Partially complete POST /user/:id/changePassword. Still requires TOTP integration

src/main/java/net/frozenorb/apiv3/route/users/POSTUserChangePassword.java

@@ -0,0 +1,56 @@
+package net.frozenorb.apiv3.route.users;
+
+import com.google.common.collect.ImmutableMap;
+import io.vertx.core.Handler;
+import io.vertx.ext.web.RoutingContext;
+import net.frozenorb.apiv3.APIv3;
+import net.frozenorb.apiv3.model.User;
+import net.frozenorb.apiv3.unsorted.BlockingCallback;
+import net.frozenorb.apiv3.util.ErrorUtils;
+
+public final class POSTUserChangePassword implements Handler<RoutingContext> {
+
+    public void handle(RoutingContext ctx) {
+        User user = User.findByIdSync(ctx.request().getParam("id"));
+
+        if (user == null) {
+            ErrorUtils.respondNotFound(ctx, "User", ctx.request().getParam("id"));
+            return;
+        }
+
+        if (user.getPassword() == null) {
+            ErrorUtils.respondInvalidInput(ctx, "User provided does not have password set.");
+            return;
+        }
+
+        boolean authorized = user.checkPassword(ctx.request().getParam("currentPassword"));
+
+        if (!authorized) {
+            ErrorUtils.respondInvalidInput(ctx, "Current password is not correct.");
+            return;
+        }
+
+        BlockingCallback<User.RequiresTotpResult> totpRequiredCallback = new BlockingCallback<>();
+        user.requiresTotpAuthorization(null, totpRequiredCallback);
+        User.RequiresTotpResult requiresTotp = totpRequiredCallback.get();
+
+        if (requiresTotp == User.RequiresTotpResult.REQUIRED_NO_EXEMPTIONS) {
+            // TODO
+        }
+
+        String newPassword = ctx.request().getParam("newPassword");
+
+        if (newPassword.length() < 8) {
+            ErrorUtils.respondGeneric(ctx, 200, "Your password is too short.");
+            return;
+        }
+
+        user.setPassword(newPassword);
+        user.save();
+
+        APIv3.respondJson(ctx, ImmutableMap.of(
+                "success", true
+        ));
+    }
+
+}