upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2025-04-13 15:35:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

update changepassword to /api/users/:id/password

Browse Source
This commit is contained in:
wy65701436 2016-04-20 22:27:47 -07:00
parent 606139a94d
commit 0bcb65f69a
4 changed files with 70 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
api/user.go
View File

@ -36,6 +36,11 @@ type UserAPI struct {
AuthMode string AuthMode string
} }
type passwordReq struct {
OldPassword string `json:"old_password"`
NewPassword string `json:"new_password"`
}
// Prepare validates the URL and parms // Prepare validates the URL and parms
func (ua *UserAPI) Prepare() { func (ua *UserAPI) Prepare() {
@ -177,3 +182,46 @@ func (ua *UserAPI) Delete() {
return return
} }
} }
// ChangePassword handles PUT to /api/users/{}/password
func (ua *UserAPI) ChangePassword() {
if !(ua.AuthMode == "db_auth") {
ua.CustomAbort(http.StatusForbidden, "")
}
if !ua.IsAdmin {
if ua.userID != ua.currentUserID {
log.Error("Guests can only change their own account.")
ua.CustomAbort(http.StatusForbidden, "Guests can only change their own account.")
}
}
var req passwordReq
ua.DecodeJSONReq(&req)
if req.OldPassword == "" {
log.Error("Old password is blank")
ua.CustomAbort(http.StatusBadRequest, "Old password is blank")
}
queryUser := models.User{UserID: ua.userID, Password: req.OldPassword}
user, err := dao.CheckUserPassword(queryUser)
if err != nil {
log.Errorf("Error occurred in CheckUserPassword: %v", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if user == nil {
log.Warning("Password input is not correct")
ua.CustomAbort(http.StatusForbidden, "old_password_is_not_correct")
}
if req.NewPassword == "" {
ua.CustomAbort(http.StatusBadRequest, "please_input_new_password")
}
updateUser := models.User{UserID: ua.userID, Password: req.NewPassword, Salt: user.Salt}
err = dao.ChangeUserPassword(updateUser, req.OldPassword)
if err != nil {
log.Errorf("Error occurred in ChangeUserPassword: %v", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
}

41
controllers/password.go
View File

@ -46,47 +46,6 @@ func (cpc *ChangePasswordController) Get() {
cpc.ForwardTo("page_title_change_password", "change-password") cpc.ForwardTo("page_title_change_password", "change-password")
} }
// UpdatePassword handles UI request to update user's password, it only works when the auth mode is db_auth.
func (cc *CommonController) UpdatePassword() {
sessionUserID := cc.GetSession("userId")
if sessionUserID == nil {
log.Warning("User does not login.")
cc.CustomAbort(http.StatusUnauthorized, "please_login_first")
}
oldPassword := cc.GetString("old_password")
if oldPassword == "" {
log.Error("Old password is blank")
cc.CustomAbort(http.StatusBadRequest, "Old password is blank")
}
queryUser := models.User{UserID: sessionUserID.(int), Password: oldPassword}
user, err := dao.CheckUserPassword(queryUser)
if err != nil {
log.Errorf("Error occurred in CheckUserPassword: %v", err)
cc.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if user == nil {
log.Warning("Password input is not correct")
cc.CustomAbort(http.StatusForbidden, "old_password_is_not_correct")
}
password := cc.GetString("password")
if password != "" {
updateUser := models.User{UserID: sessionUserID.(int), Password: password, Salt: user.Salt}
err = dao.ChangeUserPassword(updateUser, oldPassword)
if err != nil {
log.Errorf("Error occurred in ChangeUserPassword: %v", err)
cc.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
} else {
cc.CustomAbort(http.StatusBadRequest, "please_input_new_password")
}
}
// ForgotPasswordController handles request to /forgotPassword // ForgotPasswordController handles request to /forgotPassword
type ForgotPasswordController struct { type ForgotPasswordController struct {
BaseController BaseController

