Skip to content

forgotpsw checked and fixture for it created #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kambizzandi merged 1 commit into from
Jan 12, 2022
Merged

forgotpsw checked and fixture for it created #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions Modules/Account/functionalTest/testAccount.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -338,8 +338,8 @@ private slots:
void CreateForgotPasswordLink(){
QVERIFY(callAPI(RESTClientHelper::POST,
"Account/createForgotPasswordLink",{},{
{"login", UT_UserEmail},
{"via", "Web"},
{"emailOrMobile", UT_UserEmail},
// {"via", "Web"},
}).toBool());
}

Expand All @@ -354,6 +354,7 @@ private slots:
//827ccb0eea8a706c4c34a16891f84e7b # 12345
QVERIFY(callAPI(RESTClientHelper::POST,
"Account/changePassByUUID", {},{
{ "emailOrMobile", UT_UserEmail },
{ "uuid", Code },
{ "newPass", "827ccb0eea8a706c4c34a16891f84e7b" }
}).toBool());
Expand Down
141 changes: 92 additions & 49 deletions Modules/Account/moduleSrc/Account.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,26 @@ tmplConfigurable<FilePath_t> Account::InvalidPasswordsFile (
enuConfigSource::Arg | enuConfigSource::File
);

QString ValidateAndNormalizeEmailOrPhoneNumber(QString &_emailOrMobile)
{
if (QFV.email().isValid(_emailOrMobile))
{
if (QFV.emailNotFake().isValid(_emailOrMobile) == false)
throw exHTTPBadRequest("Email domain is suspicious. Please use a real email.");

_emailOrMobile = _emailOrMobile.toLower();
return "E";
}

if (QFV.mobile().isValid(_emailOrMobile))
{
_emailOrMobile = PhoneHelper::NormalizePhoneNumber(_emailOrMobile);
return "M";
}

throw exHTTPBadRequest("emailOrMobile must be a valid email or mobile");
}

/*****************************************************************/
/*****************************************************************/
/*****************************************************************/
Expand Down Expand Up @@ -216,21 +236,7 @@ QVariantMap Account::apiPUTsignup(
{
Authorization::validateIPAddress(_REMOTE_IP);

QString Type;

if (QFV.email().isValid(_emailOrMobile)) {
if (QFV.emailNotFake().isValid(_emailOrMobile))
Type = 'E';
else
throw exHTTPBadRequest("Email domain is suspicious. Please use a real email.");
}
else if (QFV.mobile().isValid(_emailOrMobile))
{
Type = 'M';
_emailOrMobile = PhoneHelper::NormalizePhoneNumber(_emailOrMobile);
}
else
throw exHTTPBadRequest("emailOrMobile must be a valid email or mobile");
QString Type = ValidateAndNormalizeEmailOrPhoneNumber(_emailOrMobile);

QFV/*.asciiAlNum()*/.maxLenght(50).validate(_role);

Expand Down Expand Up @@ -412,11 +418,12 @@ Targoman::API::AccountModule::stuMultiJWT Account::apilogin(
{
Authorization::validateIPAddress(_REMOTE_IP);

QFV.oneOf({QFV.emailNotFake(), QFV.mobile()}).validate(_emailOrMobile, "login");
QFV.asciiAlNum().maxLenght(20).validate(_salt, "salt");
// QFV.oneOf({QFV.emailNotFake(), QFV.mobile()}).validate(_emailOrMobile, "login");
// if (QFV.mobile().isValid(_emailOrMobile))
// _emailOrMobile = PhoneHelper::NormalizePhoneNumber(_emailOrMobile);
ValidateAndNormalizeEmailOrPhoneNumber(_emailOrMobile);

if (QFV.mobile().isValid(_emailOrMobile))
_emailOrMobile = PhoneHelper::NormalizePhoneNumber(_emailOrMobile);
QFV.asciiAlNum().maxLenght(20).validate(_salt, "salt");

auto LoginInfo = Authentication::login(_REMOTE_IP,
_emailOrMobile,
Expand Down Expand Up @@ -471,22 +478,7 @@ bool Account::apiresendApprovalCode(
{
Authorization::validateIPAddress(_REMOTE_IP);

QString Type;

if (QFV.email().isValid(_emailOrMobile))
{
if (QFV.emailNotFake().isValid(_emailOrMobile))
Type = 'E';
else
throw exHTTPBadRequest("Email domain is suspicious. Please use a real email.");
}
else if (QFV.mobile().isValid(_emailOrMobile))
{
Type = 'M';
_emailOrMobile = PhoneHelper::NormalizePhoneNumber(_emailOrMobile);
}
else
throw exHTTPBadRequest("emailOrMobile must be a valid email or mobile");
QString Type = ValidateAndNormalizeEmailOrPhoneNumber(_emailOrMobile);

// this->callSP("AAA.sp_CREATE_approvalRequestAgain", {
// { "iBy", Type },
Expand Down Expand Up @@ -657,51 +649,102 @@ bool Account::apilogout(TAPI::JWT_t _JWT)

