settings/security: change password

crates/ezidam/src/routes/settings.rs

@@ -14,6 +14,7 @@ pub fn routes() -> Vec<Route> {
         user_settings_security,
         user_settings_security_logout_everywhere,
         user_settings_security_paper_key,
+        user_settings_security_password,
     ]
 }
 

crates/ezidam/src/routes/settings/security.rs

@@ -176,3 +176,43 @@ pub async fn user_settings_security_paper_key(
         flash_message,
     ))
 }
+
+#[derive(Debug, FromForm)]
+pub struct PasswordForm<'r> {
+    pub password: &'r str,
+}
+
+#[post("/settings/security/password", data = "<form>")]
+pub async fn user_settings_security_password(
+    mut db: Connection<Database>,
+    jwt_user: JwtUser,
+    form: Form<PasswordForm<'_>>,
+) -> Result<Flash<Redirect>> {
+    let (flash_kind, flash_message) = if !form.password.is_empty() {
+        // Hash password
+        let password = form.password.to_string();
+        let password = task::spawn_blocking(move || Password::new(&password)).await??;
+
+        let mut transaction = db.begin().await?;
+
+        // Get user info
+        let user = User::get_by_login(&mut transaction, &jwt_user.0.subject)
+            .await?
+            .ok_or_else(|| Error::not_found("Could not find user"))?;
+
+        // Set password
+        user.set_password(&mut transaction, Some(&password)).await?;
+
+        transaction.commit().await?;
+
+        (FlashKind::Success, "Your new password has been saved.")
+    } else {
+        (FlashKind::Warning, "Nothing to do.")
+    };
+
+    Ok(Flash::new(
+        Redirect::to(uri!(user_settings_security)),
+        flash_kind,
+        flash_message,
+    ))
+}

crates/ezidam/templates/pages/settings/security.html.tera

@@ -43,7 +43,7 @@
                         <div class="mb-4">
                             <h3 class="card-title">Password</h3>
                             <div>
-                                <a href="#" class="btn">
+                                <a class="btn" data-bs-toggle="modal" data-bs-target="#modal-password">
                                     Set new password
                                 </a>
                             </div>
@@ -79,6 +79,44 @@
     </div>
 </div>
 
+<!-- Password modal -->
+<div class="modal modal-blur" tabindex="-1" id="modal-password">
+    <div class="modal-dialog modal-sm modal-dialog-centered" role="document">
+        <div class="modal-content">
+
+            <div class="modal-status bg-info"></div>
+
+            <div class="modal-header">
+                <h5 class="modal-title">Set new password</h5>
+                <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+            </div>
+
+            <form action="./security/password" method="post">
+                <div class="modal-body py-4">
+                    <div class="mb-2">
+                        <label class="form-label required" for="password">Password</label>
+                        <div class="input-group input-group-flat">
+                            <input id="password" name="password" type="password" class="form-control"
+                                   placeholder="Your password"
+                                   autocomplete="off" required>
+                        </div>
+                    </div>
+                </div>
+
+                <div class="modal-footer">
+                    <a href="#" class="btn btn-link link-secondary" data-bs-dismiss="modal">
+                        Cancel
+                    </a>
+                    <button type="submit" class="btn btn-primary ms-auto">
+                        Save password
+                    </button>
+                </div>
+            </form>
+
+        </div>
+    </div>
+</div>
+
 <!-- Paper key modal -->
 <div class="modal modal-blur" tabindex="-1" id="modal-paper-key">
     <div class="modal-dialog modal-sm modal-dialog-centered" role="document">