Skip to content

Commit b44adff

Browse files
DanielleMaywoodDanielleMaywood
committed
feat: add api for forgotten password flow
1 parent 3f79022 commit b44adff

24 files changed

+707
-3
lines changed

coderd/apidoc/docs.go

Lines changed: 88 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 74 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/coderd.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -983,6 +983,8 @@ func New(options *Options) *API {
983983
// This value is intentionally increased during tests.
984984
r.Use(httpmw.RateLimit(options.LoginRateLimit, time.Minute))
985985
r.Post("/login", api.postLogin)
986+
r.Post("/request-one-time-passcode", api.postRequestOneTimePasscode)
987+
r.Post("/change-password-with-one-time-passcode", api.postChangePasswordWithOneTimePasscode)
986988
r.Route("/oauth2", func(r chi.Router) {
987989
r.Route("/github", func(r chi.Router) {
988990
r.Use(

coderd/coderdtest/swaggerparser.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -303,7 +303,9 @@ func assertSecurityDefined(t *testing.T, comment SwaggerComment) {
303303
if comment.router == "/updatecheck" ||
304304
comment.router == "/buildinfo" ||
305305
comment.router == "/" ||
306-
comment.router == "/users/login" {
306+
comment.router == "/users/login" ||
307+
comment.router == "/users/request-one-time-passcode" ||
308+
comment.router == "/users/change-password-with-one-time-passcode" {
307309
return // endpoints do not require authorization
308310
}
309311
assert.Equal(t, "CoderSessionToken", comment.security, "@Security must be equal CoderSessionToken")

coderd/database/dbauthz/dbauthz.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3628,6 +3628,14 @@ func (q *querier) UpdateUserGithubComUserID(ctx context.Context, arg database.Up
36283628
return q.db.UpdateUserGithubComUserID(ctx, arg)
36293629
}
36303630

3631+
func (q *querier) UpdateUserHashedOneTimePasscode(ctx context.Context, arg database.UpdateUserHashedOneTimePasscodeParams) error {
3632+
if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceSystem); err != nil {
3633+
return err
3634+
}
3635+
3636+
return q.db.UpdateUserHashedOneTimePasscode(ctx, arg)
3637+
}
3638+
36313639
func (q *querier) UpdateUserHashedPassword(ctx context.Context, arg database.UpdateUserHashedPasswordParams) error {
36323640
user, err := q.db.GetUserByID(ctx, arg.ID)
36333641
if err != nil {

coderd/database/dbauthz/dbauthz_test.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1187,6 +1187,12 @@ func (s *MethodTestSuite) TestUser() {
11871187
ID: u.ID,
11881188
}).Asserts(u, policy.ActionUpdatePersonal).Returns()
11891189
}))
1190+
s.Run("UpdateUserHashedOneTimePasscode", s.Subtest(func(db database.Store, check *expects) {
1191+
u := dbgen.User(s.T(), db, database.User{})
1192+
check.Args(database.UpdateUserHashedOneTimePasscodeParams{
1193+
ID: u.ID,
1194+
}).Asserts(rbac.ResourceSystem, policy.ActionUpdate).Returns()
1195+
}))
11901196
s.Run("UpdateUserQuietHoursSchedule", s.Subtest(func(db database.Store, check *expects) {
11911197
u := dbgen.User(s.T(), db, database.User{})
11921198
check.Args(database.UpdateUserQuietHoursScheduleParams{

coderd/database/dbmem/dbmem.go

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9077,6 +9077,27 @@ func (q *FakeQuerier) UpdateUserGithubComUserID(_ context.Context, arg database.
90779077
return sql.ErrNoRows
90789078
}
90799079

9080+
func (q *FakeQuerier) UpdateUserHashedOneTimePasscode(ctx context.Context, arg database.UpdateUserHashedOneTimePasscodeParams) error {
9081+
err := validateDatabaseType(arg)
9082+
if err != nil {
9083+
return err
9084+
}
9085+
9086+
q.mutex.Lock()
9087+
defer q.mutex.Unlock()
9088+
9089+
for i, user := range q.users {
9090+
if user.ID != arg.ID {
9091+
continue
9092+
}
9093+
user.HashedOneTimePasscode = arg.HashedOneTimePasscode
9094+
user.OneTimePasscodeExpiresAt = arg.OneTimePasscodeExpiresAt
9095+
q.users[i] = user
9096+
return nil
9097+
}
9098+
return sql.ErrNoRows
9099+
}
9100+
90809101
func (q *FakeQuerier) UpdateUserHashedPassword(_ context.Context, arg database.UpdateUserHashedPasswordParams) error {
90819102
if err := validateDatabaseType(arg); err != nil {
90829103
return err

coderd/database/dbmetrics/dbmetrics.go

Lines changed: 7 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dbmock/dbmock.go

Lines changed: 14 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000260_notifications_forgot_password.down.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
DELETE FROM notification_templates WHERE id = '62f86a30-2330-4b61-a26d-311ff3b608cf';

0 commit comments

Comments
 (0)