✨ Update user profile and password (#210)

README.md

@@ -28,7 +28,7 @@ docker run --name sigma -v /home/admin/config:/etc/sigma \
 sh ./scripts/samples/samples.sh
 ```
 
-Visit: <https://sigma.tosone.cn>, username/password: sigma/sigma
+Visit: <https://sigma.tosone.cn>, username/password: sigma/Admin@123
 
 I will periodically reboot the container, and since the container doesn't have any disk mount, every reboot will clear all the data.
 

conf/config-dev.yaml

@@ -126,7 +126,7 @@ auth:
     password: internal-sigma
   admin:
     username: sigma
-    password: sigma
+    password: Admin@123
   token:
     realm: ""
     service: ""

conf/config-full.yaml

@@ -124,7 +124,7 @@ auth:
     password: internal-sigma
   admin:
     username: sigma
-    password: sigma
+    password: Admin@123
   token:
     realm: ""
     service: ""

conf/config.yaml

@@ -132,7 +132,7 @@ auth:
     password: internal-sigma
   admin:
     username: sigma
-    password: sigma
+    password: Admin@123
   token:
     realm: ""
     service: ""

docs/src/components/Hero/index.tsx

@@ -39,6 +39,13 @@ function Hero() {
                   to={useBaseUrl('docs/sigma')}>
                   Get started
                 </Link>
+                <Link
+                  className={clsx(
+                    'button button--outline button--secondary button--lg hero-try-demo',
+                  )}
+                  to={"https://sigma.tosone.cn"}>
+                  Try demo
+                </Link>
               </div>
               <div className="col col--4">
                 <SvgHero color="#FFFFFF" className="illustration" />

docs/src/css/custom.scss

@@ -192,6 +192,11 @@ $roboto: "Roboto Mono", monospace;
     margin-top: 40px;
   }
 
+  .hero-try-demo {
+    margin-top: 40px;
+    margin-left: 20px;
+  }
+
   .boxes {
     display: flex;
     margin-top: 100px;

e2e/push.sh

@@ -24,7 +24,7 @@ docker tag hello-world:latest 127.0.0.1:3000/library/hello-world:latest
 docker pull mysql:8
 docker tag mysql:8 127.0.0.1:3000/library/mysql:8
 
-docker login 127.0.0.1:3000 -u sigma -p sigma
+docker login 127.0.0.1:3000 -u sigma -p Admin@123
 
 docker push 127.0.0.1:3000/library/hello-world:latest
 docker pull 127.0.0.1:3000/library/hello-world:latest

e2e/sc.js

@@ -6,7 +6,7 @@ export const options = {
 };
 
 const username = 'sigma';
-const password = 'sigma';
+const password = 'Admin@123';
 
 const host = "http://127.0.0.1:3000";
 

pkg/consts/consts.go

@@ -87,7 +87,7 @@ const (
 
 var (
 	// PwdStrength represents the password strength
-	PwdStrength = pwdvalidate.GetEntropy("1923432198Aa@")
+	PwdStrength = pwdvalidate.GetEntropy("Admin@123")
 	// Alphanum alphabet num
 	Alphanum = "abcdefghijklmnopqrstuvwxyz0123456789"
 )

pkg/consts/regex.go

@@ -0,0 +1,24 @@
+// Copyright 2023 sigma
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package consts
+
+import "regexp"
+
+var (
+	// RegexUsername ...
+	RegexUsername = regexp.MustCompile(`^[a-zA-Z0-9_@#$%-]+$`)
+	// RegexEmail ...
