User password change (#280)

* start passwordChangeHandler

* add user scope

* add user module / api path

* add password change request

* make comment clearer

* add user to processor

* required true

* add processor call to handler

* don't pass tc or channel

* change password func + tests

* add some first docs about password management

* update swagger docs

* add api tests

* go fmt

* test fixes

internal/processing/processor.go

@@ -39,6 +39,7 @@ import (
 	mediaProcessor "github.com/superseriousbusiness/gotosocial/internal/processing/media"
 	"github.com/superseriousbusiness/gotosocial/internal/processing/status"
 	"github.com/superseriousbusiness/gotosocial/internal/processing/streaming"
+	"github.com/superseriousbusiness/gotosocial/internal/processing/user"
 	"github.com/superseriousbusiness/gotosocial/internal/stream"
 	"github.com/superseriousbusiness/gotosocial/internal/timeline"
 	"github.com/superseriousbusiness/gotosocial/internal/typeutils"
@@ -173,6 +174,9 @@ type Processor interface {
 	// OpenStreamForAccount opens a new stream for the given account, with the given stream type.
 	OpenStreamForAccount(ctx context.Context, account *gtsmodel.Account, streamType string) (*stream.Stream, gtserror.WithCode)
 
+	// UserChangePassword changes the password for the given user, with the given form.
+	UserChangePassword(ctx context.Context, authed *oauth.Auth, form *apimodel.PasswordChangeRequest) gtserror.WithCode
+
 	/*
 		FEDERATION API-FACING PROCESSING FUNCTIONS
 		These functions are intended to be called when the federating client needs an immediate (ie., synchronous) reply
@@ -247,6 +251,7 @@ type processor struct {
 	statusProcessor    status.Processor
 	streamingProcessor streaming.Processor
 	mediaProcessor     mediaProcessor.Processor
+	userProcessor      user.Processor
 }
 
 // NewProcessor returns a new Processor that uses the given federator
@@ -259,6 +264,7 @@ func NewProcessor(config *config.Config, tc typeutils.TypeConverter, federator f
 	accountProcessor := account.New(db, tc, mediaHandler, oauthServer, fromClientAPI, federator, config)
 	adminProcessor := admin.New(db, tc, mediaHandler, fromClientAPI, config)
 	mediaProcessor := mediaProcessor.New(db, tc, mediaHandler, storage, config)
+	userProcessor := user.New(db, config)
 
 	return &processor{
 		fromClientAPI:   fromClientAPI,
@@ -279,6 +285,7 @@ func NewProcessor(config *config.Config, tc typeutils.TypeConverter, federator f
 		statusProcessor:    statusProcessor,
 		streamingProcessor: streamingProcessor,
 		mediaProcessor:     mediaProcessor,
+		userProcessor:      userProcessor,
 	}
 }
 

internal/processing/user.go

@@ -0,0 +1,31 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package processing
+
+import (
+	"context"
+
+	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
+	"github.com/superseriousbusiness/gotosocial/internal/oauth"
+)
+
+func (p *processor) UserChangePassword(ctx context.Context, authed *oauth.Auth, form *apimodel.PasswordChangeRequest) gtserror.WithCode {
+	return p.userProcessor.ChangePassword(ctx, authed.User, form.OldPassword, form.NewPassword)
+}

internal/processing/user/changepassword.go

@@ -0,0 +1,50 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user
+
+import (
+	"context"
+
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+	"github.com/superseriousbusiness/gotosocial/internal/validate"
+	"golang.org/x/crypto/bcrypt"
+)
+
+func (p *processor) ChangePassword(ctx context.Context, user *gtsmodel.User, oldPassword string, newPassword string) gtserror.WithCode {
+	if err := bcrypt.CompareHashAndPassword([]byte(user.EncryptedPassword), []byte(oldPassword)); err != nil {
+		return gtserror.NewErrorBadRequest(err, "old password did not match")
+	}
+
+	if err := validate.NewPassword(newPassword); err != nil {
+		return gtserror.NewErrorBadRequest(err, err.Error())
+	}
+
+	newPasswordHash, err := bcrypt.GenerateFromPassword([]byte(newPassword), bcrypt.DefaultCost)
+	if err != nil {
+		return gtserror.NewErrorInternalError(err, "error hashing password")
+	}
+
+	user.EncryptedPassword = string(newPasswordHash)
+	if err := p.db.UpdateByPrimaryKey(ctx, user); err != nil {
+		return gtserror.NewErrorInternalError(err, "database error")
+	}
+
+	return nil
+}

