X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FPlack%2FApp%2FGruntmaster.pm;h=288f18c95d8b6ddce1c63afebbfdb0067781b231;hb=c99c1530347a64a134c74659f10b9c1cd632b42f;hp=62bef3283d6b6672af1051bd4748ef295f1162a9;hpb=a38191f4f125f0f00b8504b8c3d19d8d12e6b351;p=plack-app-gruntmaster.git

diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm
index 62bef32..288f18c 100644
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@ -16,6 +16,9 @@ use Web::Simple;
 use Gruntmaster::Data;
 use Plack::App::Gruntmaster::HTML;
 
+use Email::Sender::Simple qw/sendmail/;
+use Email::Simple;
+
 use warnings NONFATAL => 'all';
 no warnings 'illegalproto';
 
@@ -50,7 +53,7 @@ use constant FORMAT_EXTENSION => {
 	SBCL => 'l',
 };
 
-use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']];
+use constant NOT_FOUND => [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']];
 use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']];
 
 sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' }
@@ -112,6 +115,9 @@ sub dispatch_request{
 			[200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]]
 		},
 
+		sub (/robots.txt) { NOT_FOUND },
+		sub (/favicon.ico) { NOT_FOUND },
+
 		sub (/src/:job) {
 			return NOT_FOUND if !job;
 			my $isowner = remote_user && remote_user->id eq job->rawowner;
@@ -160,7 +166,8 @@ sub dispatch_request{
 
 		sub (/ed/:contest) {
 			forbid contest->is_running;
-			response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1);
+			my $pblist = db->problem_list(contest => $_{contest}, solution => 1);
+			response ed => 'Editorial of ' . contest->name, {%$pblist, editorial => contest->editorial};
 		},
 
 		sub (/login) {
@@ -259,7 +266,52 @@ sub dispatch_request{
 
 			purge '/log/';
 			[303, [Location => '/log/' . $newjob->id], []]
-		}
+		},
+
+		sub (/action/request-reset + %:username=) {
+			return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
+			my $user = db->user($_{username});
+			return reply 'No such user' unless $user;
+			my $token = join ':', $user->make_reset_hmac;
+			my $body = <<EOF;
+Someone has requested a password reset for your account.
+
+To reset your password, please submit the reset password form on the
+website using the following information:
+
+Username: $_{username}
+Password: <your new password>
+Reset token: $token
+
+The token is valid for 24 hours.
+EOF
+			my $email = Email::Simple->create(
+				header => [
+					From    => $ENV{GRUNTMASTER_RESET_FROM},
+					To      => $user->email,
+					Subject => 'Password reset token',
+				],
+				body => $body,
+			);
+
+			my $ok = 0;
+			eval {
+				sendmail $email;
+				$ok = 1;
+			};
+			return reply 'Email sent' if $ok;
+			reply "Failure sending email: $@";
+		},
+
+		sub (/action/reset + %:username=&:password=&:token=) {
+			my $user = db->user($_{username});
+			return reply 'No such user' unless $user;
+			my ($token, $exp) = split ':', $_{token};
+			return reply 'Reset token is expired' if time >= $exp;
+			return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
+			$user->set_passphrase($_{password});
+			reply 'Password reset successfully';
+		},
 	}
 }