synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-23 21:32:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: implement api for "forgot password?" flow (#14915)

Browse Source 
Relates to https://github.com/coder/coder/issues/14232

This implements two endpoints (names subject to change):
- `/api/v2/users/otp/request`
- `/api/v2/users/otp/change-password`
This commit is contained in:
Danielle Maywood
2024-10-04 11:53:25 +01:00
committed by GitHub
parent 8785a51b09
commit 4369f2b4b5
25 changed files with 1007 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
coderd/database/dbauthz/dbauthz.go
View File

@ -3628,6 +3628,14 @@ func (q *querier) UpdateUserGithubComUserID(ctx context.Context, arg database.Up
return q.db.UpdateUserGithubComUserID(ctx, arg)
}
func (q *querier) UpdateUserHashedOneTimePasscode(ctx context.Context, arg database.UpdateUserHashedOneTimePasscodeParams) error {
if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceSystem); err != nil {
return err
}
return q.db.UpdateUserHashedOneTimePasscode(ctx, arg)
}
func (q *querier) UpdateUserHashedPassword(ctx context.Context, arg database.UpdateUserHashedPasswordParams) error {
user, err := q.db.GetUserByID(ctx, arg.ID)
if err != nil {

6
coderd/database/dbauthz/dbauthz_test.go
View File

@ -1187,6 +1187,12 @@ func (s *MethodTestSuite) TestUser() {
ID: u.ID,
}).Asserts(u, policy.ActionUpdatePersonal).Returns()
}))
s.Run("UpdateUserHashedOneTimePasscode", s.Subtest(func(db database.Store, check *expects) {
u := dbgen.User(s.T(), db, database.User{})
check.Args(database.UpdateUserHashedOneTimePasscodeParams{
ID: u.ID,
}).Asserts(rbac.ResourceSystem, policy.ActionUpdate).Returns()
}))
s.Run("UpdateUserQuietHoursSchedule", s.Subtest(func(db database.Store, check *expects) {
u := dbgen.User(s.T(), db, database.User{})
check.Args(database.UpdateUserQuietHoursScheduleParams{