124	let selected_user = members
		125	.filter(username.eq(&uname))
		126	.limit(1)
		127	.first::<Member>(&conn)
		128	.expect("Couldn't connect to DB");
		129	let hashed_pass = selected_user.password;
		130	if verify(entered_pass, &hashed_pass).unwrap() {
		131	let hashed_new_password =
		132	hash(&new_password, DEFAULT_COST).unwrap();
		133	diesel::update(members.filter(id.eq(selected_user.id)))
		134	.set(password.eq(hashed_new_password))
		135	.execute(&conn)
		136	.unwrap();
		137	return HttpResponse::Ok().body("Changed password successfully");
		138	} else {
		139	return HttpResponse::Ok().body("Invalid password");
		140	}
		141	}
		142	return HttpResponse::Unauthorized().body("Login first");
		143	}