mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-26 05:49:25 +01:00
implement NS PASSWD for password changes
This commit is contained in:
parent
70364f5f67
commit
48f9b5e4fa
@ -565,14 +565,15 @@ func (am *AccountManager) SetNickReserved(client *Client, nick string, saUnreser
|
||||
return nil
|
||||
}
|
||||
|
||||
func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) error {
|
||||
account, err := am.LoadAccount(accountName)
|
||||
func (am *AccountManager) checkPassphrase(accountName, passphrase string) (account ClientAccount, err error) {
|
||||
account, err = am.LoadAccount(accountName)
|
||||
if err != nil {
|
||||
return err
|
||||
return
|
||||
}
|
||||
|
||||
if !account.Verified {
|
||||
return errAccountUnverified
|
||||
err = errAccountUnverified
|
||||
return
|
||||
}
|
||||
|
||||
switch account.Credentials.Version {
|
||||
@ -583,9 +584,13 @@ func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName s
|
||||
default:
|
||||
err = errAccountInvalidCredentials
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (am *AccountManager) AuthenticateByPassphrase(client *Client, accountName string, passphrase string) error {
|
||||
account, err := am.checkPassphrase(accountName, passphrase)
|
||||
if err != nil {
|
||||
return errAccountInvalidCredentials
|
||||
return err
|
||||
}
|
||||
|
||||
am.Login(client, account)
|
||||
|
@ -121,6 +121,18 @@ or other verification.`,
|
||||
helpShort: `$bVERIFY$b lets you complete account registration.`,
|
||||
enabled: servCmdRequiresAccreg,
|
||||
},
|
||||
"passwd": {
|
||||
handler: nsPasswdHandler,
|
||||
help: `Syntax: $bPASSWD <current> <new> <new_again>$b
|
||||
Or: $bPASSWD <username> <new>$b
|
||||
|
||||
PASSWD lets you change your account password. You must supply your current
|
||||
password and confirm the new one by typing it twice. If you're an IRC operator
|
||||
with the correct permissions, you can use PASSWD to reset someone else's
|
||||
password by supplying their username and then the desired password.`,
|
||||
helpShort: `$bPASSWD$b lets you change your password.`,
|
||||
enabled: servCmdRequiresAuthEnabled,
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
@ -389,3 +401,49 @@ func nsVerifyHandler(server *Server, client *Client, command, params string, rb
|
||||
|
||||
sendSuccessfulRegResponse(client, rb, true)
|
||||
}
|
||||
|
||||
func nsPasswdHandler(server *Server, client *Client, command, params string, rb *ResponseBuffer) {
|
||||
var target string
|
||||
var newPassword string
|
||||
var errorMessage string
|
||||
|
||||
fields := strings.Fields(params)
|
||||
switch len(fields) {
|
||||
case 2:
|
||||
if !client.HasRoleCapabs("accreg") {
|
||||
errorMessage = "Insufficient privileges"
|
||||
} else {
|
||||
target, newPassword = fields[0], fields[1]
|
||||
}
|
||||
case 3:
|
||||
target = client.Account()
|
||||
if target == "" {
|
||||
errorMessage = "You're not logged into an account"
|
||||
} else if fields[1] != fields[2] {
|
||||
errorMessage = "Passwords do not match"
|
||||
} else {
|
||||
// check that they correctly supplied the preexisting password
|
||||
_, err := server.accounts.checkPassphrase(target, fields[0])
|
||||
if err != nil {
|
||||
errorMessage = "Password incorrect"
|
||||
} else {
|
||||
newPassword = fields[1]
|
||||
}
|
||||
}
|
||||
default:
|
||||
errorMessage = "Invalid parameters"
|
||||
}
|
||||
|
||||
if errorMessage != "" {
|
||||
nsNotice(rb, client.t(errorMessage))
|
||||
return
|
||||
}
|
||||
|
||||
err := server.accounts.setPassword(target, newPassword)
|
||||
if err == nil {
|
||||
nsNotice(rb, client.t("Password changed"))
|
||||
} else {
|
||||
server.logger.Error("internal", fmt.Sprintf("could not upgrade user password: %v", err))
|
||||
nsNotice(rb, client.t("Password could not be changed due to server error"))
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user