Impl CreatePasswordReset

Author: gedorinku

.env.ci

@@ -33,6 +33,7 @@ HYDRA_ADMIN_URL=http://hydra:4445
 
 CLIENT_REGISTRATION_URL=http://localhost:8080/registration
 CLIENT_CONFIRMATION_URL=http://localhost:8080/confirmation
+CLIENT_PASSWORD_RESET_URL=http://localhost:8080/password_resets
 
 SMTP_ADDR=smtp:1025
 EMAIL_FROM=[email protected]

.env.sample

@@ -34,6 +34,7 @@ HYDRA_ADMIN_URL=http://hydra:4445
 
 CLIENT_REGISTRATION_URL=http://localhost:8080/registration
 CLIENT_CONFIRMATION_URL=http://localhost:8080/confirmation
+CLIENT_PASSWORD_RESET_URL=http://localhost:8080/password_resets
 
 SMTP_ADDR=smtp:1025
 EMAIL_FROM=[email protected]

app/config/config.go

@@ -21,6 +21,7 @@ type Config struct {
 	MinioBucketName       string `envconfig:"minio_bucket_name" required:"true"`
 	ClientRegistrationURL string `envconfig:"client_registration_url" required:"true"`
 	ClientConfirmationURL string `envconfig:"client_confirmation_url" required:"true"`
+	ClientPasswordResetURL string `envconfig:"client_password_reset_url" required:"true"`
 	SMTPAddr              string `envconfig:"smtp_addr" required:"true"`
 	EmailFrom             string `envconfig:"email_from" required:"true"`
 	GitHubAccessToken     string `envconfig:"github_access_token" required:"true"`

app/run.go

@@ -63,7 +63,7 @@ func Run() error {
 			server.NewInvitationServiceServer(store, cli),
 			server.NewContributionConllectionServiceServer(store, cfg),
 			server.NewEmailConfirmationServiceServer(store, cli, cfg),
-			server.NewPasswordResetServiceServer(store, cfg),
+			server.NewPasswordResetServiceServer(store, cli, cfg),
 		),
 	)
 

app/server/password_resets_server.go

@@ -2,15 +2,19 @@ package server
 
 import (
 	"context"
+	"database/sql"
 
 	"github.com/golang/protobuf/ptypes/empty"
 	"github.com/izumin5210/grapi/pkg/grapiserver"
+	"github.com/pkg/errors"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
 	api_pb "github.com/ProgrammingLab/prolab-accounts/api"
 	"github.com/ProgrammingLab/prolab-accounts/app/config"
 	"github.com/ProgrammingLab/prolab-accounts/app/di"
+	"github.com/ProgrammingLab/prolab-accounts/app/util"
+	"github.com/ProgrammingLab/prolab-accounts/model"
 )
 
 // PasswordResetServiceServer is a composite interface of api_pb.PasswordResetServiceServer and grapiserver.Server.
@@ -20,29 +24,61 @@ type PasswordResetServiceServer interface {
 }
 
 // NewPasswordResetServiceServer creates a new PasswordResetServiceServer instance.
-func NewPasswordResetServiceServer(store di.StoreComponent, cfg *config.Config) PasswordResetServiceServer {
+func NewPasswordResetServiceServer(store di.StoreComponent, cli di.ClientComponent, cfg *config.Config) PasswordResetServiceServer {
 	return &passwordResetServiceServerImpl{
-		StoreComponent: store,
-		cfg:            cfg,
+		StoreComponent:  store,
+		ClientComponent: cli,
+		cfg:             cfg,
 	}
 }
 
 type passwordResetServiceServerImpl struct {
 	di.StoreComponent
+	di.ClientComponent
 	cfg *config.Config
 }
 