internal/processing/user/changepassword_test.go

@@ -0,0 +1,74 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user_test
+
+import (
+	"context"
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/suite"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type ChangePasswordTestSuite struct {
+	UserStandardTestSuite
+}
+
+func (suite *ChangePasswordTestSuite) TestChangePasswordOK() {
+	user := suite.testUsers["local_account_1"]
+
+	errWithCode := suite.user.ChangePassword(context.Background(), user, "password", "verygoodnewpassword")
+	suite.NoError(errWithCode)
+
+	err := bcrypt.CompareHashAndPassword([]byte(user.EncryptedPassword), []byte("verygoodnewpassword"))
+	suite.NoError(err)
+
+	// get user from the db again
+	dbUser := &gtsmodel.User{}
+	err = suite.db.GetByID(context.Background(), user.ID, dbUser)
+	suite.NoError(err)
+
+	// check the password has changed
+	err = bcrypt.CompareHashAndPassword([]byte(dbUser.EncryptedPassword), []byte("verygoodnewpassword"))
+	suite.NoError(err)
+}
+
+func (suite *ChangePasswordTestSuite) TestChangePasswordIncorrectOld() {
+	user := suite.testUsers["local_account_1"]
+
+	errWithCode := suite.user.ChangePassword(context.Background(), user, "ooooopsydoooopsy", "verygoodnewpassword")
+	suite.EqualError(errWithCode, "crypto/bcrypt: hashedPassword is not the hash of the given password")
+	suite.Equal(http.StatusBadRequest, errWithCode.Code())
+	suite.Equal("bad request: old password did not match", errWithCode.Safe())
+}
+
+func (suite *ChangePasswordTestSuite) TestChangePasswordWeakNew() {
+	user := suite.testUsers["local_account_1"]
+
+	errWithCode := suite.user.ChangePassword(context.Background(), user, "password", "1234")
+	suite.EqualError(errWithCode, "insecure password, try including more special characters, using lowercase letters, using uppercase letters or using a longer password")
+	suite.Equal(http.StatusBadRequest, errWithCode.Code())
+	suite.Equal("bad request: insecure password, try including more special characters, using lowercase letters, using uppercase letters or using a longer password", errWithCode.Safe())
+}
+
+func TestChangePasswordTestSuite(t *testing.T) {
+	suite.Run(t, &ChangePasswordTestSuite{})
+}

internal/processing/user/user.go

@@ -0,0 +1,48 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user
+
+import (
+	"context"
+
+	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/db"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+)
+
+// Processor wraps a bunch of functions for processing user-level actions.
+type Processor interface {
+	// ChangePassword changes the specified user's password from old => new,
+	// or returns an error if the new password is too weak, or the old password is incorrect.
+	ChangePassword(ctx context.Context, user *gtsmodel.User, oldPassword string, newPassword string) gtserror.WithCode
+}
+
+type processor struct {
+	config *config.Config
+	db     db.DB
+}
+
+// New returns a new user processor
+func New(db db.DB, config *config.Config) Processor {
+	return &processor{
+		config: config,
+		db:     db,
+	}
+}

internal/processing/user/user_test.go

@@ -0,0 +1,52 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package user_test
+
+import (
+	"github.com/stretchr/testify/suite"
+	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/db"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+	"github.com/superseriousbusiness/gotosocial/internal/processing/user"
+	"github.com/superseriousbusiness/gotosocial/testrig"
+)
+
+type UserStandardTestSuite struct {
+	suite.Suite
+	config *config.Config
+	db     db.DB
+
+	testUsers map[string]*gtsmodel.User
+
+	user user.Processor
+}
+
+func (suite *UserStandardTestSuite) SetupTest() {
+	testrig.InitTestLog()
+	suite.config = testrig.NewTestConfig()
+	suite.db = testrig.NewTestDB()
+	suite.testUsers = testrig.NewTestUsers()
+	suite.user = user.New(suite.db, suite.config)
+
+	testrig.StandardDBSetup(suite.db, nil)
+}
+
+func (suite *UserStandardTestSuite) TearDownTest() {
+	testrig.StandardDBTeardown(suite.db)
+}