From 6e1edec4131959de344d01841d5c671be3925305 Mon Sep 17 00:00:00 2001
From: Nikolai Rodionov <allanger@badhouseplants.net>
Date: Wed, 22 May 2024 10:42:17 +0200
Subject: [PATCH] Add an API to reset the password

---
 api/v1/accounts.go               | 11 ++++++++-
 internal/controllers/accounts.go | 38 ++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/api/v1/accounts.go b/api/v1/accounts.go
index 412763e..aea1864 100644
--- a/api/v1/accounts.go
+++ b/api/v1/accounts.go
@@ -86,12 +86,21 @@ func (a *AccountsServer) ResetPassword(ctx context.Context, in *accounts.Account
 		header := metadata.Pairs("code", code)
 		if err := grpc.SendHeader(ctx, header); err != nil {
 			return nil, err
-		}
+		} 
 	}
 
 	return &emptypb.Empty{}, nil
 }
 
+func (acc *AccountsServer) NewPassword(ctx context.Context, in *accounts.AccountWithPasswordAndCode) (*empty.Empty, error) {
+	data := populateData(in.Data.GetName(), in.Password.GetPassword(), in.Data.GetEmail())
+	account := populateAccount(data, acc.Controller)
+	if err := account.NewPassword(ctx, in.GetCode()); err != nil {
+		return nil, err
+	}
+	return &emptypb.Empty{}, nil
+}
+
 func populateData(username, password, email string) *controllers.AccountData {
 	return &controllers.AccountData{
 		Username: username,
diff --git a/internal/controllers/accounts.go b/internal/controllers/accounts.go
index 02e28a5..e68c2e2 100644
--- a/internal/controllers/accounts.go
+++ b/internal/controllers/accounts.go
@@ -265,6 +265,44 @@ func (acc *Account) ResetPassword(ctx context.Context, emailConfig email.EmailCo
 	return number, nil
 }
 
+func (acc *Account) NewPassword(ctx context.Context, code string) error {
+	clientset, err := kubernetes.NewForConfig(acc.Controller.GetConfig())
+	if err != nil {
+		return err
+	}
+	userdata, err := clientset.CoreV1().Secrets("softplayer-accounts").Get(ctx, acc.Data.Username, metav1.GetOptions{})
+	if err != nil {
+		return err
+	}
+	acc.Data.UUID = string(userdata.Data["uuid"])
+	secretName := "password-reset-code"
+	sec, err := clientset.CoreV1().Secrets(acc.Data.UUID).Get(ctx, secretName, metav1.GetOptions{})
+	if err != nil {
+		return err
+	}
+	if realCode, ok := sec.Data["code"]; ok {
+		if string(realCode) != code {
+			return errors.New("wrong code")
+		}
+	} else {
+		return errors.New("secret not found")
+	}
+
+	passwordHash, err := hash.HashPassword(acc.Data.Password, int(acc.Params.HashCost))
+	if err != nil {
+		return nil
+	}
+
+	userdata.Data["password"] = []byte(passwordHash)
+	_, err = clientset.CoreV1().Secrets(acc.Data.UUID).Update(ctx, userdata, metav1.UpdateOptions{})
+	if err != nil {
+		return err
+	}
+
+	return nil
+
+}
+
 func (acc *Account) getToken(ctx context.Context, saSec *corev1.Secret) (string, error) {
 	client := acc.Controller.GetClient()
 	if err := client.Get(ctx, types.NamespacedName{