X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FPlack%2FApp%2FGruntmaster.pm;h=2b06c931ae56230e962a2a80df72ae5b086d4ec2;hb=62f12c1f4fdbac52a49c5e50515282d02f38106e;hp=f091892c75364acab62bec77a11defab31818a61;hpb=cb6adaff6f2edcd17c8707b782edc94a32b82568;p=gruntmaster-page.git diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm index f091892..2b06c93 100644 --- a/lib/Plack/App/Gruntmaster.pm +++ b/lib/Plack/App/Gruntmaster.pm @@ -16,9 +16,11 @@ use Web::Simple; use Gruntmaster::Data; use Plack::App::Gruntmaster::HTML; +use Email::Sender::Simple qw/sendmail/; +use Email::Simple; + use warnings NONFATAL => 'all'; no warnings 'illegalproto'; -no if $] >= 5.017011, warnings => 'experimental::smartmatch'; ################################################## @@ -34,6 +36,7 @@ use constant CONTENT_TYPES => +{ pas => 'text/x-pascal', pl => 'text/x-perl', py => 'text/x-python', + l => 'text/plain', }; use constant FORMAT_EXTENSION => { @@ -47,6 +50,7 @@ use constant FORMAT_EXTENSION => { PASCAL => 'pas', PERL => 'pl', PYTHON => 'py', + SBCL => 'l', }; use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']]; @@ -114,8 +118,11 @@ sub dispatch_request{ sub (/src/:job) { return NOT_FOUND if !job; my $isowner = remote_user && remote_user->id eq job->rawowner; - forbid !$isowner && (job->private || job->problem->private || job->contest && job->contest->is_running); - my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => CONTENT_TYPES->{job->format}); + my $private = job->private || job->problem->private || job->contest && job->contest->is_running; + forbid !$isowner && $private; + my $privacy = $private ? 'private' : 'public'; + my @headers = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=604800", 'Content-Type' => CONTENT_TYPES->{job->format}); + push @headers, (Vary => 'Authorization') if $private; [200, \@headers, [job->source]] }, @@ -241,6 +248,7 @@ sub dispatch_request{ my $source = $prog ? read_file $prog->path : $_{source_code}; unlink $prog->path if $prog; my $private = (problem->private && !$_{contest}) ? 1 : 0; + $private = 1 if contest && contest->is_pending; my $newjob = db->jobs->create({ maybe contest => $_{contest}, private => $private, @@ -254,7 +262,50 @@ sub dispatch_request{ purge '/log/'; [303, [Location => '/log/' . $newjob->id], []] - } + }, + + sub (/action/request-reset + %:username=) { + return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM}; + my $user = db->user($_{username}); + return reply 'No such user' unless $user; + my $token = join ':', $user->make_reset_hmac; + my $body = < +Reset token: $token +EOF + my $email = Email::Simple->create( + header => [ + From => $ENV{GRUNTMASTER_RESET_FROM}, + To => $user->email, + Subject => 'Password reset token', + ], + body => $body, + ); + + my $ok = 0; + eval { + sendmail $email; + $ok = 1; + }; + return reply 'Email sent' if $ok; + reply "Failure sending email: $@"; + }, + + sub (/action/reset + %:username=&:password=&:token=) { + my $user = db->user($_{username}); + return reply 'No such user' unless $user; + my ($token, $exp) = split ':', $_{token}; + return reply 'Reset token is expired' if time >= $exp; + return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token; + $user->set_passphrase($_{password}); + reply 'Password reset successfully'; + }, } }