admin/users: force password reset (now lasts for 24 hours), send email, show expiration

2023-05-03 23:46:40 +02:00 · 2023-05-03 23:46:40 +02:00 · f8afea4e70
commit f8afea4e70
parent e600405f22
9 changed files with 288 additions and 12 deletions
--- a/crates/users/src/password_reset.rs
+++ b/crates/users/src/password_reset.rs
@ -18,17 +18,23 @@ pub enum Error {
 pub struct PasswordResetToken {
    token: String,
    expires_at: DateTime<Utc>,
+    duration_hours: Option<i64>,
 }

 impl PasswordResetToken {
-    pub fn generate(duration_minutes: i64) -> Self {
+    pub fn generate() -> Self {
        use gen_passphrase::dictionary::EFF_LARGE;
        use gen_passphrase::generate;

+        let duration_hours = 24;
        let token = generate(&[EFF_LARGE], 10, None);
-        let expires_at = Utc::now() + Duration::minutes(duration_minutes);
+        let expires_at = Utc::now() + Duration::hours(duration_hours);

-        Self { token, expires_at }
+        Self {
+            token,
+            expires_at,
+            duration_hours: Some(duration_hours),
+        }
    }

    pub fn parse(raw: &str) -> Result<Self, Error> {
@ -40,12 +46,21 @@ impl PasswordResetToken {
        Ok(Self {
            token: token.to_string(),
            expires_at,
+            duration_hours: None,
        })
    }

    pub fn has_expired(&self) -> bool {
        self.expires_at < Utc::now()
    }
+
+    pub fn duration_hours(&self) -> Option<i64> {
+        self.duration_hours
+    }
+
+    pub fn expires_at(&self) -> DateTime<Utc> {
+        self.expires_at
+    }
 }

 impl fmt::Display for PasswordResetToken {