From 9af758a82b0369c352835d0dc1b4678499894091 Mon Sep 17 00:00:00 2001
From: Roland Osborne <rolandosborne@gmail.com>
Date: Wed, 9 Mar 2022 15:12:05 -0800
Subject: [PATCH] adding admin account reset

---
 net/server/internal/api_admin.go              |  4 --
 .../internal/api_getAccountListingImage.go    |  7 ++-
 net/server/internal/api_setNodeAccount.go     | 49 +++++++++++++++++++
 3 files changed, 55 insertions(+), 5 deletions(-)
 create mode 100644 net/server/internal/api_setNodeAccount.go

diff --git a/net/server/internal/api_admin.go b/net/server/internal/api_admin.go
index 90c39a31..abf9f5b9 100644
--- a/net/server/internal/api_admin.go
+++ b/net/server/internal/api_admin.go
@@ -33,8 +33,4 @@ func RemoveNodeAccount(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 }
 
-func SetNodeAccount(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("Content-Type", "application/json; charset=UTF-8")
-	w.WriteHeader(http.StatusOK)
-}
 
diff --git a/net/server/internal/api_getAccountListingImage.go b/net/server/internal/api_getAccountListingImage.go
index 3ba07f1a..d9d8466a 100644
--- a/net/server/internal/api_getAccountListingImage.go
+++ b/net/server/internal/api_getAccountListingImage.go
@@ -8,12 +8,17 @@ import (
   "gorm.io/gorm"
   "databag/internal/store"
   "encoding/base64"
+  "github.com/gorilla/mux"
 )
 
 func GetAccountListingImage(w http.ResponseWriter, r *http.Request) {
 
+  // get referenced account guid
+  params := mux.Vars(r)
+  guid := params["guid"]
+
   var account store.Account
-  if err := store.DB.Preload("AccountDetail").Where("searchable = ? AND disabled = ?", true, false).First(&account).Error; err != nil {
+  if err := store.DB.Preload("AccountDetail").Where("guid = ? AND searchable = ? AND disabled = ?", guid, true, false).First(&account).Error; err != nil {
     if errors.Is(err, gorm.ErrRecordNotFound) {
       ErrResponse(w, http.StatusNotFound, err)
     } else {
diff --git a/net/server/internal/api_setNodeAccount.go b/net/server/internal/api_setNodeAccount.go
new file mode 100644
index 00000000..866f75ba
--- /dev/null
+++ b/net/server/internal/api_setNodeAccount.go
@@ -0,0 +1,49 @@
+package databag
+
+import (
+	"net/http"
+  "encoding/hex"
+  "time"
+  "strconv"
+  "github.com/gorilla/mux"
+  "databag/internal/store"
+	"github.com/theckman/go-securerandom"
+)
+
+func SetNodeAccount(w http.ResponseWriter, r *http.Request) {
+
+  // get referenced account id
+  params := mux.Vars(r)
+  accountId, res := strconv.ParseUint(params["accountId"], 10, 32)
+  if res != nil {
+    ErrResponse(w, http.StatusBadRequest, res)
+    return
+  }
+
+  if res = AdminLogin(r); res != nil {
+    ErrResponse(w, http.StatusUnauthorized, res)
+    return
+  }
+
+  data, err := securerandom.Bytes(APP_RESETSIZE)
+  if err != nil {
+    ErrResponse(w, http.StatusInternalServerError, err)
+    return
+  }
+  token := hex.EncodeToString(data)
+
+  accountToken := store.AccountToken{
+    TokenType: APP_TOKENRESET,
+    Token: token,
+    AccountID: uint(accountId),
+    Expires: time.Now().Unix() + APP_CREATEEXPIRE,
+  };
+
+  if err := store.DB.Create(&accountToken).Error; err != nil {
+    ErrResponse(w, http.StatusInternalServerError, err)
+    return
+  }
+
+  WriteResponse(w, token);
+}
+