Started work on URL-Token based password reset system. Email not yet implemented.

src/routers/api/accountRouter.js

@@ -24,6 +24,7 @@ const logoutController = require("../../controllers/api/account/logoutController
 const registerController = require("../../controllers/api/account/registerController");
 const updateController = require("../../controllers/api/account/updateController");
 const rankEnumController = require("../../controllers/api/account/rankEnumController");
+const passwordResetController = require("../../controllers/api/account/passwordResetController");
 const deleteController = require("../../controllers/api/account/deleteController");
 
 //globals
@@ -50,6 +51,8 @@ router.post('/update', accountValidator.img(),
 //This might seem silly, but it allows us to cleanly get the current rank list to compare against, without storing it in multiple places
 router.get('/rankEnum', rankEnumController.get);
 
+router.post('/passwordReset', accountValidator.securityToken(), accountValidator.securePass(), accountValidator.pass('confirmPass'), passwordResetController.post)
+
 router.post('/delete', accountValidator.pass(), deleteController.post);
 
 module.exports = router;

src/routers/api/adminRouter.js

@@ -32,6 +32,7 @@ const permissionsController = require("../../controllers/api/admin/permissionsCo
 const banController = require("../../controllers/api/admin/banController");
 const tokeCommandController = require('../../controllers/api/admin/tokeCommandController');
 const emoteController = require('../../controllers/api/admin/emoteController');
+const passwordResetController = require('../../controllers/api/admin/passwordResetController');
 
 //globals
 const router = Router();
@@ -59,5 +60,7 @@ router.delete('/tokeCommands', permissionSchema.reqPermCheck("editTokeCommands")
 router.get('/emote', permissionSchema.reqPermCheck('adminPanel'), emoteController.get);
 router.post('/emote', permissionSchema.reqPermCheck('editEmotes'), emoteValidator.name(), emoteValidator.link(), emoteController.post);
 router.delete('/emote', permissionSchema.reqPermCheck('editEmotes'), emoteValidator.name(), emoteController.delete);
+//passwordReset
+router.post('/genPasswordReset', permissionSchema.reqPermCheck('genPasswordReset'), accountValidator.user(), passwordResetController.post);
 
 module.exports = router;

src/routers/passwordResetRouter.js

@@ -0,0 +1,31 @@
+/*Canopy - The next generation of stoner streaming software
+Copyright (C) 2024  Rainbownapkin and the TTN Community
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
+
+//npm imports
+const { Router } = require('express');
+
+
+//local imports
+const accountValidator = require('../validators/accountValidator');
+const passwordResetController = require("../controllers/passwordResetController");
+
+//globals
+const router = Router();
+
+//routing functions
+router.get('/', accountValidator.securityToken(), passwordResetController.get);
+
+module.exports = router;