forked from mirror/gitea
d0dbe52e76
Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected
79 lines
2.0 KiB
Go
79 lines
2.0 KiB
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
pwd "code.gitea.io/gitea/modules/auth/password"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
|
|
"github.com/urfave/cli/v2"
|
|
)
|
|
|
|
var microcmdUserChangePassword = &cli.Command{
|
|
Name: "change-password",
|
|
Usage: "Change a user's password",
|
|
Action: runChangePassword,
|
|
Flags: []cli.Flag{
|
|
&cli.StringFlag{
|
|
Name: "username",
|
|
Aliases: []string{"u"},
|
|
Value: "",
|
|
Usage: "The user to change password for",
|
|
},
|
|
&cli.StringFlag{
|
|
Name: "password",
|
|
Aliases: []string{"p"},
|
|
Value: "",
|
|
Usage: "New password to set for user",
|
|
},
|
|
},
|
|
}
|
|
|
|
func runChangePassword(c *cli.Context) error {
|
|
if err := argsSet(c, "username", "password"); err != nil {
|
|
return err
|
|
}
|
|
|
|
ctx, cancel := installSignals()
|
|
defer cancel()
|
|
|
|
if err := initDB(ctx); err != nil {
|
|
return err
|
|
}
|
|
if len(c.String("password")) < setting.MinPasswordLength {
|
|
return fmt.Errorf("Password is not long enough. Needs to be at least %d", setting.MinPasswordLength)
|
|
}
|
|
|
|
if !pwd.IsComplexEnough(c.String("password")) {
|
|
return errors.New("Password does not meet complexity requirements")
|
|
}
|
|
pwned, err := pwd.IsPwned(context.Background(), c.String("password"))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if pwned {
|
|
return errors.New("The password you chose is on a list of stolen passwords previously exposed in public data breaches. Please try again with a different password.\nFor more details, see https://haveibeenpwned.com/Passwords")
|
|
}
|
|
uname := c.String("username")
|
|
user, err := user_model.GetUserByName(ctx, uname)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if err = user.SetPassword(c.String("password")); err != nil {
|
|
return err
|
|
}
|
|
|
|
if err = user_model.UpdateUserCols(ctx, user, "passwd", "passwd_hash_algo", "salt"); err != nil {
|
|
return err
|
|
}
|
|
|
|
fmt.Printf("%s's password has been successfully updated!\n", user.Name)
|
|
return nil
|
|
}
|