Add setup-flow

internal/user/service.go

@@ -35,6 +35,66 @@ func (s *Service) CreateUser(username, password, role string) (*User, error) {
 	return u, nil
 }
 
+// UpdateUser updates a user's information
+func (s *Service) UpdateUser(user *User) (*User, error) {
+	if err := s.repo.Update(user); err != nil {
+		return nil, err
+	}
+	return user, nil
+}
+
+func validNewPassword(oldPassword, newPassword string) bool {
+	if oldPassword == newPassword {
+		return false
+	}
+	if len(newPassword) < 8 {
+		return false
+	}
+	//Contains 1 uppercase, 1 lowercase, 1 number
+	hasUpper := false
+	hasLower := false
+	hasNumber := false
+	for _, c := range newPassword {
+		switch {
+		case 'A' <= c && c <= 'Z':
+			hasUpper = true
+		case 'a' <= c && c <= 'z':
+			hasLower = true
+		case '0' <= c && c <= '9':
+			hasNumber = true
+		}
+	}
+	if !hasUpper || !hasLower || !hasNumber {
+		return false
+	}
+	return true
+}
+
+func (s *Service) ChangePassword(userID string, oldPassword string, newPassword string) error {
+	user, err := s.repo.FindByID(userID)
+	if err != nil {
+		return err
+	}
+
+	if !validNewPassword(oldPassword, newPassword) {
+		return ErrInvalidPassword
+	}
+
+	if !security.CheckPassword(oldPassword, user.PasswordHash) {
+		return ErrPasswordsDoNotMatch
+	}
+
+	newHash, err := security.HashPassword(newPassword)
+	if err != nil {
+		return err
+	}
+
+	user.PasswordHash = newHash
+	user.ForceChangePassword = false
+
+	return s.repo.Update(user)
+}
+
 // GetAllUsers returns all users
 func (s *Service) GetAllUsers() ([]User, error) {
 	return s.repo.GetAll()
@@ -53,3 +113,8 @@ func (s *Service) DeleteUser(requesterID, targetID uint) error {
 func (s *Service) FindByUsername(username string) (*User, error) {
 	return s.repo.FindByUsername(username)
 }
+
+// FindByID returns a user by ID
+func (s *Service) FindByID(id string) (*User, error) {
+	return s.repo.FindByID(id)
+}