42
static/resources/js/change-password.js
View File

@ -56,16 +56,18 @@ jQuery(function(){
validateOptions.Validate(function(){ validateOptions.Validate(function(){
var oldPassword = $("#OldPassword").val(); var oldPassword = $("#OldPassword").val();
var password = $("#Password").val(); var password = $("#Password").val();
$.ajax({ new AjaxUtil({
"url": "/updatePassword", url: "/api/users/current/password",
"type": "post", type: "put",
"data": {"old_password": oldPassword, "password" : password}, data: {"old_password": oldPassword, "new_password" : password},
"beforeSend": function(e){ beforeSend: function(e){
unbindEnterKey(); unbindEnterKey();
$("h1").append(spinner.el); $("h1").append(spinner.el);
$("#btnSubmit").prop("disabled", true); $("#btnSubmit").prop("disabled", true);
}, },
"success": function(data, status, xhr){ complete: function(xhr, status){
spinner.stop();
$("#btnSubmit").prop("disabled", false);
if(xhr && xhr.status == 200){ if(xhr && xhr.status == 200){
$("#dlgModal") $("#dlgModal")
.dialogModal({ .dialogModal({
@ -77,22 +79,20 @@ jQuery(function(){
}); });
} }
}, },
"error": function(jqXhr, status, error){ error: function(jqXhr, status, error){
$("#dlgModal") if(jqXhr && jqXhr.responseText.length){
.dialogModal({ $("#dlgModal")
"title": i18n.getMessage("title_change_password"), .dialogModal({
"content": i18n.getMessage(jqXhr.responseText), "title": i18n.getMessage("title_change_password"),
"callback": function(){ "content": i18n.getMessage(jqXhr.responseText),
bindEnterKey(); "callback": function(){
return; bindEnterKey();
} return;
}); }
}, });
"complete": function(){ }
spinner.stop();
$("#btnSubmit").prop("disabled", false);
} }
}); }).exec();
}); });
}); });
}); });

2
ui/router.go
View File

@ -36,7 +36,6 @@ func initRouters() {
beego.Router("/userExists", &controllers.CommonController{}, "post:UserExists") beego.Router("/userExists", &controllers.CommonController{}, "post:UserExists")
beego.Router("/reset", &controllers.CommonController{}, "post:ResetPassword") beego.Router("/reset", &controllers.CommonController{}, "post:ResetPassword")
beego.Router("/sendEmail", &controllers.CommonController{}, "get:SendEmail") beego.Router("/sendEmail", &controllers.CommonController{}, "get:SendEmail")
beego.Router("/updatePassword", &controllers.CommonController{}, "post:UpdatePassword")
beego.Router("/", &controllers.IndexController{}) beego.Router("/", &controllers.IndexController{})
beego.Router("/signIn", &controllers.SignInController{}) beego.Router("/signIn", &controllers.SignInController{})
@ -58,6 +57,7 @@ func initRouters() {
beego.Router("/api/projects/:id/logs/filter", &api.ProjectAPI{}, "post:FilterAccessLog") beego.Router("/api/projects/:id/logs/filter", &api.ProjectAPI{}, "post:FilterAccessLog")
beego.Router("/api/users", &api.UserAPI{}) beego.Router("/api/users", &api.UserAPI{})
beego.Router("/api/users/?:id", &api.UserAPI{}) beego.Router("/api/users/?:id", &api.UserAPI{})
beego.Router("/api/users/:id/password", &api.UserAPI{}, "put:ChangePassword")
beego.Router("/api/repositories", &api.RepositoryAPI{}) beego.Router("/api/repositories", &api.RepositoryAPI{})
beego.Router("/api/repositories/tags", &api.RepositoryAPI{}, "get:GetTags") beego.Router("/api/repositories/tags", &api.RepositoryAPI{}, "get:GetTags")
beego.Router("/api/repositories/manifests", &api.RepositoryAPI{}, "get:GetManifests") beego.Router("/api/repositories/manifests", &api.RepositoryAPI{}, "get:GetManifests")