ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
c4d4b2ecf5
gitdataai/libs/api/auth/password.rs
ZhenYi 7831d08848
Some checks are pending
CI / Rust Lint & Check (push) Waiting to run
Details
CI / Rust Tests (push) Waiting to run
Details
CI / Frontend Lint & Type Check (push) Waiting to run
Details
CI / Frontend Build (push) Blocked by required conditions
Details
feat(auth): add password reset confirmation endpoint and page 
Add the second half of the password reset flow: /password/confirm API
endpoint with token validation, transactional password update, and a
frontend confirm-password-reset-page with proper error handling for
expired/used tokens. Updates generated SDK/client bindings.
2026-04-18 23:02:39 +08:00

77 lines
2.7 KiB
Rust
Raw Blame History

use crate::ApiResponse;
use crate::error::ApiError;
use actix_web::{HttpResponse, Result, web};
use service::AppService;
use service::auth::password::{ChangePasswordParams, ConfirmResetPasswordParams, ResetPasswordParams};
use session::Session;
#[utoipa::path(
post,
path = "/api/auth/password/change",
request_body = ChangePasswordParams,
responses(
(status = 200, description = "Password changed successfully", body = ApiResponse<String>),
(status = 401, description = "Unauthorized or invalid password", body = ApiResponse<ApiError>),
(status = 400, description = "Bad request", body = ApiResponse<ApiError>),
(status = 500, description = "Internal server error", body = ApiResponse<ApiError>),
(status = 404, description = "Not found", body = ApiResponse<ApiError>),
),
tag = "Auth"
)]
pub async fn api_user_change_password(
service: web::Data<AppService>,
session: Session,
params: web::Json<ChangePasswordParams>,
) -> Result<HttpResponse, ApiError> {
service
.auth_change_password(&session, params.into_inner())
.await?;
Ok(crate::api_success())
}
#[utoipa::path(
post,
path = "/api/auth/password/reset",
request_body = ResetPasswordParams,
responses(
(status = 401, description = "Unauthorized", body = ApiResponse<ApiError>),
(status = 200, description = "Password reset email sent", body = ApiResponse<String>),
(status = 404, description = "User not found", body = ApiResponse<ApiError>),
(status = 500, description = "Internal server error", body = ApiResponse<ApiError>),
),
tag = "Auth"
)]
pub async fn api_user_request_password_reset(
service: web::Data<AppService>,
_session: Session,
params: web::Json<ResetPasswordParams>,
) -> Result<HttpResponse, ApiError> {
service
.auth_request_password_reset(params.into_inner())
.await?;
Ok(crate::api_success())
}
#[utoipa::path(
post,
path = "/api/auth/password/confirm",
request_body = ConfirmResetPasswordParams,
responses(
(status = 200, description = "Password reset confirmed", body = ApiResponse<String>),
(status = 400, description = "Invalid or expired token", body = ApiResponse<ApiError>),
(status = 404, description = "User not found", body = ApiResponse<ApiError>),
(status = 500, description = "Internal server error", body = ApiResponse<ApiError>),
),
tag = "Auth"
)]
pub async fn api_user_confirm_password_reset(
service: web::Data<AppService>,
_session: Session,
params: web::Json<ConfirmResetPasswordParams>,
) -> Result<HttpResponse, ApiError> {
service
.auth_confirm_password_reset(params.into_inner())
.await?;
Ok(crate::api_success())
}
Reference in New Issue View Git Blame Copy Permalink