Add a reset-password admin route

2025-06-22 02:18:26 +00:00 · 2021-01-04 16:32:54 +01:00
parent 2a172ce720
commit 668abf2140
7 changed files with 120 additions and 15 deletions
--- a/modules/restserver/src/main/scala/docspell/restserver/RestServer.scala
+++ b/modules/restserver/src/main/scala/docspell/restserver/RestServer.scala
@ -103,7 +103,8 @@ object RestServer {

  def adminRoutes[F[_]: Effect](cfg: Config, restApp: RestApp[F]): HttpRoutes[F] =
    Router(
-      "fts" -> FullTextIndexRoutes.admin(cfg, restApp.backend)
+      "fts"  -> FullTextIndexRoutes.admin(cfg, restApp.backend),
+      "user" -> UserRoutes.admin(restApp.backend)
    )

  def redirectTo[F[_]: Effect](path: String): HttpRoutes[F] = {
--- a/modules/restserver/src/main/scala/docspell/restserver/http4s/QueryParam.scala
+++ b/modules/restserver/src/main/scala/docspell/restserver/http4s/QueryParam.scala
@ -17,11 +17,6 @@ object QueryParam {
  implicit val queryStringDecoder: QueryParamDecoder[QueryString] =
    QueryParamDecoder[String].map(s => QueryString(s.trim.toLowerCase))

-  // implicit val booleanDecoder: QueryParamDecoder[Boolean] =
-  //   QueryParamDecoder.fromUnsafeCast(qp => Option(qp.value).exists(_.equalsIgnoreCase("true")))(
-  //     "Boolean"
-  //   )
-
  object FullOpt extends OptionalQueryParamDecoderMatcher[Boolean]("full")

  object OwningOpt extends OptionalQueryParamDecoderMatcher[Boolean]("owning")
--- a/modules/restserver/src/main/scala/docspell/restserver/routes/UserRoutes.scala
+++ b/modules/restserver/src/main/scala/docspell/restserver/routes/UserRoutes.scala
@ -5,10 +5,10 @@ import cats.implicits._

 import docspell.backend.BackendApp
 import docspell.backend.auth.AuthToken
-import docspell.common.Ident
+import docspell.backend.ops.OCollective
+import docspell.common._
 import docspell.restapi.model._
 import docspell.restserver.conv.Conversions._
-import docspell.restserver.http4s.ResponseGenerator

 import org.http4s.HttpRoutes
 import org.http4s.circe.CirceEntityDecoder._
@ -18,7 +18,7 @@ import org.http4s.dsl.Http4sDsl
 object UserRoutes {

  def apply[F[_]: Effect](backend: BackendApp[F], user: AuthToken): HttpRoutes[F] = {
-    val dsl = new Http4sDsl[F] with ResponseGenerator[F] {}
+    val dsl = new Http4sDsl[F] {}
    import dsl._

    HttpRoutes.of {
@ -63,4 +63,25 @@ object UserRoutes {
    }
  }

+  def admin[F[_]: Effect](backend: BackendApp[F]): HttpRoutes[F] = {
+    val dsl = new Http4sDsl[F] {}
+    import dsl._
+
+    HttpRoutes.of { case req @ POST -> Root / "resetPassword" =>
+      for {
+        input  <- req.as[ResetPassword]
+        result <- backend.collective.resetPassword(input.account)
+        resp <- Ok(result match {
+          case OCollective.PassResetResult.Success(np) =>
+            ResetPasswordResult(true, np, "Password updated")
+          case OCollective.PassResetResult.NotFound =>
+            ResetPasswordResult(
+              false,
+              Password(""),
+              "Password update failed. User not found."
+            )
+        })
+      } yield resp
+    }
+  }
 }