QString Account::apicreateForgotPasswordLink(
TAPI::RemoteIP_t _REMOTE_IP,
QString _login
QString _emailOrMobile
)
{
Authorization::validateIPAddress(_REMOTE_IP);

QFV.oneOf({QFV.emailNotFake(), QFV.mobile()}).validate(_login, "login");
QString Type = ValidateAndNormalizeEmailOrPhoneNumber(_emailOrMobile);

this->callSP("AAA.sp_CREATE_forgotPassRequest", {
{ "iLogin", _login },
{ "iVia", QString(_login.contains('@') ? 'E' : 'M') },
{ "iLogin", _emailOrMobile },
{ "iVia", Type },
});

return _login.contains('@') ? "email" : "mobile";
return (Type == "E" ? "email" : "mobile");
}

bool Account::apichangePass(TAPI::JWT_t _JWT, TAPI::MD5_t _oldPass, QString _oldPassSalt, TAPI::MD5_t _newPass)
#ifdef QT_DEBUG
QString Account::apiPOSTfixtureGetLastForgotPasswordUUIDAndMakeAsSent(
TAPI::RemoteIP_t _REMOTE_IP,
QString _emailOrMobile
)
{
QFV.asciiAlNum().maxLenght(20).validate(_oldPassSalt, "salt");
Q_UNUSED(_REMOTE_IP);

this->callSP("AAA.sp_UPDATE_changePass", {
{ "iUserID", clsJWT(_JWT).usrID() },
{ "iOldPass", _oldPass },
{ "iOldPassSalt", _oldPassSalt },
{ "iNewPass", _newPass },
});
QString Type = ValidateAndNormalizeEmailOrPhoneNumber(_emailOrMobile);

return true;
QVariantMap Data = SelectQuery(ForgotPassRequest::instance())
.addCol(tblForgotPassRequest::fprUUID)
.addCol(tblForgotPassRequest::fprStatus)
.innerJoinWith(tblForgotPassRequest::Relation::User)
.where({ Type == "E" ? tblUser::usrEmail : tblUser::usrMobile, enuConditionOperator::Equal, _emailOrMobile })
.andWhere({ tblForgotPassRequest::fprRequestedVia, enuConditionOperator::Equal, Type.at(0) })
.orderBy(tblForgotPassRequest::fprRequestDate, enuOrderDir::Descending)
.one()
;

QString UUID = Data.value(tblForgotPassRequest::fprUUID).toString();

if (UUID.isEmpty())
throw exHTTPNotFound("No UUID could be found");

QString fprStatus = Data.value(tblForgotPassRequest::fprStatus).toString();
if (fprStatus != "Sent")
{
quint64 RowsCount = UpdateQuery(ForgotPassRequest::instance())
.set(tblForgotPassRequest::fprStatus, enuFPRStatus::Sent)
.where({ tblForgotPassRequest::fprUUID, enuConditionOperator::Equal, UUID })
.execute(1)
;
if (RowsCount == 0)
throw exHTTPNotFound("error in set as sent");
}

return UUID;
}
#endif

bool Account::apichangePassByUUID(
TAPI::RemoteIP_t _REMOTE_IP,
QString _emailOrMobile,
TAPI::MD5_t _uuid,
TAPI::MD5_t _newPass
)
{
Authorization::validateIPAddress(_REMOTE_IP);

QString Type = ValidateAndNormalizeEmailOrPhoneNumber(_emailOrMobile);

this->callSP("AAA.sp_UPDATE_changePassByUUID", {
{ "iVia", Type },
{ "iLogin", _emailOrMobile },
{ "iUUID", _uuid },
{ "iNewPass", _newPass },
});

return true;
}

bool Account::apichangePass(
TAPI::JWT_t _JWT,
TAPI::MD5_t _oldPass,
QString _oldPassSalt,
TAPI::MD5_t _newPass
)
{
QFV.asciiAlNum().maxLenght(20).validate(_oldPassSalt, "salt");

this->callSP("AAA.sp_UPDATE_changePass", {
{ "iUserID", clsJWT(_JWT).usrID() },
{ "iOldPass", _oldPass },
{ "iOldPassSalt", _oldPassSalt },
{ "iNewPass", _newPass },
});

return true;
}

/*****************************************************************\
|* Voucher & Payments ********************************************|
\*****************************************************************/
Expand Down
31 changes: 21 additions & 10 deletions Modules/Account/moduleSrc/Account.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -248,30 +248,42 @@ private slots:
createForgotPasswordLink,
(
TAPI::RemoteIP_t _REMOTE_IP,
QString _login
QString _emailOrMobile
),
"Create a forgot password request returning a UUID for the requiest"
)

bool REST_GET_OR_POST(
changePass,
#ifdef QT_DEBUG
QString REST_POST(
fixtureGetLastForgotPasswordUUIDAndMakeAsSent,
(
TAPI::JWT_t _JWT,
TAPI::MD5_t _oldPass,
QString _oldPassSalt,
TAPI::MD5_t _newPass
TAPI::RemoteIP_t _REMOTE_IP,
QString _emailOrMobile
),
"Changes password of the logged-in user"
"fixture: Get Last Forgot Password UUID And Make As Sent"
)
#endif

