summaryrefslogtreecommitdiff
path: root/internal/processing/user
diff options
context:
space:
mode:
Diffstat (limited to 'internal/processing/user')
-rw-r--r--internal/processing/user/changepassword.go50
-rw-r--r--internal/processing/user/changepassword_test.go74
-rw-r--r--internal/processing/user/user.go48
-rw-r--r--internal/processing/user/user_test.go52
4 files changed, 224 insertions, 0 deletions
diff --git a/internal/processing/user/changepassword.go b/internal/processing/user/changepassword.go
new file mode 100644
index 000000000..3fe2c8d7c
--- /dev/null
+++ b/internal/processing/user/changepassword.go
@@ -0,0 +1,50 @@
+/*
+ GoToSocial
+ Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user
+
+import (
+ "context"
+
+ "github.com/superseriousbusiness/gotosocial/internal/gtserror"
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+ "github.com/superseriousbusiness/gotosocial/internal/validate"
+ "golang.org/x/crypto/bcrypt"
+)
+
+func (p *processor) ChangePassword(ctx context.Context, user *gtsmodel.User, oldPassword string, newPassword string) gtserror.WithCode {
+ if err := bcrypt.CompareHashAndPassword([]byte(user.EncryptedPassword), []byte(oldPassword)); err != nil {
+ return gtserror.NewErrorBadRequest(err, "old password did not match")
+ }
+
+ if err := validate.NewPassword(newPassword); err != nil {
+ return gtserror.NewErrorBadRequest(err, err.Error())
+ }
+
+ newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost)
+ if err != nil {
+ return gtserror.NewErrorInternalError(err, "error hashing password")
+ }
+
+ user.EncryptedPassword = string(newPasswordHash)
+ if err := p.db.UpdateByPrimaryKey(ctx, user); err != nil {
+ return gtserror.NewErrorInternalError(err, "database error")
+ }
+
+ return nil
+}
diff --git a/internal/processing/user/changepassword_test.go b/internal/processing/user/changepassword_test.go
new file mode 100644
index 000000000..2687eae10
--- /dev/null
+++ b/internal/processing/user/changepassword_test.go
@@ -0,0 +1,74 @@
+/*
+ GoToSocial
+ Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user_test
+
+import (
+ "context"
+ "net/http"
+ "testing"
+
+ "github.com/stretchr/testify/suite"
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+ "golang.org/x/crypto/bcrypt"
+)
+
+type ChangePasswordTestSuite struct {
+ UserStandardTestSuite
+}
+
+func (suite *ChangePasswordTestSuite) TestChangePasswordOK() {
+ user := suite.testUsers["local_account_1"]
+
+ errWithCode := suite.user.ChangePassword(context.Background(), user, "password", "verygoodnewpassword")
+ suite.NoError(errWithCode)
+
+ err := bcrypt.CompareHashAndPassword([]byte(user.EncryptedPassword), []byte("verygoodnewpassword"))
+ suite.NoError(err)
+
+ // get user from the db again
+ dbUser := &gtsmodel.User{}
+ err = suite.db.GetByID(context.Background(), user.ID, dbUser)
+ suite.NoError(err)
+
+ // check the password has changed
+ err = bcrypt.CompareHashAndPassword([]byte(dbUser.EncryptedPassword), []byte("verygoodnewpassword"))
+ suite.NoError(err)
+}
+
+func (suite *ChangePasswordTestSuite) TestChangePasswordIncorrectOld() {
+ user := suite.testUsers["local_account_1"]
+
+ errWithCode := suite.user.ChangePassword(context.Background(), user, "ooooopsydoooopsy", "verygoodnewpassword")
+ suite.EqualError(errWithCode, "crypto/bcrypt: hashedPassword is not the hash of the given password")
+ suite.Equal(http.StatusBadRequest, errWithCode.Code())
+ suite.Equal("bad request: old password did not match", errWithCode.Safe())
+}
+
+func (suite *ChangePasswordTestSuite) TestChangePasswordWeakNew() {
+ user := suite.testUsers["local_account_1"]
+
+ errWithCode := suite.user.ChangePassword(context.Background(), user, "password", "1234")
+ suite.EqualError(errWithCode, "insecure password, try including more special characters, using lowercase letters, using uppercase letters or using a longer password")
+ suite.Equal(http.StatusBadRequest, errWithCode.Code())
+ suite.Equal("bad request: insecure password, try including more special characters, using lowercase letters, using uppercase letters or using a longer password", errWithCode.Safe())
+}
+
+func TestChangePasswordTestSuite(t *testing.T) {
+ suite.Run(t, &ChangePasswordTestSuite{})
+}
diff --git a/internal/processing/user/user.go b/internal/processing/user/user.go
new file mode 100644
index 000000000..c572becc2
--- /dev/null
+++ b/internal/processing/user/user.go
@@ -0,0 +1,48 @@
+/*
+ GoToSocial
+ Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user
+
+import (
+ "context"
+
+ "github.com/superseriousbusiness/gotosocial/internal/config"
+ "github.com/superseriousbusiness/gotosocial/internal/db"
+ "github.com/superseriousbusiness/gotosocial/internal/gtserror"
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+)
+
+// Processor wraps a bunch of functions for processing user-level actions.
+type Processor interface {
+ // ChangePassword changes the specified user's password from old => new,
+ // or returns an error if the new password is too weak, or the old password is incorrect.
+ ChangePassword(ctx context.Context, user *gtsmodel.User, oldPassword string, newPassword string) gtserror.WithCode
+}
+
+type processor struct {
+ config *config.Config
+ db db.DB
+}
+
+// New returns a new user processor
+func New(db db.DB, config *config.Config) Processor {
+ return &processor{
+ config: config,
+ db: db,
+ }
+}
diff --git a/internal/processing/user/user_test.go b/internal/processing/user/user_test.go
new file mode 100644
index 000000000..4f18e03c2
--- /dev/null
+++ b/internal/processing/user/user_test.go
@@ -0,0 +1,52 @@
+/*
+ GoToSocial
+ Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user_test
+
+import (
+ "github.com/stretchr/testify/suite"
+ "github.com/superseriousbusiness/gotosocial/internal/config"
+ "github.com/superseriousbusiness/gotosocial/internal/db"
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+ "github.com/superseriousbusiness/gotosocial/internal/processing/user"
+ "github.com/superseriousbusiness/gotosocial/testrig"
+)
+
+type UserStandardTestSuite struct {
+ suite.Suite
+ config *config.Config
+ db db.DB
+
+ testUsers map[string]*gtsmodel.User
+
+ user user.Processor
+}
+
+func (suite *UserStandardTestSuite) SetupTest() {
+ testrig.InitTestLog()
+ suite.config = testrig.NewTestConfig()
+ suite.db = testrig.NewTestDB()
+ suite.testUsers = testrig.NewTestUsers()
+ suite.user = user.New(suite.db, suite.config)
+
+ testrig.StandardDBSetup(suite.db, nil)
+}
+
+func (suite *UserStandardTestSuite) TearDownTest() {
+ testrig.StandardDBTeardown(suite.db)
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-31 19:42:19 +0000