3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-10 22:19:31 +01:00

implement NS PASSWD for password changes

This commit is contained in:
Shivaram Lingamneni 2018-11-28 18:21:41 -05:00
parent 70364f5f67
commit 48f9b5e4fa
2 changed files with 68 additions and 5 deletions

View File

@ -565,14 +565,15 @@ func (am *AccountManager) SetNickReserved(client *Client, nick string, saUnreser
return nil
}
func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) error {
account, err := am.LoadAccount(accountName)
func (am *AccountManager) checkPassphrase(accountName, passphrase string) (account ClientAccount, err error) {
account, err = am.LoadAccount(accountName)
if err != nil {
return err
return
}
if !account.Verified {
return errAccountUnverified
err = errAccountUnverified
return
}
switch account.Credentials.Version {
@ -583,9 +584,13 @@ func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName s
default:
err = errAccountInvalidCredentials
}
return
}
func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) error {
account, err := am.checkPassphrase(accountName, passphrase)
if err != nil {
return errAccountInvalidCredentials
return err
}
am.Login(client, account)

View File

@ -121,6 +121,18 @@ or other verification.`,
helpShort: `$bVERIFY$b lets you complete account registration.`,
enabled: servCmdRequiresAccreg,
},
"passwd": {
handler: nsPasswdHandler,
help: `Syntax: $bPASSWD <current> <new> <new_again>$b
Or: $bPASSWD <username> <new>$b
PASSWD lets you change your account password. You must supply your current
password and confirm the new one by typing it twice. If you're an IRC operator
with the correct permissions, you can use PASSWD to reset someone else's
password by supplying their username and then the desired password.`,
helpShort: `$bPASSWD$b lets you change your password.`,
enabled: servCmdRequiresAuthEnabled,
},
}
)
@ -389,3 +401,49 @@ func nsVerifyHandler(server *Server, client *Client, command, params string, rb
sendSuccessfulRegResponse(client, rb, true)
}
func nsPasswdHandler(server *Server, client *Client, command, params string, rb *ResponseBuffer) {
var target string
var newPassword string
var errorMessage string
fields := strings.Fields(params)
switch len(fields) {
case 2:
if !client.HasRoleCapabs("accreg") {
errorMessage = "Insufficient privileges"
} else {
target, newPassword = fields[0], fields[1]
}
case 3:
target = client.Account()
if target == "" {
errorMessage = "You're not logged into an account"
} else if fields[1] != fields[2] {
errorMessage = "Passwords do not match"
} else {
// check that they correctly supplied the preexisting password
_, err := server.accounts.checkPassphrase(target, fields[0])
if err != nil {
errorMessage = "Password incorrect"
} else {
newPassword = fields[1]
}
}
default:
errorMessage = "Invalid parameters"
}
if errorMessage != "" {
nsNotice(rb, client.t(errorMessage))
return
}
err := server.accounts.setPassword(target, newPassword)
if err == nil {
nsNotice(rb, client.t("Password changed"))
} else {
server.logger.Error("internal", fmt.Sprintf("could not upgrade user password: %v", err))
nsNotice(rb, client.t("Password could not be changed due to server error"))
}
}