GitHub-Proxy/signoz
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/SigNoz/signoz synced 2025-08-20 12:39:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: send 403 on wrong password entry during change password operation (#4733)

Browse Source
This commit is contained in:
Vibhu Pandey 2024-03-26 06:20:35 +05:30 committed by GitHub
parent f24135f5b0
commit 994814864c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/query-service/app/http_handler.go
View File

@ -2363,10 +2363,9 @@ func (aH *APIHandler) changePassword(w http.ResponseWriter, r *http.Request) {
return return
} }
if err := auth.ChangePassword(context.Background(), req); err != nil { if apiErr := auth.ChangePassword(context.Background(), req); apiErr != nil {
if aH.HandleError(w, err, http.StatusInternalServerError) { RespondError(w, apiErr, nil)
return return
}
} }
aH.WriteJSON(w, r, map[string]string{"data": "password changed successfully"}) aH.WriteJSON(w, r, map[string]string{"data": "password changed successfully"})

11
pkg/query-service/auth/auth.go
View File

@ -234,24 +234,23 @@ func ResetPassword(ctx context.Context, req *model.ResetPasswordRequest) error {
return nil return nil
} }
func ChangePassword(ctx context.Context, req *model.ChangePasswordRequest) error { func ChangePassword(ctx context.Context, req *model.ChangePasswordRequest) *model.ApiError {
user, apiErr := dao.DB().GetUser(ctx, req.UserId) user, apiErr := dao.DB().GetUser(ctx, req.UserId)
if apiErr != nil { if apiErr != nil {
return errors.Wrap(apiErr.Err, "failed to query user from the DB") return apiErr
} }
if user == nil || !passwordMatch(user.Password, req.OldPassword) { if user == nil || !passwordMatch(user.Password, req.OldPassword) {
return ErrorInvalidCreds return model.ForbiddenError(ErrorInvalidCreds)
} }
hash, err := PasswordHash(req.NewPassword) hash, err := PasswordHash(req.NewPassword)
if err != nil { if err != nil {
return errors.Wrap(err, "Failed to generate password hash") return model.InternalError(errors.New("Failed to generate password hash"))
} }
if apiErr := dao.DB().UpdateUserPassword(ctx, hash, user.Id); apiErr != nil { if apiErr := dao.DB().UpdateUserPassword(ctx, hash, user.Id); apiErr != nil {
return apiErr.Err return apiErr
} }
return nil return nil

7
pkg/query-service/model/response.go
View File

@ -112,6 +112,13 @@ func UnavailableError(err error) *ApiError {
} }
} }
func ForbiddenError(err error) *ApiError {
return &ApiError{
Typ: ErrorForbidden,
Err: err,
}
}
func WrapApiError(err *ApiError, msg string) *ApiError { func WrapApiError(err *ApiError, msg string) *ApiError {
return &ApiError{ return &ApiError{
Typ: err.Type(), Typ: err.Type(),