+	RegexEmail = regexp.MustCompile(`^([^\x00-\x20\x22\x28\x29\x2c\x2e\x3a-\x3c\x3e\x40\x5b-\x5d\x7f-\xff]+|\x22([^\x0d\x22\x5c\x80-\xff]|\x5c[\x00-\x7f])*\x22)(\x2e([^\x00-\x20\x22\x28\x29\x2c\x2e\x3a-\x3c\x3e\x40\x5b-\x5d\x7f-\xff]+|\x22([^\x0d\x22\x5c\x80-\xff]|\x5c[\x00-\x7f])*\x22))*\x40([^\x00-\x20\x22\x28\x29\x2c\x2e\x3a-\x3c\x3e\x40\x5b-\x5d\x7f-\xff]+|\x5b([^\x0d\x5b-\x5d\x80-\xff]|\x5c[\x00-\x7f])*\x5d)(\x2e([^\x00-\x20\x22\x28\x29\x2c\x2e\x3a-\x3c\x3e\x40\x5b-\x5d\x7f-\xff]+|\x5b([^\x0d\x5b-\x5d\x80-\xff]|\x5c[\x00-\x7f])*\x5d))*$`)
+)

pkg/handlers/apidocs/swagger.json

@@ -2208,6 +2208,45 @@
                 }
             }
         },
+        "/validators/password": {
+            "get": {
+                "security": [
+                    {
+                        "BasicAuth": []
+                    }
+                ],
+                "consumes": [
+                    "application/json"
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "Validator"
+                ],
+                "summary": "Validate password",
+                "parameters": [
+                    {
+                        "type": "string",
+                        "description": "Password",
+                        "name": "password",
+                        "in": "query",
+                        "required": true
+                    }
+                ],
+                "responses": {
+                    "204": {
+                        "description": "No Content"
+                    },
+                    "400": {
+                        "description": "Bad Request",
+                        "schema": {
+                            "$ref": "#/definitions/xerrors.ErrCode"
+                        }
+                    }
+                }
+            }
+        },
         "/validators/reference": {
             "get": {
                 "security": [

pkg/handlers/apidocs/swagger.yaml

@@ -2526,6 +2526,30 @@ paths:
       summary: Logout user
       tags:
       - User
+  /validators/password:
+    get:
+      consumes:
+      - application/json
+      parameters:
+      - description: Password
+        in: query
+        name: password
+        required: true
+        type: string
+      produces:
+      - application/json
+      responses:
+        "204":
+          description: No Content
+        "400":
+          description: Bad Request
+          schema:
+            $ref: '#/definitions/xerrors.ErrCode'
+      security:
+      - BasicAuth: []
+      summary: Validate password
+      tags:
+      - Validator
   /validators/reference:
     get:
       consumes:

pkg/handlers/users/users_login_test.go

@@ -65,7 +65,7 @@ func TestLogin(t *testing.T) {
 
 	viper.SetDefault("auth.internalUser.password", "internal-sigma")
 	viper.SetDefault("auth.internalUser.username", "internal-sigma")
-	viper.SetDefault("auth.admin.password", "sigma")
+	viper.SetDefault("auth.admin.password", "Admin@123")
 	viper.SetDefault("auth.admin.username", "sigma")
 	err = inits.Initialize()
 	assert.NoError(t, err)
@@ -77,7 +77,7 @@ func TestLogin(t *testing.T) {
 	userHandler, err := handlerNew()
 	assert.NoError(t, err)
 
-	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"sigma"}`))
+	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"Admin@123"}`))
 	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationJSON)
 	rec := httptest.NewRecorder()
 	c := e.NewContext(req, rec)
@@ -120,7 +120,7 @@ func TestLoginMockToken(t *testing.T) {
 
 	viper.SetDefault("auth.internalUser.password", "internal-sigma")
 	viper.SetDefault("auth.internalUser.username", "internal-sigma")
-	viper.SetDefault("auth.admin.password", "sigma")
+	viper.SetDefault("auth.admin.password", "Admin@123")
 	viper.SetDefault("auth.admin.username", "sigma")
 	err = inits.Initialize()
 	assert.NoError(t, err)
@@ -140,15 +140,15 @@ func TestLoginMockToken(t *testing.T) {
 	userHandler, err := handlerNew(inject{tokenService: tokenMock})
 	assert.NoError(t, err)
 
-	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"sigma"}`))
