code.gitea.io/gitea@v1.21.7/cmd/admin_user_change_password.go (about)

     1  // Copyright 2023 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package cmd
     5  
     6  import (
     7  	"context"
     8  	"errors"
     9  	"fmt"
    10  
    11  	user_model "code.gitea.io/gitea/models/user"
    12  	pwd "code.gitea.io/gitea/modules/auth/password"
    13  	"code.gitea.io/gitea/modules/setting"
    14  
    15  	"github.com/urfave/cli/v2"
    16  )
    17  
    18  var microcmdUserChangePassword = &cli.Command{
    19  	Name:   "change-password",
    20  	Usage:  "Change a user's password",
    21  	Action: runChangePassword,
    22  	Flags: []cli.Flag{
    23  		&cli.StringFlag{
    24  			Name:    "username",
    25  			Aliases: []string{"u"},
    26  			Value:   "",
    27  			Usage:   "The user to change password for",
    28  		},
    29  		&cli.StringFlag{
    30  			Name:    "password",
    31  			Aliases: []string{"p"},
    32  			Value:   "",
    33  			Usage:   "New password to set for user",
    34  		},
    35  	},
    36  }
    37  
    38  func runChangePassword(c *cli.Context) error {
    39  	if err := argsSet(c, "username", "password"); err != nil {
    40  		return err
    41  	}
    42  
    43  	ctx, cancel := installSignals()
    44  	defer cancel()
    45  
    46  	if err := initDB(ctx); err != nil {
    47  		return err
    48  	}
    49  	if len(c.String("password")) < setting.MinPasswordLength {
    50  		return fmt.Errorf("Password is not long enough. Needs to be at least %d", setting.MinPasswordLength)
    51  	}
    52  
    53  	if !pwd.IsComplexEnough(c.String("password")) {
    54  		return errors.New("Password does not meet complexity requirements")
    55  	}
    56  	pwned, err := pwd.IsPwned(context.Background(), c.String("password"))
    57  	if err != nil {
    58  		return err
    59  	}
    60  	if pwned {
    61  		return errors.New("The password you chose is on a list of stolen passwords previously exposed in public data breaches. Please try again with a different password.\nFor more details, see https://haveibeenpwned.com/Passwords")
    62  	}
    63  	uname := c.String("username")
    64  	user, err := user_model.GetUserByName(ctx, uname)
    65  	if err != nil {
    66  		return err
    67  	}
    68  	if err = user.SetPassword(c.String("password")); err != nil {
    69  		return err
    70  	}
    71  
    72  	if err = user_model.UpdateUserCols(ctx, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
    73  		return err
    74  	}
    75  
    76  	fmt.Printf("%s's password has been successfully updated!\n", user.Name)
    77  	return nil
    78  }