tidy up a few final things. password reset now working.

e9ead56b · Allen Gilliland · b45b2cf9 · e9ead56b · e9ead56b · e9ead56b
Commit e9ead56b authored 10 years ago by Allen Gilliland
--- a/frontend_client/app/auth/auth.controllers.js
+++ b/frontend_client/app/auth/auth.controllers.js
@@ -90,7 +90,13 @@ AuthControllers.controller('ForgotPassword', ['$scope', '$cookies', '$location',
            console.log('notification sent');
            $scope.sentNotification = true;
        }, function (error) {
-            $scope.error = true;
+            if (error.status === 400) {
+                $scope.error = "You must specify the email address of your account.";
+            } else if (error.status === 404) {
+                $scope.error = "Could not find a user for the given email address.";
+            } else {
+                $scope.error = "Error triggering password reset.  Please ask the system administrator for assistance.";
+            }
        });
    }

@@ -110,11 +116,15 @@ AuthControllers.controller('PasswordReset', ['$scope', '$routeParams', '$locatio
            'token': $routeParams.token,
            'password': password
        }, function (result) {
-            console.log('reset happened!');
            $scope.resetSuccess = true;
        }, function (error) {
-            console.log(error);
-            $scope.error = true;
+            if (error.status === 400) {
+                $scope.error = "You must specify a valid password.";
+            } else if (error.status === 404) {
+                $scope.error = "Invalid reset token specified.";
+            } else {
+                $scope.error = "Error resetting password.  Please ask the system administrator for assistance.";
+            }
        });
    }


--- a/frontend_client/app/auth/partials/password_reset.html
+++ b/frontend_client/app/auth/partials/password_reset.html
@@ -7,7 +7,7 @@
        <form novalidate>
            <p class="text-grey-4 px2">Your new password must be <b>10 characters</b> or longer, and <b>include an uppercase letter</b> and <b>a punctuation mark</b>. We know it's a bit much, but security is what the cool kids care about.</p>

-            <alert class="Form-group alert mx2" type="error" ng-if="error">Failed to set new password.</alert>
+            <alert class="Form-group alert mx2" type="error" ng-if="error">{{error}}</alert>

            <div class="col col-md-8">
                <div class="py2">

--- a/src/metabase/api/session.clj
+++ b/src/metabase/api/session.clj
@@ -42,7 +42,6 @@
 (defendpoint POST "/reset_password" [:as {{:keys [token password] :as body} :body}]
  (require-params token password)
  (let-404 [user (sel :one :fields [User :id :reset_triggered] :reset_token token)]
-    (println user)
    ;; check that the reset was triggered within the last 1 HOUR, after that the token is considered expired
    (check-404 (> (* 60 60 1000) (- (System/currentTimeMillis) (get user :reset_triggered 0))))
    ;; TODO - check that password is of required strength

--- a/src/metabase/models/user.clj
+++ b/src/metabase/models/user.clj
@@ -54,13 +54,14 @@
 (defn set-user-password
  "Updates the stored password for a specified `User` by hashing the password with a random salt."
  [user-id password]
-  {:pre [(nil? user-id)
-         (nil? password)
-         (string? password)]}
-  (println user-id password)
  (let [salt (.toString (java.util.UUID/randomUUID))
        password (creds/hash-bcrypt (str salt password))]
-    (upd User user-id :password_salt salt :password password)))
+    ;; NOTE: any password change expires the password reset token
+    (upd User user-id
+      :password_salt salt
+      :password password
+      :reset_token nil
+      :reset_triggered nil)))


 (defn users-for-org