forked from ubccr/mokey
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccounts.go
115 lines (94 loc) · 2.57 KB
/
accounts.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// Copyright 2015 mokey Authors. All rights reserved.
// Use of this source code is governed by a BSD style
// license that can be found in the LICENSE file.
package main
import (
"errors"
"fmt"
log "github.com/Sirupsen/logrus"
"github.com/spf13/viper"
"github.com/ubccr/mokey/app"
"github.com/ubccr/mokey/handlers"
"github.com/ubccr/mokey/model"
)
func createToken(uid string) (*model.Token, error) {
client := app.NewIpaClient(true)
userRec, err := client.UserShow(uid)
if err != nil {
return nil, err
}
if len(userRec.Email) == 0 {
return nil, errors.New("User missing email address")
}
db, err := app.NewDb()
if err != nil {
return nil, err
}
token, err := model.NewToken(db, uid, string(userRec.Email))
if err != nil {
return nil, err
}
return token, nil
}
func NewAccountEmail(uid string) {
token, err := createToken(uid)
if err != nil {
log.Fatal(err.Error())
}
ctx, err := app.NewAppContext()
if err != nil {
log.Fatal(err.Error())
}
vars := map[string]interface{}{
"uid": uid,
"link": fmt.Sprintf("%s/auth/setup/%s", viper.GetString("email_link_base"), model.SignToken(app.AccountSetupSalt, token.Token))}
err = ctx.SendEmail(token.Email, fmt.Sprintf("[%s] New Account Setup", viper.GetString("email_prefix")), "setup-account.txt", vars)
if err != nil {
log.WithFields(log.Fields{
"uid": uid,
"error": err,
}).Error("failed send email to user")
}
}
func ResetPasswordEmail(uid string) {
db, err := app.NewDb()
if err != nil {
log.Fatal(err.Error())
}
_, err = model.FetchAnswer(db, uid)
if err != nil && viper.GetBool("require_question_pwreset") {
log.WithFields(log.Fields{
"uid": uid,
"error": err,
}).Error("Failed to fetch security answer. Please run newacct to setup user account.")
return
}
token, err := createToken(uid)
if err != nil {
log.Fatal(err.Error())
}
ctx, err := app.NewAppContext()
if err != nil {
log.Fatal(err.Error())
}
vars := map[string]interface{}{
"link": fmt.Sprintf("%s/auth/resetpw/%s", viper.GetString("email_link_base"), model.SignToken(app.ResetSalt, token.Token))}
err = ctx.SendEmail(token.Email, fmt.Sprintf("[%s] Please reset your password", viper.GetString("email_prefix")), "reset-password.txt", vars)
if err != nil {
log.WithFields(log.Fields{
"uid": uid,
"error": err,
}).Error("failed send email to user")
}
}
func DisableTOTP(uid string) {
ctx, err := app.NewAppContext()
if err != nil {
log.Fatal(err.Error())
}
err = handlers.DisableTOTP(ctx, uid, "")
if err != nil {
log.Fatal(err.Error())
}
log.Infof("TOTP disabled for user: %s", uid)
}