Update game password from personal page
Dependencies
- [2]
7QCJHYB6Show contacts in personal page - [3]
HTYEGVBUAdd data to reset password page - [4]
5UYVIBUMUpdate game password from page - [5]
WW3KRXX6Add page for reset game password - [6]
CX3CY2GEAdd choice between game and web password reset - [7]
LTQCLSBUSplit database usage in pages - [*]
MCF5COULAdd personal page
Change contents
- edit in src/templates/my.html at line 52[2.571][9.833]
<form id="reset-game-form" action="reset-game-pwd.do" method="post"><fieldset><legend>Enter data to set new game password:</legend><div><label for="password">Password:</label><input name="password" id="password" type="password" placeholder="Password" required autofocus /></div><div><label for="password_copy">Password:</label><input name="password_copy" id="password_copy" type="password" placeholder="Copy password" required autofocus /></div><input name="csrf" type="hidden" value="{{ csrf }}"><input name="submit" type="submit" value="Reset password"></fieldset></form> - replacement in src/pages/reset_game_pwd.rs at line 21
login: String,login: Option<String>, - replacement in src/pages/reset_game_pwd.rs at line 24
token: Uuid,token: Option<Uuid>, - edit in src/pages/reset_game_pwd.rs at line 114
request: HttpRequest, - replacement in src/pages/reset_game_pwd.rs at line 130
if form.token != cached_token {if cached_token.is_nil() {if form.token.is_some() {log::warn!("Expected nil token for CSRF: {}", form.csrf);return HttpResponse::BadRequest().body("Incorrect");}} else if form.token != Some(cached_token) { - edit in src/pages/reset_game_pwd.rs at line 139
let jar = request_to_jar(request);let form_login = jar.private(&data.cookies_key).get("auth").map(|x| std::borrow::Cow::Owned(x.value().to_string())).or(form.login.as_ref().map(std::borrow::Cow::Borrowed)).map(|x| x.to_ascii_lowercase()); - replacement in src/pages/reset_game_pwd.rs at line 158
let login_match = form.login.to_ascii_lowercase() == cached_login.to_ascii_lowercase();let login_match = form_login == Some(cached_login.to_ascii_lowercase()); - replacement in src/pages/reset_game_pwd.rs at line 160
let stmt = match dbclient.prepare("delete from auth.reset_tokens where token = $1 and player_name = $2;").await{Ok(stmt) => stmt,Err(e) => {log::error!("Pool RW statement delete error {}", e);return HttpResponse::ServiceUnavailable().body(actix_web::body::None::new());}};let deleted = match dbclient.execute(&stmt, &[&form.token, &form.login]).await {Ok(c) => c,Err(e) => {log::error!("Pool RW execute delete error {}", e);return HttpResponse::ServiceUnavailable().body(actix_web::body::None::new());if !cached_token.is_nil() {let stmt = match dbclient.prepare("delete from auth.reset_tokens where token = $1 and player_name = $2;").await{Ok(stmt) => stmt,Err(e) => {log::error!("Pool RW statement delete error {}", e);return HttpResponse::ServiceUnavailable().body(actix_web::body::None::new());}};let deleted = match dbclient.execute(&stmt, &[&cached_token, &cached_login]).await{Ok(c) => c,Err(e) => {log::error!("Pool RW execute delete error {}", e);return HttpResponse::ServiceUnavailable().body(actix_web::body::None::new());}};if deleted == 0 {log::error!("Not delete error: {}", cached_token);return HttpResponse::BadRequest().body("Incorrect"); - edit in src/pages/reset_game_pwd.rs at line 185
};if deleted == 0 {log::error!("Not delete error: {}", cached_token);return HttpResponse::BadRequest().body("Incorrect"); - replacement in src/pages/reset_game_pwd.rs at line 194
.execute(&stmt, &[&form.password, &form.login]).execute(&stmt, &[&form.password, &cached_login]) - edit in src/pages/my.rs at line 7[9.1203][9.1203]
use uuid::Uuid; - edit in src/pages/my.rs at line 15[2.604][9.1321]
csrf: Uuid, - edit in src/pages/my.rs at line 125[9.3243][9.3243]
let csrf = Uuid::new_v4(); - edit in src/pages/my.rs at line 128[9.3244][9.3244]
{let mut cache = data.cache_reset_game_pwd.lock().await;cache.insert(csrf,(Uuid::nil(), user.to_string(), true),std::time::Duration::from_secs(data.cache_duration_sec),);} - edit in src/pages/my.rs at line 145[2.2196][9.3427]
csrf,