Cavemanon/cavecomm
Archived
9
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

password reset fulfillment handler

Browse Source
This commit is contained in:
Tina_Azure
2023-04-27 00:31:06 +02:00
parent 6dcc89b479
commit b93641042b
1 changed files with 54 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
src/main.cpp
View File

@ -337,6 +337,59 @@ int main(int argc, char *argv[]) {
return page.render(ctx); return page.render(ctx);
}); });
/*
* Page for fulfillment of password reset
*/
CROW_ROUTE(app, "/passwordreset/<string>/fulfilment").methods("POST"_method)
([&, configuration](const crow::request& postRequest, string passwordResetKey) {
crow::mustache::context ctx;
string postRequestBody = postRequest.body;
Utilities::decodeString(postRequestBody);
vector<string> splitPostRequestBody = Utilities::splitStringIntoVector(postRequestBody, '&');
string password;
for (const string& item : splitPostRequestBody) {
vector<string> splitItem = Utilities::splitStringIntoVector(item, '=');
if (splitItem.at(0) == "freelancerpassword")
password = splitItem.at(1);
}
pqxx::connection databaseConnection(configuration.databaseConnectionString);
pqxx::result freelancerEmail = Database::executePreparedStatement_SELECT_FREELANCER_EMAIL_FROM_PASSWORD_RESET_KEY(databaseConnection, passwordResetKey);
if (!freelancerEmail.empty() && !password.empty()) {
string email = freelancerEmail.at(0).at(0).c_str();
pqxx::result keyExpiration = Database::executePreparedStatement_SELECT_CHECK_FREELANCER_RESET_KEY_EXPIRED(databaseConnection, email);
if (stoi(keyExpiration.at(0).at(0).c_str()) == 0) {
Database::executePreparedStatement_DELETE_FREELANCER_RESET_KEY(databaseConnection, email);
string pwsalt = Utilities::generateSalt();
string pwhash = Utilities::hashPassword(pwsalt, password);
int errorLevel = Database::executePreparedStatement_UPDATE_FREELANCER_PASSWORD_HASH(databaseConnection, pwhash, pwsalt, email);
if (errorLevel == 0) {
ctx["RESET_SUCCESS"] = true;
ctx["freelanceremail"] = email;
}
else {
ctx["RESET_ERROR"] = true;
if (errorLevel == 1)
ctx["RESET_ERROR_QUERY"] = true;
if (errorLevel == 2)
ctx["RESET_ERROR_CRITICAL"] = true;
}
}
else {
ctx["PASSWORD_RESET_EXPIRED"] = true;
}
}
else {
if (password.empty())
ctx["PASSWORD_EMPTY"] = true;
if (freelancerEmail.empty())
ctx["PASSWORD_RESET_DOES_NOT_EXIST"] = true;
}
auto page = crow::mustache::load("passwordReset_Fulfillment.html");
return page.render(ctx);
});
/* /*
* Page for freelancer to log in fulfillment * Page for freelancer to log in fulfillment
*/ */
@ -374,7 +427,7 @@ int main(int argc, char *argv[]) {
if (checkFreelancerHashExtracted == 1) { if (checkFreelancerHashExtracted == 1) {
//create secureCookie //create secureCookie
auto& cookieCtx = app.get_context<crow::CookieParser>(postRequest); auto& cookieCtx = app.get_context<crow::CookieParser>(postRequest);
std::string loginKeyValue = Utilities::generateLoginKeyValue(); std::string loginKeyValue = Utilities::generateRandomHashValueSHA512();
Database::executePreparedStatement_UPDATE_LOGIN_VALIDATION_KEY(databaseConnection, loginKeyValue, email); Database::executePreparedStatement_UPDATE_LOGIN_VALIDATION_KEY(databaseConnection, loginKeyValue, email);
std::string loginKeyCookieValue = Utilities::generateSecureCookieLoginKeyValue(loginKeyValue, stayLoggedIn); std::string loginKeyCookieValue = Utilities::generateSecureCookieLoginKeyValue(loginKeyValue, stayLoggedIn);
std::string freelancerEmailCookieValue = Utilities::generateSecureCookieFreelancerEmailValue(email, stayLoggedIn); std::string freelancerEmailCookieValue = Utilities::generateSecureCookieFreelancerEmailValue(email, stayLoggedIn);