Mercurial > gemma

comparison pkg/controllers/pwreset.go @ 5490:5f47eeea988d logging

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Use own logging package.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Mon, 20 Sep 2021 17:45:39 +0200
parents 4394daeea96a
children
comparison
equal deleted inserted replaced
5488:a726a92ea5c9 5490:5f47eeea988d
20 "context" 20 "context"
21 "database/sql" 21 "database/sql"
22 "encoding/hex" 22 "encoding/hex"
23 "errors" 23 "errors"
24 "io" 24 "io"
25 "log"
26 "net/http" 25 "net/http"
27 "os/exec" 26 "os/exec"
28 "strconv" 27 "strconv"
29 "strings" 28 "strings"
30 "time" 29 "time"
38 "gemma.intevation.de/gemma/pkg/common" 37 "gemma.intevation.de/gemma/pkg/common"
39 "gemma.intevation.de/gemma/pkg/config" 38 "gemma.intevation.de/gemma/pkg/config"
40 "gemma.intevation.de/gemma/pkg/misc" 39 "gemma.intevation.de/gemma/pkg/misc"
41 "gemma.intevation.de/gemma/pkg/models" 40 "gemma.intevation.de/gemma/pkg/models"
42 41
42 "gemma.intevation.de/gemma/pkg/log"
43 mw "gemma.intevation.de/gemma/pkg/middleware" 43 mw "gemma.intevation.de/gemma/pkg/middleware"
44 ) 44 )
45 45
46 const ( 46 const (
47 insertRequestSQL = `INSERT INTO sys_admin.password_reset_requests 47 insertRequestSQL = `INSERT INTO sys_admin.password_reset_requests
140 _, err := conn.ExecContext( 140 _, err := conn.ExecContext(
141 ctx, cleanupRequestsSQL, good) 141 ctx, cleanupRequestsSQL, good)
142 return err 142 return err
143 }) 143 })
144 if err != nil { 144 if err != nil {
145 log.Printf("error: %v\n", err) 145 log.Errorf("%v\n", err)
146 } 146 }
147 } 147 }
148 } 148 }
149 149
150 func requestMessageBody(user, hash, server string) string { 150 func requestMessageBody(user, hash, server string) string {
157 Server: server, 157 Server: server,
158 Hash: hash, 158 Hash: hash,
159 } 159 }
160 var buf bytes.Buffer 160 var buf bytes.Buffer
161 if err := passwordResetRequestMailTmpl.Execute(&buf, &content); err != nil { 161 if err := passwordResetRequestMailTmpl.Execute(&buf, &content); err != nil {
162 log.Printf("error: %v\n", err) 162 log.Errorf("%v\n", err)
163 } 163 }
164 return buf.String() 164 return buf.String()
165 } 165 }
166 166
167 func changedMessageBody(w io.Writer, user, password string) error { 167 func changedMessageBody(w io.Writer, user, password string) error {
243 // no reduce the risks of timing attacks. 243 // no reduce the risks of timing attacks.
244 go func(user *models.PWResetUser) { 244 go func(user *models.PWResetUser) {
245 config.WaitReady() 245 config.WaitReady()
246 host := config.ExternalURL() 246 host := config.ExternalURL()
247 if err := backgroundRequest(host, user); err != nil { 247 if err := backgroundRequest(host, user); err != nil {
248 log.Printf("error: %v\n", err) 248 log.Errorf("%v\n", err)
249 } 249 }
250 }(mw.JSONInput(req).(*models.PWResetUser)) 250 }(mw.JSONInput(req).(*models.PWResetUser))
251 251
252 // Send a neutral message to avoid being an user oracle. 252 // Send a neutral message to avoid being an user oracle.
253 const neutralMessage = "If this account exists, a reset link will be mailed." 253 const neutralMessage = "If this account exists, a reset link will be mailed."
310 http.Error(rw, "Error: "+err.Error(), http.StatusInternalServerError) 310 http.Error(rw, "Error: "+err.Error(), http.StatusInternalServerError)
311 return 311 return
312 } 312 }
313 313
314 if err := changedMessageBody(rw, user, password); err != nil { 314 if err := changedMessageBody(rw, user, password); err != nil {
315 log.Printf("error: %v\n", err) 315 log.Errorf("%v\n", err)
316 } 316 }
317 } 317 }
318 318
319 func deletePasswordResetRequest(user string) { 319 func deletePasswordResetRequest(user string) {
320 ctx := context.Background() 320 ctx := context.Background()
324 func(conn *sql.Conn) error { 324 func(conn *sql.Conn) error {
325 _, err := conn.ExecContext(ctx, deletePasswordResetRequestSQL, user) 325 _, err := conn.ExecContext(ctx, deletePasswordResetRequestSQL, user)
326 return err 326 return err
327 }, 327 },
328 ); err != nil { 328 ); err != nil {
329 log.Printf("error: %v\n", err) 329 log.Errorf("%v\n", err)
330 } 330 }
331 } 331 }