41 lines
1006 B
Go
41 lines
1006 B
Go
package user
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/hex"
|
|
"myapp/database"
|
|
"time"
|
|
)
|
|
|
|
// findUserByEmail loads the first user matching the given email address.
|
|
func findUserByEmail(u *User, email string) error {
|
|
return database.DB.First(u, "email = ?", email).Error
|
|
}
|
|
|
|
// generateResetToken creates a random hex token.
|
|
func generateResetToken() string {
|
|
b := make([]byte, 32)
|
|
_, _ = rand.Read(b)
|
|
return hex.EncodeToString(b)
|
|
}
|
|
|
|
// saveResetToken stores the hashed reset token and a 1-hour expiry on the user.
|
|
func saveResetToken(u *User, token string) error {
|
|
expires := time.Now().Add(time.Hour)
|
|
u.ResetPwHash = &token
|
|
u.ResetPwHashExpires = &expires
|
|
return u.Save()
|
|
}
|
|
|
|
// findUserByResetToken looks up a user whose reset token matches and has not expired.
|
|
func findUserByResetToken(token string) (*User, error) {
|
|
var u User
|
|
err := database.DB.
|
|
Where("reset_pw_hash = ? AND reset_pw_hash_expires > ?", token, time.Now()).
|
|
First(&u).Error
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &u, nil
|
|
}
|