Update password handling and session methods

2025-01-05 01:23:43 -05:00 · 2025-01-05 01:23:43 -05:00 · 85814913e4
commit 85814913e4
parent 8b9896f196
11 changed files with 239 additions and 70 deletions
--- a/src/Socialbox/Classes/StandardMethods/SettingsUpdatePassword.php
+++ b/src/Socialbox/Classes/StandardMethods/SettingsUpdatePassword.php
@ -0,0 +1,57 @@
+<?php
+
+    namespace Socialbox\Classes\StandardMethods;
+
+    use Exception;
+    use Socialbox\Abstracts\Method;
+    use Socialbox\Classes\Cryptography;
+    use Socialbox\Enums\StandardError;
+    use Socialbox\Exceptions\DatabaseOperationException;
+    use Socialbox\Exceptions\StandardException;
+    use Socialbox\Interfaces\SerializableInterface;
+    use Socialbox\Managers\PasswordManager;
+    use Socialbox\Objects\ClientRequest;
+    use Socialbox\Objects\RpcRequest;
+
+    class SettingsUpdatePassword extends Method
+    {
+        /**
+         * @inheritDoc
+         */
+        public static function execute(ClientRequest $request, RpcRequest $rpcRequest): ?SerializableInterface
+        {
+            if(!$rpcRequest->containsParameter('password'))
+            {
+                return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Missing 'password' parameter");
+            }
+
+            if(!Cryptography::validatePasswordHash($rpcRequest->getParameter('password')))
+            {
+                return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Invalid 'password' parameter, must be a valid argon2id hash");
+            }
+
+            try
+            {
+                if (!PasswordManager::usesPassword($request->getPeer()->getUuid()))
+                {
+                    return $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, "Cannot update password when one isn't already set, use 'settingsSetPassword' instead");
+                }
+            }
+            catch (DatabaseOperationException $e)
+            {
+                throw new StandardException('Failed to check password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
+            }
+
+            try
+            {
+                // Set the password
+                PasswordManager::updatePassword($request->getPeer(), $rpcRequest->getParameter('password'));
+            }
+            catch(Exception $e)
+            {
+                throw new StandardException('Failed to set password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
+            }
+
+            return $rpcRequest->produceResponse(true);
+        }
+    }