Create/change account password (#156)

thomiceli · Nov 20, 2023 · d518a44 · d518a44
1 parent dcacde0
commit d518a44
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 1 deletion.
diff --git a/internal/i18n/locales/en-US.yml b/internal/i18n/locales/en-US.yml
@@ -106,6 +106,11 @@ settings.delete-ssh-key-confirm: Confirm deletion of SSH key
 settings.ssh-key-added-at: Added
 settings.ssh-key-never-used: Never used
 settings.ssh-key-last-used: Last used
+settings.create-password: Create password
+settings.create-password-help: Create your password to login to Opengist via HTTP
+settings.change-password: Change password
+settings.change-password-help: Change your password to login to Opengist via HTTP
+settings.password-label-title: Password
 
 auth.signup-disabled: Administrator has disabled signing up
 auth.login: Login

diff --git a/internal/web/server.go b/internal/web/server.go
@@ -218,6 +218,7 @@ func NewServer(isDev bool) *Server {
  g1.DELETE("/settings/account", accountDeleteProcess, logged)
  g1.POST("/settings/ssh-keys", sshKeysProcess, logged)
  g1.DELETE("/settings/ssh-keys/:id", sshKeysDelete, logged)
+ g1.PUT("/settings/password", passwordProcess, logged)
 
  g2 := g1.Group("/admin-panel")
  {

diff --git a/internal/web/settings.go b/internal/web/settings.go
@@ -21,6 +21,7 @@ func userSettings(ctx echo.Context) error {
 
  setData(ctx, "email", user.Email)
  setData(ctx, "sshKeys", keys)
+ setData(ctx, "hasPassword", user.Password != "")
  setData(ctx, "htmlTitle", "Settings")
  return html(ctx, "settings.html")
 }
@@ -110,3 +111,31 @@ func sshKeysDelete(ctx echo.Context) error {
  addFlash(ctx, "SSH key deleted", "success")
  return redirect(ctx, "/settings")
 }
+
+func passwordProcess(ctx echo.Context) error {
+ user := getUserLogged(ctx)
+
+ dto := new(db.UserDTO)
+ if err := ctx.Bind(dto); err != nil {
+ return errorRes(400, "Cannot bind data", err)
+ }
+ dto.Username = user.Username
+
+ if err := ctx.Validate(dto); err != nil {
+ addFlash(ctx, validationMessages(&err), "error")
+ return html(ctx, "settings.html")
+ }
+
+ password, err := argon2id.hash(dto.Password)
+ if err != nil {
+ return errorRes(500, "Cannot hash password", err)
+ }
+ user.Password = password
+
+ if err = user.Update(); err != nil {
+ return errorRes(500, "Cannot update password", err)
+ }
+
+ addFlash(ctx, "Password updated", "success")
+ return redirect(ctx, "/settings")
+}
diff --git a/templates/pages/settings.html b/templates/pages/settings.html
@@ -90,7 +90,43 @@ <h2 class="text-md font-bold text-slate-700 dark:text-slate-300">
  </div>
  </div>
  </div>
- <div class="sm:grid grid-cols-2 gap-x-4 md:gap-x-8">
+ <div class="sm:grid grid-cols-3 gap-x-4 md:gap-x-8">
+ <div class="w-full">
+ <div class="bg-white dark:bg-gray-900 rounded-md border border-1 border-gray-200 dark:border-gray-700 py-8 px-4 shadow sm:rounded-lg sm:px-10">
+ <h2 class="text-md font-bold text-slate-700 dark:text-slate-300">
+ {{if .hasPassword}}
+ {{ .locale.Tr "settings.change-password" }}
+ {{else}}
+ {{ .locale.Tr "settings.create-password" }}
+ {{end}}
+ </h2>
+ <h3 class="text-sm text-gray-600 dark:text-gray-400 italic mb-4">
+ {{if .hasPassword}}
+ {{ .locale.Tr "settings.change-password-help" }}
+ {{else}}
+ {{ .locale.Tr "settings.create-password-help" }}
+ {{end}}
+ </h3>
+ <form class="space-y-6" action="/settings/password" method="post">
+ <div>
+ <label for="password-change" class="block text-sm font-medium text-slate-700 dark:text-slate-300"> {{ .locale.Tr "settings.password-label-title" }} </label>
+ <div class="mt-1">
+ <input id="password-change" name="password" type="password" required autocomplete="off" class="dark:bg-gray-800 appearance-none block w-full px-3 py-2 border border-gray-200 dark:border-gray-700 rounded-md shadow-sm placeholder-gray-600 dark:placeholder-gray-400 focus:outline-none focus:ring-primary-500 focus:border-primary-500 sm:text-sm">
+ </div>
+ </div>
+ <input type="hidden" name="_method" value="PUT">
+
+ <button type="submit" class="inline-flex items-center px-4 py-2 border border-transparent border-gray-200 dark:border-gray-700 text-sm font-medium rounded-md shadow-sm text-white dark:text-white bg-primary-500 hover:bg-primary-600 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-primary-500">
+ {{if .hasPassword}}
+ {{ .locale.Tr "settings.change-password" }}
+ {{else}}
+ {{ .locale.Tr "settings.create-password" }}
+ {{end}}
+ </button>
+ {{ .csrfHtml }}
+ </form>
+ </div>
+ </div>
  <div class="w-full">
  <div class="bg-white dark:bg-gray-900 rounded-md border border-1 border-gray-200 dark:border-gray-700 py-8 px-4 shadow sm:rounded-lg sm:px-10">
  <h2 class="text-md font-bold text-slate-700 dark:text-slate-300">