M_Kececi/bssapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fd5b8a29547f4c7262749d39f675cd6f5449d8fd
bssapp/svc/routes/admin_reset_password.go
MEHMETKECECI eacfacb13b ilk
2026-02-11 17:46:22 +03:00

105 lines
2.8 KiB
Go
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package routes
import (
"bssapp-backend/auth"
"bssapp-backend/internal/auditlog"
"bssapp-backend/repository"
"database/sql"
"encoding/json"
"github.com/gorilla/mux"
"golang.org/x/crypto/bcrypt"
"net/http"
"strconv"
)
type AdminResetPasswordRequest struct {
Password string `json:"password"` // opsiyonel
}
func AdminResetPasswordHandler(db *sql.DB) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json; charset=utf-8")
claims, ok := auth.GetClaimsFromContext(r.Context())
if !ok || claims == nil {
http.Error(w, "unauthorized", http.StatusUnauthorized)
return
}
// ---------------------------------------------------
// 1⃣ USER ID
// ---------------------------------------------------
idStr := mux.Vars(r)["id"]
userID, err := strconv.ParseInt(idStr, 10, 64)
if err != nil || userID <= 0 {
http.Error(w, "invalid user id", http.StatusBadRequest)
return
}
// ---------------------------------------------------
// 2⃣ PAYLOAD (opsiyonel)
// ---------------------------------------------------
var req AdminResetPasswordRequest
_ = json.NewDecoder(r.Body).Decode(&req)
// parola verilmediyse backend üretir
password := req.Password
if password == "" {
password = "Temp123!" // 👉 istersek random generator ekleriz
}
// ---------------------------------------------------
// 3⃣ HASH
// ---------------------------------------------------
hash, err := bcrypt.GenerateFromPassword(
[]byte(password),
bcrypt.DefaultCost,
)
if err != nil {
http.Error(w, "password hash error", http.StatusInternalServerError)
return
}
// ---------------------------------------------------
// 4⃣ UPDATE mk_dfusr
// ---------------------------------------------------
_, err = db.Exec(`
UPDATE mk_dfusr
SET
password_hash = $1,
force_password_change = true,
password_updated_at = NOW(),
updated_at = NOW()
WHERE id = $2
`, string(hash), userID)
if err != nil {
http.Error(w, "password reset failed", http.StatusInternalServerError)
return
}
// ---------------------------------------------------
// 5⃣ REFRESH TOKEN REVOKE
// ---------------------------------------------------
_ = repository.
NewRefreshTokenRepository(db).
RevokeAllForUser(userID)
// ---------------------------------------------------
// 6⃣ AUDIT
// ---------------------------------------------------
auditlog.Write(auditlog.ActivityLog{
ActionType: "ADMIN_PASSWORD_RESET",
ActionCategory: "security",
ActionTarget: "mk_dfusr.id",
IsSuccess: true,
})
// ---------------------------------------------------
// 7⃣ RESPONSE
// ---------------------------------------------------
_ = json.NewEncoder(w).Encode(map[string]any{
"success": true,
})
}
}
Reference in New Issue View Git Blame Copy Permalink