bool REST_GET_OR_POST(
changePassByUUID,
(
TAPI::RemoteIP_t _REMOTE_IP,
QString _emailOrMobile,
TAPI::MD5_t _uuid,
TAPI::MD5_t _newPass
),
"Changes password based on a UUID provided by "
"Changes password based on a UUID provided by createForgotPasswordLink"
)

bool REST_GET_OR_POST(
changePass,
(
TAPI::JWT_t _JWT,
TAPI::MD5_t _oldPass,
QString _oldPassSalt,
TAPI::MD5_t _newPass
),
"Changes password of the logged-in user"
)

/*****************************************************************\
Expand Down Expand Up @@ -356,7 +368,6 @@ private slots:
)

#ifdef QT_DEBUG
protected slots:
QVariant REST_POST(
fixtureSetup,
(
Expand Down
16 changes: 8 additions & 8 deletions Modules/Account/moduleSrc/ORM/ForgotPassRequest.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,16 +35,16 @@ ForgotPassRequest::ForgotPassRequest() :
intfSQLBasedModule(
AAASchema,
tblForgotPassRequest::Name,
{///< ColName Type Validation Default UpBy Sort Filter Self Virt PK
{ tblForgotPassRequest::fprUUID, S(TAPI::MD5_t), QFV, ORM_PRIMARY_KEY },
{ tblForgotPassRequest::fpr_usrID, S(quint64), QFV.integer().minValue(1), QRequired, UPNone },
{ tblForgotPassRequest::fprRequestedVia, S(Targoman::API::AccountModule::enuForgotPassLinkVia::Type), QFV, Targoman::API::AccountModule::enuForgotPassLinkVia::Email, UPNone },
{ tblForgotPassRequest::fprRequestDate, ORM_CREATED_ON },
{ tblForgotPassRequest::fprApplyDate, S(TAPI::DateTime_t), QFV, QNull, UPNone },
{ tblForgotPassRequest::fprStatus, ORM_STATUS_FIELD(Targoman::API::AccountModule::enuFPRStatus, Targoman::API::AccountModule::enuFPRStatus::New) },
{///< ColName Type Validation Default UpBy Sort Filter Self Virt PK
{ tblForgotPassRequest::fprUUID, S(TAPI::MD5_t), QFV, ORM_PRIMARY_KEY },
{ tblForgotPassRequest::fpr_usrID, S(quint64), QFV.integer().minValue(1), QRequired, UPNone },
{ tblForgotPassRequest::fprRequestedVia, S(Targoman::API::AccountModule::enuForgotPassLinkVia::Type), QFV, Targoman::API::AccountModule::enuForgotPassLinkVia::Email, UPNone },
{ tblForgotPassRequest::fprRequestDate, ORM_CREATED_ON },
{ tblForgotPassRequest::fprApplyDate, S(TAPI::DateTime_t), QFV, QNull, UPAdmin },
{ tblForgotPassRequest::fprStatus, ORM_STATUS_FIELD(Targoman::API::AccountModule::enuFPRStatus, Targoman::API::AccountModule::enuFPRStatus::New) },
},
{///< Col Reference Table ForeignCol
{ tblForgotPassRequest::fpr_usrID, R(AAASchema,tblUser::Name), tblUser::usrID },
{ tblForgotPassRequest::Relation::User, { tblForgotPassRequest::fpr_usrID, R(AAASchema,tblUser::Name), tblUser::usrID } },
}
)
{}
Expand Down
17 changes: 10 additions & 7 deletions Modules/Account/moduleSrc/ORM/ForgotPassRequest.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,16 @@ namespace ORM {
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wunused-variable"
namespace tblForgotPassRequest {
constexpr char Name[] = "tblForgotPassRequest";
TARGOMAN_CREATE_CONSTEXPR(fprUUID);
TARGOMAN_CREATE_CONSTEXPR(fpr_usrID);
TARGOMAN_CREATE_CONSTEXPR(fprRequestedVia);
TARGOMAN_CREATE_CONSTEXPR(fprRequestDate);
TARGOMAN_CREATE_CONSTEXPR(fprApplyDate);
TARGOMAN_CREATE_CONSTEXPR(fprStatus);
constexpr char Name[] = "tblForgotPassRequest";
namespace Relation {
constexpr char User[] = "user";
}
TARGOMAN_CREATE_CONSTEXPR(fprUUID);
TARGOMAN_CREATE_CONSTEXPR(fpr_usrID);
TARGOMAN_CREATE_CONSTEXPR(fprRequestedVia);
TARGOMAN_CREATE_CONSTEXPR(fprRequestDate);
TARGOMAN_CREATE_CONSTEXPR(fprApplyDate);
TARGOMAN_CREATE_CONSTEXPR(fprStatus);
}
#pragma GCC diagnostic pop

Expand Down
Loading