- Notifications
You must be signed in to change notification settings - Fork927
feat: implement api for "forgot password?" flow#14915
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Merged
Uh oh!
There was an error while loading.Please reload this page.
Merged
Changes fromall commits
Commits
Show all changes
25 commits Select commitHold shift + click to select a range
b44adff feat: add api for forgotten password flow
DanielleMaywood60fc32c fix: appease linter
DanielleMaywood32a8df4 fix: give 20 minutes for one time passcode
DanielleMaywoode486923 chore: changes from feedback
DanielleMaywoodda87e9b fix: make ChangePasswordWithOneTimePassword expect StatusOK
DanielleMaywood39fa0f1 docs: run 'make gen'
DanielleMaywoodb89dfd7 test: add more tests
DanielleMaywood714e316 test: ensure login fails before changing password
DanielleMaywoodc4ed205 refactor: test and dbmem.UpdateUserHashedOneTimePasscode
DanielleMaywoodfa9d426 fix: do not enqueue notification if user.ID is uuid.Nil
DanielleMaywood883a231 refactor: wrap GetUserByEmailOrUsername in transaction
DanielleMaywoodbff384b refactor: error handling
DanielleMaywood26cc758 fix: check one-time passcode expiry
DanielleMaywood25581c2 test: one-time passcode becomes invalid after use
DanielleMaywood764b0cc Merge branch 'main' into dm-request-and-submit-passcode
DanielleMaywood6078409 fix: make changes from feedback
DanielleMaywood3a0946c refactor: change endpoints
DanielleMaywood1a7ad7a fix: update assertSecurityDefined links
DanielleMaywood6bbcff2 refactor: make validity period an option and test it
DanielleMaywooddfc32b1 test: refactor tests to reduce duplication
DanielleMaywood9f80082 test: ensure cannot login after failed password change
DanielleMaywoodfe9b3f8 fix: imports
DanielleMaywoodb42b73c test: ensure can login with old credentials
DanielleMaywood034a7d4 chore: apply changes based on feedback
DanielleMaywoode14d43b chore: add missing comment
DanielleMaywoodFile filter
Filter by extension
Conversations
Failed to load comments.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Jump to file
Failed to load files.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
88 changes: 88 additions & 0 deletionscoderd/apidoc/docs.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
74 changes: 74 additions & 0 deletionscoderd/apidoc/swagger.json
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
8 changes: 8 additions & 0 deletionscoderd/coderd.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
8 changes: 8 additions & 0 deletionscoderd/coderdtest/coderdtest.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
4 changes: 3 additions & 1 deletioncoderd/coderdtest/swaggerparser.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -303,7 +303,9 @@ func assertSecurityDefined(t *testing.T, comment SwaggerComment) { | ||
| if comment.router == "/updatecheck" || | ||
| comment.router == "/buildinfo" || | ||
| comment.router == "/" || | ||
| comment.router == "/users/login" || | ||
| comment.router == "/users/otp/request" || | ||
| comment.router == "/users/otp/change-password" { | ||
DanielleMaywood marked this conversation as resolved. Show resolvedHide resolvedUh oh!There was an error while loading.Please reload this page. | ||
| return // endpoints do not require authorization | ||
| } | ||
| assert.Equal(t, "CoderSessionToken", comment.security, "@Security must be equal CoderSessionToken") | ||
8 changes: 8 additions & 0 deletionscoderd/database/dbauthz/dbauthz.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
6 changes: 6 additions & 0 deletionscoderd/database/dbauthz/dbauthz_test.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletionscoderd/database/dbmem/dbmem.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletionscoderd/database/dbmetrics/dbmetrics.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
14 changes: 14 additions & 0 deletionscoderd/database/dbmock/dbmock.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
1 change: 1 addition & 0 deletionscoderd/database/migrations/000261_notifications_forgot_password.down.sql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| DELETE FROM notification_templates WHERE id = '62f86a30-2330-4b61-a26d-311ff3b608cf'; |
4 changes: 4 additions & 0 deletionscoderd/database/migrations/000261_notifications_forgot_password.up.sql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| INSERT INTO notification_templates (id, name, title_template, body_template, "group", actions) | ||
| VALUES ('62f86a30-2330-4b61-a26d-311ff3b608cf', 'One-Time Passcode', E'Your One-Time Passcode for Coder.', | ||
| E'Hi {{.UserName}},\n\nA request to reset the password for your Coder account has been made. Your one-time passcode is:\n\n**{{.Labels.one_time_passcode}}**\n\nIf you did not request to reset your password, you can ignore this message.', | ||
| 'User Events', '[]'::jsonb); |
1 change: 1 addition & 0 deletionscoderd/database/querier.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.