Change /send_password_reset to /forgot_password

Clean up comments
2021-11-10 12:33:37 +01:00 · 2021-11-10 12:21:17 +01:00
5 changed files with 19 additions and 16 deletions
--- a/peach-lib/src/password_utils.rs
+++ b/peach-lib/src/password_utils.rs
@ -3,7 +3,6 @@ use crate::config_manager::{get_peachcloud_domain, load_peach_config,
                            get_temporary_password_hash, set_temporary_password_hash};
 use crate::error::PeachError;
 use crate::sbot_client;
-use log::info;
 use rand::distributions::Alphanumeric;
 use rand::{thread_rng, Rng};
 use std::iter;
@ -34,7 +33,7 @@ pub fn validate_new_passwords(new_password1: &str, new_password2: &str) -> Resul
    }
 }

-/// Uses htpasswd to set a new password for the admin user
+/// Sets a new password for the admin user
 pub fn set_new_password(new_password: &str) -> Result<(), PeachError> {
    let new_password_hash = hash_password(&new_password.to_string());
    let result = set_admin_password_hash(&new_password_hash);
@ -55,7 +54,7 @@ pub fn hash_password(password: &str) -> String {
    hasher.result_str()
 }

-/// Uses htpasswd to set a new temporary password for the admin user
+/// Sets a new temporary password for the admin user
 /// which can be used to reset the permanent password
 pub fn set_new_temporary_password(new_password: &str) -> Result<(), PeachError> {
    let new_password_hash = hash_password(&new_password.to_string());
@ -82,7 +81,7 @@ pub fn verify_temporary_password(password: &str) -> Result<(), PeachError> {
    }
 }

-/// generates a temporary password and sends it via ssb dm
+/// Generates a temporary password and sends it via ssb dm
 /// to the ssb id configured to be the admin of the peachcloud device
 pub fn send_password_reset() -> Result<(), PeachError> {
    // first generate a new random password of ascii characters
@ -119,7 +118,6 @@ using this link: http://peach.local/reset_password",
    msg += &remote_link;
    // finally send the message to the admins
    let peach_config = load_peach_config()?;
-    info!("sending password reset: {}", msg);
    for ssb_admin_id in peach_config.ssb_admin_ids {
        sbot_client::private_message(&msg, &ssb_admin_id)?;
    }
--- a/peach-web/src/main.rs
+++ b/peach-web/src/main.rs
@ -90,7 +90,7 @@ fn init_rocket() -> Rocket<Build> {
                change_password_post,            // WEB ROUTE
                reset_password,                  // WEB ROUTE
                reset_password_post,             // WEB ROUTE
-                send_password_reset_page,        // WEB ROUTE
+                forgot_password_page,            // WEB ROUTE
                send_password_reset_post,        // WEB ROUTE
                configure_admin,                 // WEB ROUTE
                add_admin,                       // WEB ROUTE
--- a/peach-web/src/routes/authentication.rs
+++ b/peach-web/src/routes/authentication.rs
@ -35,8 +35,8 @@ pub enum LoginError {
    UserNotLoggedIn
 }

-/// Request guard which returns an Authenticated struct with is_authenticated=true
-/// iff the user has a cookie which proves they are authenticated with peach-web.
+/// Request guard which returns an empty Authenticated struct from the request
+/// if and only if the user has a cookie which proves they are authenticated with peach-web.
 ///
 /// Note that cookies.get_private uses encryption, which means that this private cookie
 /// cannot be inspected, tampered with, or manufactured by clients.
@ -114,7 +114,6 @@ pub fn verify_login_form(login_form: LoginForm) -> Result<(), PeachError> {

 #[post("/login", data="<login_form>")]
 pub fn login_post(login_form: Form<LoginForm>, cookies: &CookieJar<'_>) -> TemplateOrRedirect {
-    info!("call to login post");
    let result = verify_login_form(login_form.into_inner());
    match result {
        Ok(_) => {
@ -303,9 +302,11 @@ impl SendPasswordResetContext {
    }
 }

-/// Password reset request handler. This route is used by a user who is not logged in to send a new password reset link.
-#[get("/send_password_reset")]
-pub fn send_password_reset_page(flash: Option<FlashMessage>) -> Template {
+/// Page for users who have forgotten their password.
+/// This route is used by a user who is not logged in
+/// to initiate the sending of a new password reset.
+#[get("/forgot_password")]
+pub fn forgot_password_page(flash: Option<FlashMessage>) -> Template {
    let mut context = SendPasswordResetContext::build();
    context.back = Some("/".to_string());
    context.title = Some("Send Password Reset".to_string());
@ -315,7 +316,7 @@ pub fn send_password_reset_page(flash: Option<FlashMessage>) -> Template {
        context.flash_name = Some(flash.kind().to_string());
        context.flash_msg = Some(flash.message().to_string());
    };
-    Template::render("password/send_password_reset", &context)
+    Template::render("password/forgot_password", &context)
 }

 /// Send password reset request handler. This route is used by a user who is not logged in
@ -334,7 +335,7 @@ pub fn send_password_reset_post() -> Template {
            let flash_msg =
                "A password reset link has been sent to the admin of this device".to_string();
            context.flash_msg = Some(flash_msg);
-            Template::render("password/send_password_reset", &context)
+            Template::render("password/forgot_password", &context)
        }
        Err(err) => {
            let mut context = ChangePasswordContext::build();
@ -342,7 +343,7 @@ pub fn send_password_reset_post() -> Template {
            context.title = Some("Send Password Reset".to_string());
            context.flash_name = Some("error".to_string());
            context.flash_msg = Some(format!("Failed to send password reset link: {}", err));
-            Template::render("password/send_password_reset", &context)
+            Template::render("password/forgot_password", &context)
        }
    }
 }
--- a/peach-web/templates/login.html.tera
+++ b/peach-web/templates/login.html.tera
@ -10,9 +10,9 @@
            <input id="password" name="password" class="center input" type="password" placeholder="Password" title="Password for given username"/>
            <div id="buttonDiv">
              <input id="loginUser" class="button button-primary center" title="Login" type="submit" value="Login">
-              <a class="button button-secondary center" href="/" title="Cancel">Cancel</a>
            </div>
          </form>
+
          <!-- FLASH MESSAGE -->
          <!-- check for flash message and display accordingly -->
          {% if flash_msg and flash_name == "success" %}
@ -25,6 +25,10 @@
          <!-- display error message -->
          <div class="capsule center-text flash-message font-failure">{{ flash_msg }}.</div>
          {%- endif -%}
+
+         <div class="forgot-password center-text" style="margin-top: 50px;">
+             <a href="/forgot_password" style="text-decoration: none; color: gray;">Forgot Password?</a>
+          </div>
        </div>
      </div>

--- a/peach-web/templates/password/send_password_reset.html.tera
+++ b/peach-web/templates/password/send_password_reset.html.tera
Author	SHA1	Message	Date
notplants	a4f459e1fc	Change /send_password_reset to /forgot_password	2021-11-10 12:33:37 +01:00
notplants	e3640f0885	Clean up comments	2021-11-10 12:21:17 +01:00