复制项目

internal/rpc/chat/password.go

@@ -0,0 +1,109 @@
+// Copyright © 2023 OpenIM open source community. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package chat
+
+import (
+	"context"
+
+	"github.com/openimsdk/tools/errs"
+
+	"git.imall.cloud/openim/chat/pkg/common/constant"
+	"git.imall.cloud/openim/chat/pkg/common/mctx"
+	"git.imall.cloud/openim/chat/pkg/protocol/chat"
+)
+
+func (o *chatSvr) ResetPassword(ctx context.Context, req *chat.ResetPasswordReq) (*chat.ResetPasswordResp, error) {
+	if req.Password == "" {
+		return nil, errs.ErrArgs.WrapMsg("password must be set")
+	}
+	if req.AreaCode == "" || req.PhoneNumber == "" {
+		if !(req.AreaCode == "" && req.PhoneNumber == "") {
+			return nil, errs.ErrArgs.WrapMsg("area code and phone number must set together")
+		}
+	}
+	var verifyCodeID string
+	var err error
+	if req.Email == "" {
+		verifyCodeID, err = o.verifyCode(ctx, o.verifyCodeJoin(req.AreaCode, req.PhoneNumber), req.VerifyCode, phone)
+	} else {
+		verifyCodeID, err = o.verifyCode(ctx, req.Email, req.VerifyCode, mail)
+	}
+
+	if err != nil {
+		return nil, err
+	}
+	var account string
+	if req.Email == "" {
+		account = BuildCredentialPhone(req.AreaCode, req.PhoneNumber)
+	} else {
+		account = req.Email
+	}
+	cred, err := o.Database.TakeCredentialByAccount(ctx, account)
+	if err != nil {
+		return nil, err
+	}
+	err = o.Database.UpdatePasswordAndDeleteVerifyCode(ctx, cred.UserID, req.Password, verifyCodeID)
+	if err != nil {
+		return nil, err
+	}
+	return &chat.ResetPasswordResp{}, nil
+}
+
+func (o *chatSvr) ChangePassword(ctx context.Context, req *chat.ChangePasswordReq) (*chat.ChangePasswordResp, error) {
+	if req.NewPassword == "" {
+		return nil, errs.ErrArgs.WrapMsg("new password must be set")
+	}
+	if req.NewPassword == req.CurrentPassword {
+		return nil, errs.ErrArgs.WrapMsg("new password == current password")
+	}
+	opUserID, userType, err := mctx.Check(ctx)
+	if err != nil {
+		return nil, err
+	}
+	switch userType {
+	case constant.NormalUser:
+		if req.UserID == "" {
+			req.UserID = opUserID
+		}
+		if req.UserID != opUserID {
+			return nil, errs.ErrNoPermission.WrapMsg("no permission change other user password")
+		}
+	case constant.AdminUser:
+		if req.UserID == "" {
+			return nil, errs.ErrArgs.WrapMsg("user id must be set")
+		}
+	default:
+		return nil, errs.ErrInternalServer.WrapMsg("invalid user type")
+	}
+	user, err := o.Database.GetUser(ctx, req.UserID)
+	if err != nil {
+		return nil, err
+	}
+	if userType != constant.AdminUser {
+		if user.Password != req.CurrentPassword {
+			return nil, errs.ErrNoPermission.WrapMsg("current password is wrong")
+		}
+	}
+	if user.Password != req.NewPassword {
+		if err := o.Database.UpdatePassword(ctx, req.UserID, req.NewPassword); err != nil {
+			return nil, err
+		}
+	}
+	if err := o.Admin.InvalidateToken(ctx, req.UserID); err != nil {
+		return nil, err
+	}
+
+	return &chat.ChangePasswordResp{}, nil
+}