diff --git a/internal/i18n/locales/en-US.yml b/internal/i18n/locales/en-US.yml index 00d862dc..5df332a8 100644 --- a/internal/i18n/locales/en-US.yml +++ b/internal/i18n/locales/en-US.yml @@ -106,6 +106,11 @@ settings.delete-ssh-key-confirm: Confirm deletion of SSH key settings.ssh-key-added-at: Added settings.ssh-key-never-used: Never used settings.ssh-key-last-used: Last used +settings.create-password: Create password +settings.create-password-help: Create your password to login to Opengist via HTTP +settings.change-password: Change password +settings.change-password-help: Change your password to login to Opengist via HTTP +settings.password-label-title: Password auth.signup-disabled: Administrator has disabled signing up auth.login: Login diff --git a/internal/web/server.go b/internal/web/server.go index 33332f9c..48f867b2 100644 --- a/internal/web/server.go +++ b/internal/web/server.go @@ -218,6 +218,7 @@ func NewServer(isDev bool) *Server { g1.DELETE("/settings/account", accountDeleteProcess, logged) g1.POST("/settings/ssh-keys", sshKeysProcess, logged) g1.DELETE("/settings/ssh-keys/:id", sshKeysDelete, logged) + g1.PUT("/settings/password", passwordProcess, logged) g2 := g1.Group("/admin-panel") { diff --git a/internal/web/settings.go b/internal/web/settings.go index 4056ba0d..3df99fde 100644 --- a/internal/web/settings.go +++ b/internal/web/settings.go @@ -21,6 +21,7 @@ func userSettings(ctx echo.Context) error { setData(ctx, "email", user.Email) setData(ctx, "sshKeys", keys) + setData(ctx, "hasPassword", user.Password != "") setData(ctx, "htmlTitle", "Settings") return html(ctx, "settings.html") } @@ -110,3 +111,31 @@ func sshKeysDelete(ctx echo.Context) error { addFlash(ctx, "SSH key deleted", "success") return redirect(ctx, "/settings") } + +func passwordProcess(ctx echo.Context) error { + user := getUserLogged(ctx) + + dto := new(db.UserDTO) + if err := ctx.Bind(dto); err != nil { + return errorRes(400, "Cannot bind data", err) + } + dto.Username = user.Username + + if err := ctx.Validate(dto); err != nil { + addFlash(ctx, validationMessages(&err), "error") + return html(ctx, "settings.html") + } + + password, err := argon2id.hash(dto.Password) + if err != nil { + return errorRes(500, "Cannot hash password", err) + } + user.Password = password + + if err = user.Update(); err != nil { + return errorRes(500, "Cannot update password", err) + } + + addFlash(ctx, "Password updated", "success") + return redirect(ctx, "/settings") +} diff --git a/templates/pages/settings.html b/templates/pages/settings.html index 0e10aedc..9375bd74 100644 --- a/templates/pages/settings.html +++ b/templates/pages/settings.html @@ -90,7 +90,43 @@

-
+
+
+
+

+ {{if .hasPassword}} + {{ .locale.Tr "settings.change-password" }} + {{else}} + {{ .locale.Tr "settings.create-password" }} + {{end}} +

+

+ {{if .hasPassword}} + {{ .locale.Tr "settings.change-password-help" }} + {{else}} + {{ .locale.Tr "settings.create-password-help" }} + {{end}} +

+
+
+ +
+ +
+
+ + + + {{ .csrfHtml }} +
+
+