add new function to change passsword with test

2025-11-13 13:16:58 +01:00
parent 3684fa224a
commit 567cc726cc
2 changed files with 80 additions and 8 deletions
--- a/handlers/user.go
+++ b/handlers/user.go
@@ -99,6 +99,54 @@ func (aH *AccessHandler) AddUser(c *gin.Context) {
 	})
 }

+func (aH *AccessHandler) ChangePassword(c *gin.Context) {
+	var user models.User
+	err := c.BindJSON(&user)
+	if err != nil {
+		aH.logger.Error("ChangePassword", err)
+		c.JSON(http.StatusInternalServerError, models.NewJsonErrorResponse(err))
+		return
+	}
+
+	// get user to check ChangePassword
+	var dbRecord models.User
+	err = aH.dbHandler.GetById(&dbRecord, user.Id)
+	if err != nil {
+		aH.logger.Error("ChangePassword", err)
+		c.JSON(http.StatusInternalServerError, nil)
+		return
+	}
+
+	// Check if old password is correct
+	if !utils.CheckPassword(user.Password, dbRecord.Password) {
+		fmt.Println(123, dbRecord.Password, user.Password)
+		// Found a user → skip create
+		aH.logger.Error("ChangePassword", "wrong password entered for user: "+user.Name)
+		c.JSON(http.StatusBadRequest, models.NewJsonMessageResponse("invalid credentials"))
+		return
+	}
+	fmt.Println(3)
+
+	// Hash the provided password before saving
+	user.Password, err = utils.HashPassword(user.NewPassword)
+	if err != nil {
+		aH.logger.Error("ChangePassword", err)
+		c.JSON(http.StatusInternalServerError, nil)
+		return
+	}
+	fmt.Println(4)
+
+	aH.logger.Debug("ChangePassword", "change user "+user.Name+" password")
+
+	// Update user
+	aH.dbHandler.UpdateValuesById(&user, user.Id)
+	fmt.Println(5)
+
+	c.JSON(http.StatusOK, gin.H{
+		"message": fmt.Sprintf("password of user '%s' changed", user.Name),
+	})
+}
+
 func (aH *AccessHandler) GetUser(c *gin.Context) {
 	var i int
 	var err error