BE: implemented password reset
This commit is contained in:
parent
80922086f8
commit
913295ebd7
|
@ -82,12 +82,58 @@ function get_account_mail() {
|
||||||
cat secret/mail.dat | grep "^$1:" | awk -F: '{print $2}'
|
cat secret/mail.dat | grep "^$1:" | awk -F: '{print $2}'
|
||||||
}
|
}
|
||||||
|
|
||||||
#account_verified(session)
|
#account_verified(username)
|
||||||
function account_verified {
|
function account_verified() {
|
||||||
[[ $1 == '' ]] && return
|
[[ $1 == '' ]] && return
|
||||||
if [[ "$(cat secret/mail.dat | grep -P "^$(session_get_username "$1"):" | awk -F: '{print $4}')" != "yes" ]]; then
|
if [[ "$(cat secret/mail.dat | grep -P "^$1:" | awk -F: '{print $4}')" != "yes" ]]; then
|
||||||
return 0
|
return 0
|
||||||
else
|
else
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#account_gen_reset_code(username, force)
|
||||||
|
function account_gen_reset_code() {
|
||||||
|
[[ "$1" == '' ]] && return
|
||||||
|
|
||||||
|
if ! account_verified "$1"; then
|
||||||
|
data="$(cat secret/mail.dat | grep -P "^$1:")"
|
||||||
|
|
||||||
|
user="$1"
|
||||||
|
mail="$(awk -F: '{print $2}' <<< "$data")"
|
||||||
|
old_code="$(awk -F: '{print $3}' <<< "$data")"
|
||||||
|
timestamp="$(awk -F: '{print $5}' <<< "$data")"
|
||||||
|
|
||||||
|
new_timestamp="$(date "+%s")"
|
||||||
|
new_code="$RANDOM"
|
||||||
|
|
||||||
|
if [[ $(date "+%s") -gt $((timestamp+3600)) || $2 == true ]]; then
|
||||||
|
sed -i "s/$user:$mail:$old_code:yes:$timestamp/$user:$mail:$new_code:yes:$new_timestamp/" secret/mail.dat
|
||||||
|
echo -n "$new_code"$(date "+%d%m%y") | sha1sum | awk '{print $1}' | cut -c 1-10
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 2
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
#reset_pwd(username, hash, password)
|
||||||
|
function reset_pwd() {
|
||||||
|
[[ "$1" == '' || "$2" == '' || "$3" == '' ]] && return
|
||||||
|
user="$1"
|
||||||
|
hash="$2"
|
||||||
|
pass="$3"
|
||||||
|
|
||||||
|
if [[ "$(echo -n $(cat secret/mail.dat | grep -P "^$user:" | awk -F: '{print $3}')$(date "+%d%m%y") | sha1sum | awk '{print $1}' | cut -c 1-10)" == "$hash" ]]; then
|
||||||
|
delete_account "$user"
|
||||||
|
register "$user" "$pass"
|
||||||
|
|
||||||
|
# prevents resetting the password with the same hash twice
|
||||||
|
account_gen_reset_code "$user" true >> /dev/null
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
silent=yes source "${cfg[namespace]}/webroot/api/session.shs"
|
if ! silent=yes source "${cfg[namespace]}/webroot/api/session.shs"; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
source "${cfg[namespace]}/code/common.sh"
|
source "${cfg[namespace]}/code/common.sh"
|
||||||
|
|
||||||
data=$(curl -s -X POST -H "$(get_auth_string)" -H "Content-type: application/json" "https://api-inmobile-pl.easypack24.net/v1/collect/validate" --data '{"geoPoint":{"accuracy":"1","latitude":"'"${post_data[lat]}"'","longitude":"'"${post_data[lon]}"'"},"parcel":{"openCode":"'"${post_data[openCode]}"'","shipmentNumber":"'"${post_data[id]}"'"}}')
|
data=$(curl -s -X POST -H "$(get_auth_string)" -H "Content-type: application/json" "https://api-inmobile-pl.easypack24.net/v1/collect/validate" --data '{"geoPoint":{"accuracy":"1","latitude":"'"${post_data[lat]}"'","longitude":"'"${post_data[lon]}"'"},"parcel":{"openCode":"'"${post_data[openCode]}"'","shipmentNumber":"'"${post_data[id]}"'"}}')
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
source code/common.sh
|
source "${cfg[namespace]}/code/common.sh"
|
||||||
|
|
||||||
if [[ "${post_data[login]}" != '' && "${post_data[password]}" != '' ]]; then
|
if [[ "${post_data[login]}" != '' && "${post_data[password]}" != '' ]]; then
|
||||||
login "${post_data[login]}" "${post_data[password]}"
|
login "${post_data[login]}" "${post_data[password]}"
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
silent=yes source "${cfg[namespace]}/webroot/api/session.shs"
