Mercurial > gemma
comparison pkg/controllers/pwreset.go @ 5490:5f47eeea988d logging
Use own logging package.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Mon, 20 Sep 2021 17:45:39 +0200 |
parents | 4394daeea96a |
children |
comparison
equal
deleted
inserted
replaced
5488:a726a92ea5c9 | 5490:5f47eeea988d |
---|---|
20 "context" | 20 "context" |
21 "database/sql" | 21 "database/sql" |
22 "encoding/hex" | 22 "encoding/hex" |
23 "errors" | 23 "errors" |
24 "io" | 24 "io" |
25 "log" | |
26 "net/http" | 25 "net/http" |
27 "os/exec" | 26 "os/exec" |
28 "strconv" | 27 "strconv" |
29 "strings" | 28 "strings" |
30 "time" | 29 "time" |
38 "gemma.intevation.de/gemma/pkg/common" | 37 "gemma.intevation.de/gemma/pkg/common" |
39 "gemma.intevation.de/gemma/pkg/config" | 38 "gemma.intevation.de/gemma/pkg/config" |
40 "gemma.intevation.de/gemma/pkg/misc" | 39 "gemma.intevation.de/gemma/pkg/misc" |
41 "gemma.intevation.de/gemma/pkg/models" | 40 "gemma.intevation.de/gemma/pkg/models" |
42 | 41 |
42 "gemma.intevation.de/gemma/pkg/log" | |
43 mw "gemma.intevation.de/gemma/pkg/middleware" | 43 mw "gemma.intevation.de/gemma/pkg/middleware" |
44 ) | 44 ) |
45 | 45 |
46 const ( | 46 const ( |
47 insertRequestSQL = `INSERT INTO sys_admin.password_reset_requests | 47 insertRequestSQL = `INSERT INTO sys_admin.password_reset_requests |
140 _, err := conn.ExecContext( | 140 _, err := conn.ExecContext( |
141 ctx, cleanupRequestsSQL, good) | 141 ctx, cleanupRequestsSQL, good) |
142 return err | 142 return err |
143 }) | 143 }) |
144 if err != nil { | 144 if err != nil { |
145 log.Printf("error: %v\n", err) | 145 log.Errorf("%v\n", err) |
146 } | 146 } |
147 } | 147 } |
148 } | 148 } |
149 | 149 |
150 func requestMessageBody(user, hash, server string) string { | 150 func requestMessageBody(user, hash, server string) string { |
157 Server: server, | 157 Server: server, |
158 Hash: hash, | 158 Hash: hash, |
159 } | 159 } |
160 var buf bytes.Buffer | 160 var buf bytes.Buffer |
161 if err := passwordResetRequestMailTmpl.Execute(&buf, &content); err != nil { | 161 if err := passwordResetRequestMailTmpl.Execute(&buf, &content); err != nil { |
162 log.Printf("error: %v\n", err) | 162 log.Errorf("%v\n", err) |
163 } | 163 } |
164 return buf.String() | 164 return buf.String() |
165 } | 165 } |
166 | 166 |
167 func changedMessageBody(w io.Writer, user, password string) error { | 167 func changedMessageBody(w io.Writer, user, password string) error { |
243 // no reduce the risks of timing attacks. | 243 // no reduce the risks of timing attacks. |
244 go func(user *models.PWResetUser) { | 244 go func(user *models.PWResetUser) { |
245 config.WaitReady() | 245 config.WaitReady() |
246 host := config.ExternalURL() | 246 host := config.ExternalURL() |
247 if err := backgroundRequest(host, user); err != nil { | 247 if err := backgroundRequest(host, user); err != nil { |
248 log.Printf("error: %v\n", err) | 248 log.Errorf("%v\n", err) |
249 } | 249 } |
250 }(mw.JSONInput(req).(*models.PWResetUser)) | 250 }(mw.JSONInput(req).(*models.PWResetUser)) |
251 | 251 |
252 // Send a neutral message to avoid being an user oracle. | 252 // Send a neutral message to avoid being an user oracle. |
253 const neutralMessage = "If this account exists, a reset link will be mailed." | 253 const neutralMessage = "If this account exists, a reset link will be mailed." |
310 http.Error(rw, "Error: "+err.Error(), http.StatusInternalServerError) | 310 http.Error(rw, "Error: "+err.Error(), http.StatusInternalServerError) |
311 return | 311 return |
312 } | 312 } |
313 | 313 |
314 if err := changedMessageBody(rw, user, password); err != nil { | 314 if err := changedMessageBody(rw, user, password); err != nil { |
315 log.Printf("error: %v\n", err) | 315 log.Errorf("%v\n", err) |
316 } | 316 } |
317 } | 317 } |
318 | 318 |
319 func deletePasswordResetRequest(user string) { | 319 func deletePasswordResetRequest(user string) { |
320 ctx := context.Background() | 320 ctx := context.Background() |
324 func(conn *sql.Conn) error { | 324 func(conn *sql.Conn) error { |
325 _, err := conn.ExecContext(ctx, deletePasswordResetRequestSQL, user) | 325 _, err := conn.ExecContext(ctx, deletePasswordResetRequestSQL, user) |
326 return err | 326 return err |
327 }, | 327 }, |
328 ); err != nil { | 328 ); err != nil { |
329 log.Printf("error: %v\n", err) | 329 log.Errorf("%v\n", err) |
330 } | 330 } |
331 } | 331 } |