[feature]Add change password command

- Resolves: #8487

4 files changed, 29 insertions, 0 deletions

diff --git a/src/leap/bitmask/core/dispatcher.py b/src/leap/bitmask/core/dispatcher.py
index 4c885ce7..2860c88d 100644
--- a/src/leap/bitmask/core/dispatcher.py
+++ b/src/leap/bitmask/core/dispatcher.py
@@ -119,6 +119,12 @@ class UserCmd(SubCommand):
         user = parts[2]
         return bonafide.do_logout(user)
 
+    @register_method("{'update': 'ok'}")
+    def do_UPDATE(self, bonafide, *parts):
+        user, current_password, new_password = parts[2], parts[3], parts[4]
+        return bonafide.do_change_password(
+            user, current_password, new_password)
+
     @register_method('str')
     def do_ACTIVE(self, bonafide, *parts):
         return bonafide.do_get_active_user()
diff --git a/src/leap/bitmask/core/mail_services.py b/src/leap/bitmask/core/mail_services.py
index 3de4df2e..e19b7192 100644
--- a/src/leap/bitmask/core/mail_services.py
+++ b/src/leap/bitmask/core/mail_services.py
@@ -210,6 +210,17 @@ class SoledadService(HookableService):
                 container.add_instance(
                     userid, password, uuid=uuid, token=token)
 
+    def hook_on_passphrase_change(self, **kw):
+        # TODO: if bitmask stops before this hook being executed bonafide and
+        #       soledad will end up with different passwords
+        #       https://leap.se/code/issues/8489
+        userid = kw['username']
+        password = kw['password']
+        soledad = self._container.get_instance(userid)
+        if soledad is not None:
+            log.msg("Change soledad passphrase for %s" % userid)
+            soledad.change_passphrase(unicode(password))
+
 
 class KeymanagerContainer(Container):
 
diff --git a/src/leap/bitmask/core/service.py b/src/leap/bitmask/core/service.py
index 27853c09..e449a8cd 100644
--- a/src/leap/bitmask/core/service.py
+++ b/src/leap/bitmask/core/service.py
@@ -89,6 +89,7 @@ class BitmaskBackend(configurable.ConfigurableService):
         # (2) provider offers this service
         bf.register_hook('on_passphrase_entry', listener='soledad')
         bf.register_hook('on_bonafide_auth', listener='soledad')
+        bf.register_hook('on_passphrase_change', listener='soledad')
         bf.register_hook('on_bonafide_auth', listener='keymanager')
         bf.register_hook('on_bonafide_auth', listener='mail')
 
diff --git a/src/leap/bitmask/core/web/bitmask.js b/src/leap/bitmask/core/web/bitmask.js
index fedd5fcd..71a34f4a 100644
--- a/src/leap/bitmask/core/web/bitmask.js
+++ b/src/leap/bitmask/core/web/bitmask.js
@@ -177,6 +177,17 @@ var bitmask = function(){
                     }
                     return call(['bonafide', 'user', 'logout', uid]);
                 }
+
+                /**
+                 * Change password
+                 *
+                 * @param {string} uid The uid to log in
+                 * @param {string} current_password The current user password
+                 * @param {string} new_password The new user password
+                 */
+                update: function(uid, current_password, new_password) {
+                    return call(['bonafide', 'user', 'update', uid, current_password, new_password]);
+                },
             }
         },