+	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"Admin@123"}`))
 	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationJSON)
 	rec := httptest.NewRecorder()
 	c := e.NewContext(req, rec)
 	err = userHandler.Login(c)
 	assert.NoError(t, err)
 	assert.Equal(t, http.StatusInternalServerError, c.Response().Status)
 
-	req = httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"sigma"}`))
+	req = httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"Admin@123"}`))
 	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationJSON)
 	rec = httptest.NewRecorder()
 	c = e.NewContext(req, rec)
@@ -188,7 +188,7 @@ func TestLoginMockPassword(t *testing.T) {
 
 	viper.SetDefault("auth.internalUser.password", "internal-sigma")
 	viper.SetDefault("auth.internalUser.username", "internal-sigma")
-	viper.SetDefault("auth.admin.password", "sigma")
+	viper.SetDefault("auth.admin.password", "Admin@123")
 	viper.SetDefault("auth.admin.username", "sigma")
 	err = inits.Initialize()
 	assert.NoError(t, err)
@@ -197,7 +197,7 @@ func TestLoginMockPassword(t *testing.T) {
 	userHandler, err := handlerNew(inject{passwordService: passwordMock})
 	assert.NoError(t, err)
 
-	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"sigma"}`))
+	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(`{"username":"sigma","password":"Admin@123"}`))
 	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationJSON)
 	rec := httptest.NewRecorder()
 	c := e.NewContext(req, rec)
@@ -228,7 +228,7 @@ func TestLoginMockDAO(t *testing.T) {
 
 	viper.SetDefault("auth.internalUser.password", "internal-sigma")
 	viper.SetDefault("auth.internalUser.username", "internal-sigma")
-	viper.SetDefault("auth.admin.password", "sigma")
+	viper.SetDefault("auth.admin.password", "Admin@123")
 	viper.SetDefault("auth.admin.username", "sigma")
 	viper.SetDefault("auth.jwt.privateKey", privateKeyString)
 

pkg/handlers/users/users_logout.go

@@ -16,7 +16,6 @@ package users
 
 import (
 	"errors"
-	"fmt"
 	"net/http"
 
 	"github.com/labstack/echo/v4"
@@ -61,7 +60,7 @@ func (h *handlers) Logout(c echo.Context) error {
 			if errors.Is(err, token.ErrRevoked) {
 				continue
 			}
-			log.Error().Err(err).Msg("Revoke token failed")
+			log.Error().Err(err).Str("token", t).Msg("Revoke token failed")
 			return xerrors.NewHTTPError(c, xerrors.HTTPErrCodeInternalError, err.Error())
 		}
 		ids.Insert(id)
@@ -75,8 +74,6 @@ func (h *handlers) Logout(c echo.Context) error {
 
 	ids.Insert(jti)
 
-	fmt.Println("82", ids)
-
 	for {
 		id, ok := ids.PopAny()
 		if !ok {

pkg/handlers/users/users_self_put.go

@@ -69,5 +69,5 @@ func (h *handlers) SelfPut(c echo.Context) error {
 	if err != nil {
 		return xerrors.NewHTTPError(c, err.(xerrors.ErrCode))
 	}
-	return c.NoContent(http.StatusAccepted)
+	return c.NoContent(http.StatusNoContent)
 }

pkg/handlers/users/users_self_reset_password.go

@@ -33,7 +33,7 @@ import (
 func (h *handlers) SelfResetPassword(c echo.Context) error {
 	ctx := log.Logger.WithContext(c.Request().Context())
 
-	var req types.PostUserSelfResetPasswordRequest
+	var req types.PutUserSelfResetPasswordRequest
 	err := utils.BindValidate(c, &req)
 	if err != nil {
 		log.Error().Err(err).Msg("Bind and validate request body failed")
@@ -74,5 +74,5 @@ func (h *handlers) SelfResetPassword(c echo.Context) error {
 	if err != nil {
 		return xerrors.NewHTTPError(c, err.(xerrors.ErrCode))
 	}
-	return c.NoContent(http.StatusAccepted)
+	return c.NoContent(http.StatusNoContent)
 }

pkg/handlers/validators/handler.go

@@ -32,6 +32,8 @@ type Handlers interface {
 	GetReference(c echo.Context) error
 	// GetTag handles the validate tag request
 	GetTag(c echo.Context) error
+	// GetPassword handles the validate password request
+	GetPassword(c echo.Context) error
 }
 
 var _ Handlers = &handlers{}
@@ -53,6 +55,7 @@ func (f factory) Initialize(e *echo.Echo) error {
 	repositoryHandler := handlerNew()
 	validatorGroup.GET("/reference", repositoryHandler.GetReference)
 	validatorGroup.GET("/tag", repositoryHandler.GetTag)
+	validatorGroup.GET("/password", repositoryHandler.GetPassword)
 	return nil
 }