diff --git a/src/main/java/me/kavin/piped/ServerLauncher.java b/src/main/java/me/kavin/piped/ServerLauncher.java index 6af8613d..662b73b2 100644 --- a/src/main/java/me/kavin/piped/ServerLauncher.java +++ b/src/main/java/me/kavin/piped/ServerLauncher.java @@ -14,6 +14,7 @@ import io.activej.launchers.http.MultithreadedHttpServerLauncher; import me.kavin.piped.consts.Constants; import me.kavin.piped.utils.*; +import me.kavin.piped.utils.resp.ChangePasswordRequest; import me.kavin.piped.utils.resp.DeleteUserRequest; import me.kavin.piped.utils.resp.ErrorResponse; import me.kavin.piped.utils.resp.LoginRequest; @@ -369,6 +370,17 @@ AsyncServlet mainServlet(Executor executor) { } catch (Exception e) { return getErrorResponse(e, request.getPath()); } + })).map(POST, "/user/password", AsyncServlet.ofBlocking(executor, request -> { + try { + ChangePasswordRequest body = Constants.mapper.readValue(request.loadBody().getResult().asArray(), + ChangePasswordRequest.class); + return getJsonResponse( + ResponseHelper.changePasswordResponse( + request.getHeader(AUTHORIZATION), body.oldPassword, body.newPassword), + "private"); + } catch (Exception e) { + return getErrorResponse(e, request.getPath()); + } })).map(POST, "/logout", AsyncServlet.ofBlocking(executor, request -> { try { return getJsonResponse(ResponseHelper.logoutResponse(request.getHeader(AUTHORIZATION)), "private"); diff --git a/src/main/java/me/kavin/piped/utils/ResponseHelper.java b/src/main/java/me/kavin/piped/utils/ResponseHelper.java index 7f763119..30a75a69 100644 --- a/src/main/java/me/kavin/piped/utils/ResponseHelper.java +++ b/src/main/java/me/kavin/piped/utils/ResponseHelper.java @@ -772,6 +772,35 @@ public static byte[] deleteUserResponse(String session, String pass) throws IOEx } } + public static byte[] changePasswordResponse(String session, String oldPass, String newPass) throws IOException { + + if (StringUtils.isBlank(oldPass) || StringUtils.isBlank(newPass)) + return mapper.writeValueAsBytes(new InvalidRequestResponse()); + + try (Session s = DatabaseSessionFactory.createSession()) { + User user = DatabaseHelper.getUserFromSession(session); + + if (user == null) + return mapper.writeValueAsBytes(new AuthenticationFailureResponse()); + + String hash = user.getPassword(); + + if (!hashMatch(hash, oldPass)) + return mapper.writeValueAsBytes(new IncorrectCredentialsResponse()); + + try { + var tr = s.beginTransaction(); + user.setPassword(newPass); + s.merge(user); + tr.commit(); + } catch (Exception e) { + return mapper.writeValueAsBytes(new ErrorResponse(ExceptionUtils.getStackTrace(e), e.getMessage())); + } + + return mapper.writeValueAsBytes(new ChangePasswordResponse(user.getUsername())); + } + } + public static byte[] subscribeResponse(String session, String channelId) throws IOException { diff --git a/src/main/java/me/kavin/piped/utils/resp/ChangePasswordRequest.java b/src/main/java/me/kavin/piped/utils/resp/ChangePasswordRequest.java new file mode 100644 index 00000000..fc09752b --- /dev/null +++ b/src/main/java/me/kavin/piped/utils/resp/ChangePasswordRequest.java @@ -0,0 +1,8 @@ +package me.kavin.piped.utils.resp; + +public class ChangePasswordRequest { + + public String oldPassword; + public String newPassword; + +} diff --git a/src/main/java/me/kavin/piped/utils/resp/ChangePasswordResponse.java b/src/main/java/me/kavin/piped/utils/resp/ChangePasswordResponse.java new file mode 100644 index 00000000..3cdcaf5c --- /dev/null +++ b/src/main/java/me/kavin/piped/utils/resp/ChangePasswordResponse.java @@ -0,0 +1,10 @@ +package me.kavin.piped.utils.resp; + +public class ChangePasswordResponse { + + public String username; + + public ChangePasswordResponse(String username) { + this.username = username; + } +}