|
if ! silent=yes source "${cfg[namespace]}/webroot/api/session.shs"; then
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
data=$(curl -s -H "$(get_auth_string)" "https://api-inmobile-pl.easypack24.net/v1/parcel?updatedAfter=1970-01-01T00:00:00.000Z")
|
data=$(curl -s -H "$(get_auth_string)" "https://api-inmobile-pl.easypack24.net/v1/parcel?updatedAfter=1970-01-01T00:00:00.000Z")
|
||||||
|
|
||||||
|
|
11
webroot/api/reset_confirm.shs
Normal file
11
webroot/api/reset_confirm.shs
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/bash
|
||||||
|
source "${cfg[namespace]}/code/common.sh"
|
||||||
|
|
||||||
|
reset_pwd "${post_data[login]}" "${post_data[hash]}" "${post_data[password]}"
|
||||||
|
status=$?
|
||||||
|
|
||||||
|
if [[ $status == 0 ]]; then
|
||||||
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 200 "Your password has been reset!"
|
||||||
|
else
|
||||||
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 1 "Something went wrong. Check your form."
|
||||||
|
fi
|
28
webroot/api/reset_request.shs
Normal file
28
webroot/api/reset_request.shs
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
#!/bin/bash
|
||||||
|
[[ "${post_data[login]}" == '' ]] && jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 0 "AAAA" && return
|
||||||
|
source "${cfg[namespace]}/code/common.sh"
|
||||||
|
|
||||||
|
hash="$(account_gen_reset_code "${post_data[login]}")"
|
||||||
|
result=$?
|
||||||
|
|
||||||
|
if [[ $result == 1 ]]; then
|
||||||
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 1 "This account doesn't exist or wasn't verified."
|
||||||
|
elif [[ $result == 2 ]]; then
|
||||||
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 2 "Ratelimited."
|
||||||
|
elif [[ $result == 0 ]]; then
|
||||||
|
sender_name="${cfg[who]}" mailsend "$(get_account_mail ${post_data[login]})" "OCW password reset" \
|
||||||
|
"Hi ${post_data[login]},
|
||||||
|
|
||||||
|
Someone (probably you) has requested a password reset on your OCW account.
|
||||||
|
To reset your password, paste below text into the password reset form:
|
||||||
|
|
||||||
|
$hash
|
||||||
|
|
||||||
|
NEVER give this code to anybody - this would grant full control over your account.
|
||||||
|
If you didn't request a password reset, you can safely ignore this message.
|
||||||
|
|
||||||
|
Have a wonderful day!
|
||||||
|
~ ${cfg[who]}" &
|
||||||
|
|
||||||
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 200 "Reset e-mail sent!"
|
||||||
|
fi
|
|
@ -3,14 +3,15 @@ source "${cfg[namespace]}/code/common.sh"
|
||||||
|
|
||||||
if ! session_verify "${cookies[sh_session]}"; then
|
if ! session_verify "${cookies[sh_session]}"; then
|
||||||
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args -1 "You're not logged in!"
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args -1 "You're not logged in!"
|
||||||
return
|
return 1
|
||||||
elif account_verified "${cookies[sh_session]}"; then
|
elif account_verified "$(session_get_username "${cookies[sh_session]}")"; then
|
||||||
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args -2 "You didn't verify your mail!"
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args -2 "You didn't verify your mail!"
|
||||||
return
|
return 1
|
||||||
elif check_if_user_exists "authToken"; then
|
elif check_if_user_exists "authToken"; then
|
||||||
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args -3 "You didn't verify your phone!"
|
jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args -3 "You didn't verify your phone!"
|
||||||
return
|
return 1
|
||||||
else
|
else
|
||||||
[[ "$silent" != "yes" ]] && jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 200 "OK"
|
[[ "$silent" != "yes" ]] && jq -n '{status: $ARGS.positional[0], msg: $ARGS.positional[1]}' --args 200 "OK"
|
||||||
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue