change password

greensheng · greensheng · commit 01b381271df9 · 2019-09-24T13:54:14.000+08:00
diff --git a/models/mysql/user_store.go b/models/mysql/user_store.go
@@ -33,3 +33,8 @@ func (s *Store) AddUser(user *models.User) error {
 	user.CreatedAt = time.Now()
 	return s.db.Create(user).Error
 }
+
+func (s *Store) UpdateUser(user *models.User) error {
+	return s.db.Save(user).Error
+
+}
diff --git a/models/store.go b/models/store.go
@@ -23,6 +23,7 @@ type Store interface {
 
 	GetUserByEmail(email string) (*User, error)
 	AddUser(user *User) error
+	UpdateUser(user *User) error
 
 	GetAccount(userId int64, currency string) (*Account, error)
 	GetAccountsByUserId(userId int64) ([]*Account, error)
diff --git a/rest/server.go b/rest/server.go
@@ -51,6 +51,7 @@ func (server *HttpServer) Start() {
 		private.DELETE("/api/orders", CancelOrders)
 		private.GET("/api/accounts", GetAccounts)
 		private.GET("/api/users/self", GetUsersSelf)
+		private.GET("/api/users/password", ChangePassword)
 		private.DELETE("/api/users/accessToken", SignOut)
 		private.GET("/api/wallets/:currency/address", GetWalletAddress)
 		private.GET("/api/wallets/:currency/transactions", GetWalletTransactions)
diff --git a/rest/user_controller.go b/rest/user_controller.go
@@ -30,7 +30,7 @@ func SignUp(ctx *gin.Context) {
 		return
 	}
 
-	_, err = service.SignUp(request.Email, request.Password)
+	_, err = service.CreateUser(request.Email, request.Password)
 	if err != nil {
 		ctx.JSON(http.StatusBadRequest, newMessageVo(err))
 		return
@@ -57,6 +57,32 @@ func SignIn(ctx *gin.Context) {
 	ctx.JSON(http.StatusOK, token)
 }
 
+// POST /users/password
+func ChangePassword(ctx *gin.Context) {
+	var req changePasswordRequest
+	err := ctx.BindJSON(&req)
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, newMessageVo(err))
+		return
+	}
+
+	// check old password
+	_, err = service.GetUserByPassword(GetCurrentUser(ctx).Email, req.OldPassword)
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, newMessageVo(err))
+		return
+	}
+
+	// change password
+	err = service.ChangePassword(GetCurrentUser(ctx).Email, req.NewPassword)
+	if err != nil {
+		ctx.JSON(http.StatusInternalServerError, newMessageVo(err))
+		return
+	}
+
+	ctx.JSON(http.StatusOK, nil)
+}
+
 // DELETE /users/accessToken
 func SignOut(ctx *gin.Context) {
 	ctx.SetCookie("accessToken", "", -1, "/", "*", false, false)
diff --git a/rest/vo.go b/rest/vo.go
@@ -103,6 +103,11 @@ type SignUpRequest struct {
 	Password string
 }
 
+type changePasswordRequest struct {
+	OldPassword string
+	NewPassword string
+}
+
 type userVo struct {
 	Id           string `json:"id"`
 	Email        string `json:"email"`
diff --git a/service/user_service.go b/service/user_service.go
@@ -35,7 +35,7 @@ func init() {
 	gbeConfig = cfg
 }
 
-func SignUp(email, password string) (*models.User, error) {
+func CreateUser(email, password string) (*models.User, error) {
 	user, err := GetUserByEmail(email)
 	if err != nil {
 		return nil, err
@@ -48,11 +48,7 @@ func SignUp(email, password string) (*models.User, error) {
 		Email:        email,
 		PasswordHash: encryptPassword(password),
 	}
-	err = mysql.SharedStore().AddUser(user)
-	if err != nil {
-		return nil, err
-	}
-	return user, nil
+	return user, mysql.SharedStore().AddUser(user)
 }
 
 func RefreshAccessToken(email, password string) (string, error) {
@@ -68,9 +64,10 @@ func RefreshAccessToken(email, password string) (string, error) {
 	}
 
 	claim := jwt.MapClaims{
-		"id":        user.Id,
-		"email":     user.Email,
-		"expiredAt": time.Now().Unix(),
+		"id":           user.Id,
+		"email":        user.Email,
+		"passwordHash": user.PasswordHash,
+		"expiredAt":    time.Now().Unix(),
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claim)
 	return token.SignedString([]byte(gbeConfig.JwtSecret))
@@ -92,21 +89,48 @@ func CheckToken(tokenStr string) (*models.User, error) {
 	}
 
 	email := claim["email"].(string)
+	passwordHash := claim["passwordHash"].(string)
 
 	user, err := GetUserByEmail(email)
 	if err != nil {
 		return nil, err
 	}
 	if user == nil {
-		return nil, errors.New("bad token")
+		return nil, errors.New("bad token: 0x1")
+	}
+	if user.PasswordHash != passwordHash {
+		return nil, errors.New("bad token: 0x2")
 	}
 	return user, nil
 }
 
+func ChangePassword(email, newPassword string) error {
+	user, err := GetUserByEmail(email)
+	if err != nil {
+		return err
+	}
+	if user == nil {
+		return errors.New("user not found")
+	}
+	user.PasswordHash = encryptPassword(newPassword)
+	return mysql.SharedStore().UpdateUser(user)
+}
+
 func GetUserByEmail(email string) (*models.User, error) {
 	return mysql.SharedStore().GetUserByEmail(email)
 }
 
+func GetUserByPassword(email, password string) (*models.User, error) {
+	user, err := GetUserByEmail(email)
+	if err != nil {
+		return nil, err
+	}
+	if user == nil || user.PasswordHash != encryptPassword(password) {
+		return nil, errors.New("user not found or password incorrect")
+	}
+	return user, nil
+}
+
 func encryptPassword(password string) string {
 	hash := md5.New().Sum([]byte(password))
 	return fmt.Sprintf("%x", hash)

Original file line number	Diff line number	Diff line change
`@@ -33,3 +33,8 @@ func (s Store) AddUser(user models.User) error {`
`33`	`33`	`user.CreatedAt = time.Now()`
`34`	`34`	`return s.db.Create(user).Error`
`35`	`35`	`}`
	`36`	`+`
	`37`	`+func (s Store) UpdateUser(user models.User) error {`
	`38`	`+ return s.db.Save(user).Error`
	`39`	`+`
	`40`	`+}`