github.com/decred/politeia@v1.4.0/politeiawww/cmd/shared/userpasswordreset.go (about)

     1  // Copyright (c) 2017-2019 The Decred developers
     2  // Use of this source code is governed by an ISC
     3  // license that can be found in the LICENSE file.
     4  
     5  package shared
     6  
     7  import (
     8  	"fmt"
     9  
    10  	www "github.com/decred/politeia/politeiawww/api/www/v1"
    11  )
    12  
    13  // UserPasswordResetCmd resets the password of the specified user.
    14  type UserPasswordResetCmd struct {
    15  	Args struct {
    16  		Username    string `positional-arg-name:"username"`    // Username
    17  		Email       string `positional-arg-name:"email"`       // User email address
    18  		NewPassword string `positional-arg-name:"newpassword"` // New password
    19  	} `positional-args:"true" required:"true"`
    20  }
    21  
    22  // Execute executes the reset password command.
    23  func (cmd *UserPasswordResetCmd) Execute(args []string) error {
    24  	username := cmd.Args.Username
    25  	email := cmd.Args.Email
    26  	newPassword := cmd.Args.NewPassword
    27  
    28  	// Get password requirements
    29  	pr, err := client.Policy()
    30  	if err != nil {
    31  		return err
    32  	}
    33  
    34  	// Validate new password
    35  	if uint(len(newPassword)) < pr.MinPasswordLength {
    36  		return fmt.Errorf("password must be %v characters long",
    37  			pr.MinPasswordLength)
    38  	}
    39  
    40  	// Reset password
    41  	rp := &www.ResetPassword{
    42  		Username: username,
    43  		Email:    email,
    44  	}
    45  
    46  	err = PrintJSON(rp)
    47  	if err != nil {
    48  		return err
    49  	}
    50  
    51  	rpr, err := client.ResetPassword(rp)
    52  	if err != nil {
    53  		return err
    54  	}
    55  
    56  	err = PrintJSON(rpr)
    57  	if err != nil {
    58  		return err
    59  	}
    60  
    61  	// The verification token will only be present in the
    62  	// reply if the politeiawww email server has been
    63  	// disabled. If the verification token is not in the
    64  	// reply then there is nothing more that we can do.
    65  	if rpr.VerificationToken == "" {
    66  		return nil
    67  	}
    68  
    69  	// Verify reset password
    70  	vrp := www.VerifyResetPassword{
    71  		Username:          username,
    72  		VerificationToken: rpr.VerificationToken,
    73  		NewPassword:       DigestSHA3(newPassword),
    74  	}
    75  
    76  	err = PrintJSON(vrp)
    77  	if err != nil {
    78  		return err
    79  	}
    80  
    81  	vrpr, err := client.VerifyResetPassword(vrp)
    82  	if err != nil {
    83  		return err
    84  	}
    85  
    86  	return PrintJSON(vrpr)
    87  }
    88  
    89  // UserPasswordResetHelpMsg is the output of the help command when 'userpasswordreset'
    90  // is specified.
    91  const UserPasswordResetHelpMsg = `userpasswordreset "username" "email" "newpassword"
    92  
    93  Reset the password for a user that is not logged in.
    94  
    95  Arguments:
    96  1. username   (string, required)   Username of user
    97  2. email      (string, required)   Email address of user
    98  3. password   (string, required)   New password`