Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ResetPasswordAPIHandler ¶
type ResetPasswordAPIHandler struct {
MinimumLengthRequirement int
HIBP hibp.HIBPSettings
}
func (ResetPasswordAPIHandler) ServeHTTP ¶
func (h ResetPasswordAPIHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type ResetPasswordPageHandler ¶
type ResetPasswordPageHandler struct {
AppName string
Styling pages.LocksmithPageStyling
EmailAsUsername bool
ShowResetStage bool
HIBP hibp.HIBPSettings
MinimumPasswordLength int
}
func (ResetPasswordPageHandler) ServeHTTP ¶
func (h ResetPasswordPageHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type ResetRouterAPIHandler ¶
type ResetRouterAPIHandler struct {
Database database.DatabaseAccessor
SendResetToken func(token string, user users.LocksmithUserInterface)
HIBP hibp.HIBPSettings
MinimumPasswordLength int
}
func (ResetRouterAPIHandler) ServeHTTP ¶
func (h ResetRouterAPIHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
Flow: - [ ] User clicks "Forgot password" on login page - [x] User enters their email - [x] Show a screen to the user that "if the account exists, we've sent a link to your email address."
- [x] Sends POST request to create & dispatch the reset token
- POST /api/reset-password?email=email
- [x] Create a MAC for the user to access the PUT /api/reset-password endpoint - [x] Send them a Notification with the MAC (we should make the SendMessage a variable on ResetRouterAPIHandler)
- URL Format: /reset-password/reset?magic=<MAC>
- [x] User will enter their new password - [x] Password will be changed
- [x] MAC is expired
- PUT /api/reset-password { email: email }
- [x] Redirect to /login
Source Files
Click to show internal directories.
Click to hide internal directories.