From 6ae642245e0322f194ca5d960f669f33ba38c2fa Mon Sep 17 00:00:00 2001
From: syuilo <Syuilotan@yahoo.co.jp>
Date: Tue, 4 May 2021 15:05:34 +0900
Subject: Password reset (#7494)

* wip

* wip

* Update well-known.ts

* wip

* clean up

* Update request-reset-password.ts

* Update forgot-password.vue

* Update reset-password.ts

* Update request-reset-password.ts
---
 src/server/api/endpoints/request-reset-password.ts | 73 ++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 src/server/api/endpoints/request-reset-password.ts

(limited to 'src/server/api/endpoints/request-reset-password.ts')

diff --git a/src/server/api/endpoints/request-reset-password.ts b/src/server/api/endpoints/request-reset-password.ts
new file mode 100644
index 0000000000..c880df7527
--- /dev/null
+++ b/src/server/api/endpoints/request-reset-password.ts
@@ -0,0 +1,73 @@
+import $ from 'cafy';
+import { publishMainStream } from '../../../services/stream';
+import define from '../define';
+import rndstr from 'rndstr';
+import config from '@/config';
+import * as ms from 'ms';
+import { Users, UserProfiles, PasswordResetRequests } from '../../../models';
+import { sendEmail } from '../../../services/send-email';
+import { ApiError } from '../error';
+import { genId } from '@/misc/gen-id';
+import { IsNull } from 'typeorm';
+
+export const meta = {
+	requireCredential: false as const,
+
+	limit: {
+		duration: ms('1hour'),
+		max: 3
+	},
+
+	params: {
+		username: {
+			validator: $.str
+		},
+
+		email: {
+			validator: $.str
+		},
+	},
+
+	errors: {
+
+	}
+};
+
+export default define(meta, async (ps) => {
+	const user = await Users.findOne({
+		usernameLower: ps.username.toLowerCase(),
+		host: IsNull()
+	});
+
+	// 合致するユーザーが登録されていなかったら無視
+	if (user == null) {
+		return;
+	}
+
+	const profile = await UserProfiles.findOneOrFail(user.id);
+
+	// 合致するメアドが登録されていなかったら無視
+	if (profile.email !== ps.email) {
+		return;
+	}
+
+	// メアドが認証されていなかったら無視
+	if (!profile.emailVerified) {
+		return;
+	}
+
+	const token = rndstr('a-z0-9', 64);
+
+	await PasswordResetRequests.insert({
+		id: genId(),
+		createdAt: new Date(),
+		userId: profile.userId,
+		token
+	});
+
+	const link = `${config.url}/reset-password/${token}`;
+
+	sendEmail(ps.email, 'Password reset requested',
+		`To reset password, please click this link:<br><a href="${link}">${link}</a>`,
+		`To reset password, please click this link: ${link}`);
+});
-- 
cgit v1.2.3-freya