numerus/deploy/change_password.sql

29 lines
765 B
PL/PgSQL

-- Deploy numerus:change_password to pg
-- requires: schema_numerus
-- requires: user
begin;
set search_path to numerus, auth, public;
create or replace function change_password(new_password text) returns void as
$$
update "user"
set password = new_password
where email = current_user_email()
and cookie = current_user_cookie()
and cookie_expires_at > current_timestamp
and length(cookie) > 30
$$ language sql
security definer
set search_path to auth, numerus, pg_temp;
revoke execute on function change_password(text) from public;
grant execute on function change_password(text) to invoicer;
grant execute on function change_password(text) to admin;
comment on function change_password(text) is
'Changes the password for the current app user';
commit;