Add a way to reset password

2024-11-09 11:22:53 +01:00 · 2024-11-09 11:22:53 +01:00 · ed979719b5
commit ed979719b5
parent 5d343c273f
12 changed files with 352 additions and 57 deletions
--- a/backend/src/data/db.rs
+++ b/backend/src/data/db.rs
@ -29,8 +29,8 @@ pub enum DBError {
    Sqlx(#[from] sqlx::Error),

    #[error(
-        "Unsupported database version: {0} (code version: {})",
-        CURRENT_DB_VERSION
+        "Unsupported database version: {0} (application version: {current})",
+        current = CURRENT_DB_VERSION
    )]
    UnsupportedVersion(u32),

@ -76,6 +76,7 @@ pub enum AuthenticationResult {
 #[derive(Debug)]
 pub enum GetTokenResetPassword {
    PasswordAlreadyReset,
+    EmailUnknown,
    Ok(String),
 }

@ -442,7 +443,7 @@ WHERE [id] = $1
    ) -> Result<GetTokenResetPassword> {
        let mut tx = self.tx().await?;

-        if let Some(db_datetime) = sqlx::query_scalar::<_, Option<DateTime<Utc>>>(
+        if let Some(db_datetime_nullable) = sqlx::query_scalar::<_, Option<DateTime<Utc>>>(
            r#"
 SELECT [password_reset_datetime]
 FROM [User]
@ -450,12 +451,16 @@ WHERE [email] = $1
                    "#,
        )
        .bind(email)
-        .fetch_one(&mut *tx)
+        .fetch_optional(&mut *tx)
        .await?
        {
-            if Utc::now() - db_datetime <= validation_time {
-                return Ok(GetTokenResetPassword::PasswordAlreadyReset);
+            if let Some(db_datetime) = db_datetime_nullable {
+                if Utc::now() - db_datetime <= validation_time {
+                    return Ok(GetTokenResetPassword::PasswordAlreadyReset);
+                }
            }
+        } else {
+            return Ok(GetTokenResetPassword::EmailUnknown);
        }

        let token = generate_token();
@ -967,6 +972,22 @@ VALUES (
        Ok(())
    }

+    #[tokio::test]
+    async fn ask_to_reset_password_for_unknown_email() -> Result<()> {
+        let connection = Connection::new_in_memory().await?;
+
+        let email = "paul@atreides.com";
+
+        // Ask for password reset.
+        match connection
+            .get_token_reset_password(email, Duration::hours(1))
+            .await?
+        {
+            GetTokenResetPassword::EmailUnknown => Ok(()), // Nominal case.
+            other => panic!("{:?}", other),
+        }
+    }
+
    #[tokio::test]
    async fn sign_up_then_send_validation_then_sign_out_then_ask_to_reset_password() -> Result<()> {
        let connection = Connection::new_in_memory().await?;