From 136eb18fb0be488cf0ffadee4b65ba6bdd73c613 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Thu, 28 Dec 2023 23:32:25 -0800 Subject: [PATCH 1/5] feat: account settings --- src/lib/components/chat/SettingsModal.svelte | 26 ++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/src/lib/components/chat/SettingsModal.svelte b/src/lib/components/chat/SettingsModal.svelte index 47c57d99..05dcefd1 100644 --- a/src/lib/components/chat/SettingsModal.svelte +++ b/src/lib/components/chat/SettingsModal.svelte @@ -845,6 +845,32 @@ {/if} + + + {:else if selectedTab === 'account'} +
{ + console.log('change save'); + }} + > +
Change Password
+ +
+
+
Current Password
+ +
+ +
+
+ +
+
New Password
+ +
+ +
+
+ +
+
Confirm Password
+ +
+ +
+
+
+ +
+ +
+
{:else if selectedTab === 'about'}
From d8bb19fd8ad962ec290388c6e7116bbfb1745971 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Fri, 29 Dec 2023 00:26:47 -0800 Subject: [PATCH 3/5] feat: change password frontend added --- backend/apps/web/routers/auths.py | 12 +++++--- backend/constants.py | 3 ++ src/lib/apis/auths/index.ts | 31 ++++++++++++++++++++ src/lib/components/chat/SettingsModal.svelte | 28 +++++++++++++++++- 4 files changed, 69 insertions(+), 5 deletions(-) diff --git a/backend/apps/web/routers/auths.py b/backend/apps/web/routers/auths.py index 31b41b6d..bcbe00d5 100644 --- a/backend/apps/web/routers/auths.py +++ b/backend/apps/web/routers/auths.py @@ -62,12 +62,16 @@ async def get_session_user(cred=Depends(bearer_scheme)): @router.post("/update/password", response_model=bool) async def update_password(form_data: UpdatePasswordForm, cred=Depends(bearer_scheme)): token = cred.credentials - user = Users.get_user_by_token(token) + session_user = Users.get_user_by_token(token) - if user: - hashed = get_password_hash(form_data.new_password) - return Auths.update_user_password_by_id(user.id, form_data.password, hashed) + if session_user: + user = Auths.authenticate_user(session_user.email, form_data.password) + if user: + hashed = get_password_hash(form_data.new_password) + return Auths.update_user_password_by_id(user.id, form_data.password, hashed) + else: + raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_PASSWORD) else: raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED) diff --git a/backend/constants.py b/backend/constants.py index a068995d..761507f2 100644 --- a/backend/constants.py +++ b/backend/constants.py @@ -21,6 +21,9 @@ class ERROR_MESSAGES(str, Enum): "Your session has expired or the token is invalid. Please sign in again." ) INVALID_CRED = "The email or password provided is incorrect. Please check for typos and try logging in again." + INVALID_PASSWORD = ( + "The password provided is incorrect. Please check for typos and try again." + ) UNAUTHORIZED = "401 Unauthorized" ACCESS_PROHIBITED = "You do not have permission to access this resource. Please contact your administrator for assistance." ACTION_PROHIBITED = ( diff --git a/src/lib/apis/auths/index.ts b/src/lib/apis/auths/index.ts index 56a4a7a6..73934055 100644 --- a/src/lib/apis/auths/index.ts +++ b/src/lib/apis/auths/index.ts @@ -88,3 +88,34 @@ export const userSignUp = async (name: string, email: string, password: string) return res; }; + +export const updateUserPassword = async (token: string, password: string, newPassword: string) => { + let error = null; + + const res = await fetch(`${WEBUI_API_BASE_URL}/auths/update/password`, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + ...(token && { authorization: `Bearer ${token}` }) + }, + body: JSON.stringify({ + password: password, + new_password: newPassword + }) + }) + .then(async (res) => { + if (!res.ok) throw await res.json(); + return res.json(); + }) + .catch((err) => { + console.log(err); + error = err.detail; + return null; + }); + + if (error) { + throw error; + } + + return res; +}; diff --git a/src/lib/components/chat/SettingsModal.svelte b/src/lib/components/chat/SettingsModal.svelte index e5332296..18aa6eca 100644 --- a/src/lib/components/chat/SettingsModal.svelte +++ b/src/lib/components/chat/SettingsModal.svelte @@ -18,6 +18,7 @@ import Advanced from './Settings/Advanced.svelte'; import Modal from '../common/Modal.svelte'; + import { updateUserPassword } from '$lib/apis/auths'; export let show = false; @@ -600,6 +601,31 @@ return models; }; + const updatePasswordHandler = async () => { + if (newPassword === newPasswordConfirm) { + const res = await updateUserPassword(localStorage.token, currentPassword, newPassword).catch( + (error) => { + toast.error(error); + return null; + } + ); + + if (res) { + toast.success('Successfully updated.'); + } + + currentPassword = ''; + newPassword = ''; + newPasswordConfirm = ''; + } else { + toast.error( + `The passwords you entered don't quite match. Please double-check and try again.` + ); + newPassword = ''; + newPasswordConfirm = ''; + } + }; + onMount(async () => { let settings = JSON.parse(localStorage.getItem('settings') ?? '{}'); console.log(settings); @@ -1852,7 +1878,7 @@
{ - console.log('change save'); + updatePasswordHandler(); }} >
Change Password
From 500f61b7ee9abc528be14d91dad959c59b030765 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Fri, 29 Dec 2023 00:29:18 -0800 Subject: [PATCH 4/5] chore: update password refac --- backend/apps/web/models/auths.py | 16 ++++------------ backend/apps/web/routers/auths.py | 2 +- 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/backend/apps/web/models/auths.py b/backend/apps/web/models/auths.py index ce087316..0f96f096 100644 --- a/backend/apps/web/models/auths.py +++ b/backend/apps/web/models/auths.py @@ -114,19 +114,11 @@ class AuthsTable: except: return None - def update_user_password_by_id( - self, id: str, password: str, new_password: str - ) -> bool: + def update_user_password_by_id(self, id: str, new_password: str) -> bool: try: - auth = Auth.get(Auth.id == id, Auth.active == True) - if auth: - if verify_password(password, auth.password): - query = Auth.update(password=new_password).where(Auth.id == id) - result = query.execute() - print(result) - return True - else: - return False + query = Auth.update(password=new_password).where(Auth.id == id) + result = query.execute() + print(result) return True except: return False diff --git a/backend/apps/web/routers/auths.py b/backend/apps/web/routers/auths.py index bcbe00d5..9174865a 100644 --- a/backend/apps/web/routers/auths.py +++ b/backend/apps/web/routers/auths.py @@ -69,7 +69,7 @@ async def update_password(form_data: UpdatePasswordForm, cred=Depends(bearer_sch if user: hashed = get_password_hash(form_data.new_password) - return Auths.update_user_password_by_id(user.id, form_data.password, hashed) + return Auths.update_user_password_by_id(user.id, hashed) else: raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_PASSWORD) else: From d5bc54b8f8561cbab40b4e5c759a8a006df669e6 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Fri, 29 Dec 2023 00:31:23 -0800 Subject: [PATCH 5/5] fix: update password --- backend/apps/web/models/auths.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/apps/web/models/auths.py b/backend/apps/web/models/auths.py index 0f96f096..800750c3 100644 --- a/backend/apps/web/models/auths.py +++ b/backend/apps/web/models/auths.py @@ -118,8 +118,8 @@ class AuthsTable: try: query = Auth.update(password=new_password).where(Auth.id == id) result = query.execute() - print(result) - return True + + return True if result == 1 else False except: return False