-func (s *passwordResetServiceServerImpl) GetPasswordReset(ctx context.Context, req *api_pb.GetPasswordResetRequest) (*api_pb.PasswordReset, error) {
-	// TODO: Not yet implemented.
-	return nil, status.Error(codes.Unimplemented, "TODO: You should implement it!")
+func (s *passwordResetServiceServerImpl) GetPasswordReset(ctx context.Context, req *api_pb.GetPasswordResetRequest) (*empty.Empty, error) {
+	ps := s.PasswordResetStore(ctx)
+	_, err := ps.GetConfirmation(req.GetEmail(), req.GetToken())
+	if err != nil {
+		if errors.Cause(err) == sql.ErrNoRows {
+			return nil, util.ErrNotFound
+		}
+		return nil, err
+	}
+
+	return &empty.Empty{}, nil
 }
 
-func (s *passwordResetServiceServerImpl) CreatePasswordReset(ctx context.Context, req *api_pb.CreatePasswordResetRequest) (*api_pb.PasswordReset, error) {
-	// TODO: Not yet implemented.
-	return nil, status.Error(codes.Unimplemented, "TODO: You should implement it!")
+func (s *passwordResetServiceServerImpl) CreatePasswordReset(ctx context.Context, req *api_pb.CreatePasswordResetRequest) (*empty.Empty, error) {
+	email := req.GetEmail()
+
+	us := s.UserStore(ctx)
+	u, err := us.GetUserByEmail(email)
+	if err != nil {
+		if errors.Cause(err) == sql.ErrNoRows {
+			return &empty.Empty{}, nil
+		}
+		return nil, err
+	}
+
+	ps := s.PasswordResetStore(ctx)
+	p, token, err := ps.CreateConfirmation(model.UserID(u.ID), email)
+	if err != nil {
+		return nil, err
+	}
+
+	sender := s.EmailSender(ctx)
+	err = sender.SendPasswordReset(p, token)
+	if err != nil {
+		return nil, err
+	}
+
+	return &empty.Empty{}, nil
 }
 
-func (s *passwordResetServiceServerImpl) UpdatePassword(ctx context.Context, req *api_pb.UpdatePasswordRequest) (*empty.Empty, error) {
+func (s *passwordResetServiceServerImpl) UpdatePassword(ctx context.Context, req *api_pb.UpdatePasswordRequest) (*api_pb.Session, error) {
 	// TODO: Not yet implemented.
 	return nil, status.Error(codes.Unimplemented, "TODO: You should implement it!")
 }

infra/email/email.go

@@ -3,6 +3,7 @@ package email
 import (
 	"bytes"
 	"context"
+	"net/url"
 
 	"github.com/jordan-wright/email"
 	"github.com/pkg/errors"
@@ -17,6 +18,7 @@ type Sender interface {
 	SendInvitationEmail(req *record.Invitation) error
 	SendEmailConfirmation(conf *record.EmailConfirmation) error
 	SendEmailChanged(user *record.User, oldEmail string) error
+	SendPasswordReset(reset *record.PasswordReset, token string) error
 }
 
 // NewSender creates new sender
@@ -79,6 +81,22 @@ func (s *senderImpl) SendEmailChanged(user *record.User, oldEmail string) error
 	return s.send(oldEmail, "メールアドレスが変更されました", "email_changed.tmpl", d)
 }
 
+type passwordResetData struct {
+	Name            string
+	ConfirmationURL string
+}
+
+func (s *senderImpl) SendPasswordReset(reset *record.PasswordReset, token string) error {
+	u := reset.R.User
+	v := url.Values{}
+	v.Add("email", reset.Email)
+	d := passwordResetData{
+		Name:            u.Name,
+		ConfirmationURL: s.cfg.ClientPasswordResetURL + "/" + token + "?" + v.Encode(),
+	}
+	return s.send(reset.Email, "パスワードのリセット", "password_reset.tmpl", d)
+}
+
 func (s *senderImpl) send(to, subject, tmplName string, d interface{}) error {
 	tmpl, err := s.asset.GetTemplate(tmplName)
 	if err != nil {

infra/store/password_reset/password_reset_store.go

@@ -33,18 +33,18 @@ const (
 	lifeTime    = 30 * time.Minute
 )
 
