passwords

author: raven <citrons@mondecitronne.com> 2025-10-22 16:28:22 -0500
committer: raven <citrons@mondecitronne.com> 2026-02-09 13:13:55 -0600
commit: ff0f6ba724748dbe340187fdd831a4d4f7f0ae5e (patch)
tree: ab27a0c9f40d803c2bf130ef7c82cdf6540e9018 /server/user/command.go
parent: 4b54a1d11fd0fa355b244637612a3fd0af18c60c (diff)
1 files changed, 37 insertions, 0 deletions
diff --git a/server/user/command.go b/server/user/command.go
index 47a3efb..b4c6d5f 100644
--- a/server/user/command.go
+++ b/server/user/command.go
@@ -51,6 +51,43 @@ func (u *User) SendRequest(r session.Request) {
 		u.Stream.Event(r.Cmd)
 		r.ReplyOk()
 
+	case "auth-update":
+		if r.From.UserId != u.Id() {
+			r.Reply(proto.Fail{"forbidden", "", nil}.Cmd())
+			return
+		}
+		if !u.anonymous && !r.From.PasswordAuthed {
+			r.Reply(proto.Fail{"password-required", "", nil}.Cmd())
+			return
+		}
+		if len(r.Cmd.Args) != 1 {
+			r.ReplyInvalid()
+			return
+		}
+		upd := r.Cmd.Args[0]
+		switch upd.Kind {
+		case "password":
+			var password string
+			for k, v := range upd.Fields {
+				switch k {
+				case "":
+					password = v
+				default:
+					r.ReplyInvalid()
+				}
+			}
+			if password == "" {
+				r.ReplyInvalid()
+				return
+			}
+			u.SetPassword(password)
+			r.From.PasswordAuthed = true
+			r.ReplyOk()
+		default:
+			r.ReplyInvalid()
+			return
+		}
+
 	case "i":
 		r.Reply(proto.NewCmd("i", "", u.InfoFor(r.From.UserId)))
author	raven <citrons@mondecitronne.com>	2025-10-22 16:28:22 -0500
committer	raven <citrons@mondecitronne.com>	2026-02-09 13:13:55 -0600
commit	ff0f6ba724748dbe340187fdd831a4d4f7f0ae5e (patch)
tree	ab27a0c9f40d803c2bf130ef7c82cdf6540e9018 /server/user/command.go
parent	4b54a1d11fd0fa355b244637612a3fd0af18c60c (diff)