Mercurial > gemma
diff controllers/pwreset.go @ 319:ac760b0f22a9
Add special role for password reset
As password reset is exposed without requiring a login, let this role
have privileges limited to reseting passwords, and only reseting passwords.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 02 Aug 2018 13:06:39 +0200 |
parents | 5cb18bedb3a9 |
children | 974a5e4c0055 |
line wrap: on
line diff
--- a/controllers/pwreset.go Thu Aug 02 12:48:59 2018 +0200 +++ b/controllers/pwreset.go Thu Aug 02 13:06:39 2018 +0200 @@ -23,9 +23,9 @@ const ( userExistsSQL = `SELECT email_address - FROM users.list_users WHERE username = $1` + FROM pw_reset.list_users WHERE username = $1` - updatePasswordSQL = `UPDATE users.list_users + updatePasswordSQL = `UPDATE pw_reset.list_users SET pw = $1 WHERE username = $2` )