-func (s *passwordResetStoreImpl) CreateConfirmation(userID model.UserID, email string) (*record.PasswordReset, error) {
-	token, err := model.GenerateSecureToken(tokenLength)
+func (s *passwordResetStoreImpl) CreateConfirmation(userID model.UserID, email string) (r *record.PasswordReset, token string, err error) {
+	token, err = model.GenerateSecureToken(tokenLength)
 	if err != nil {
-		return nil, err
+		return nil, "", err
 	}
 
 	d, err := bcrypt.GenerateFromPassword([]byte(token), bcrypt.DefaultCost)
 	if err != nil {
-		return nil, errors.WithStack(err)
+		return nil, "", errors.WithStack(err)
 	}
 
-	p := &record.PasswordReset{
+	r = &record.PasswordReset{
 		TokenDigest: string(d),
 		Email:       email,
 		UserID:      int64(userID),
@@ -55,37 +55,42 @@ func (s *passwordResetStoreImpl) CreateConfirmation(userID model.UserID, email s
 			return errors.WithStack(err)
 		}
 
-		err = p.Insert(ctx, tx, boil.Infer())
+		err = r.Insert(ctx, tx, boil.Infer())
 		if err != nil {
 			return errors.WithStack(err)
 		}
 
-		err = p.L.LoadUser(ctx, tx, true, p, nil)
+		err = r.L.LoadUser(ctx, tx, true, r, nil)
 		return errors.WithStack(err)
 	})
 	if err != nil {
-		return nil, err
+		return nil, "", err
 	}
 
-	return p, nil
+	return r, token, nil
 }
 
 func (s *passwordResetStoreImpl) GetConfirmation(email, token string) (*record.PasswordReset, error) {
-	p, err := record.PasswordResets(record.PasswordResetWhere.Email.EQ(email)).One(s.ctx, s.db)
+	r, err := record.PasswordResets(record.PasswordResetWhere.Email.EQ(email)).One(s.ctx, s.db)
 	if err != nil {
 		return nil, errors.WithStack(err)
 	}
 
-	if lifeTime < time.Since(p.CreatedAt) {
+	if lifeTime < time.Since(r.CreatedAt) {
+		return nil, sql.ErrNoRows
+	}
+
+	err = bcrypt.CompareHashAndPassword([]byte(r.TokenDigest), []byte(token))
+	if err != nil {
 		return nil, sql.ErrNoRows
 	}
 
-	err = p.L.LoadUser(s.ctx, s.db, true, p, nil)
+	err = r.L.LoadUser(s.ctx, s.db, true, r, nil)
 	if err != nil {
 		return nil, errors.WithStack(err)
 	}
 
-	return p, nil
+	return r, nil
 }
 
 func (s *passwordResetStoreImpl) UpdatePassword(reset *record.PasswordReset, password string) error {

infra/store/password_reset_store.go

@@ -7,7 +7,7 @@ import (
 
 // PasswordResetStore provides password resets
 type PasswordResetStore interface {
-	CreateConfirmation(userID model.UserID, email string) (*record.PasswordReset, error)
+	CreateConfirmation(userID model.UserID, email string) (r *record.PasswordReset, token string, err error)
 	GetConfirmation(email, token string) (*record.PasswordReset, error)
 	UpdatePassword(reset *record.PasswordReset, password string) error
 }

packrd/packed-packr.go

@@ -0,0 +1,11 @@
+@{{.Name}} さん
+
+プロラボアカウントのパスワードをリセットするには、下記のURLにアクセスしてください。
+この操作に心当たりがない場合は、このメールを無視してください。
+
+{{.ConfirmationURL}}
+
+-----------------------------------------------
+久留米高専 プログラミングラボ部
+https://kurume-nct.com
+-----------------------------------------------