X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FPlack%2FApp%2FGruntmaster.pm;h=ef80f50eb8fa58c36d6f37691a15504ec7d380b1;hb=b7c79e04cb3c8ea826ea1aac8049333564794536;hp=c590bc9e2309977edb92554854dd0e66c8605e8b;hpb=bd5ea970657ae9a16ed69748ce9e3feb361c658a;p=gruntmaster-page.git diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm index c590bc9..ef80f50 100644 --- a/lib/Plack/App/Gruntmaster.pm +++ b/lib/Plack/App/Gruntmaster.pm @@ -16,9 +16,11 @@ use Web::Simple; use Gruntmaster::Data; use Plack::App::Gruntmaster::HTML; +use Email::Sender::Simple qw/sendmail/; +use Email::Simple; + use warnings NONFATAL => 'all'; no warnings 'illegalproto'; -no if $] >= 5.017011, warnings => 'experimental::smartmatch'; ################################################## @@ -34,6 +36,7 @@ use constant CONTENT_TYPES => +{ pas => 'text/x-pascal', pl => 'text/x-perl', py => 'text/x-python', + l => 'text/plain', }; use constant FORMAT_EXTENSION => { @@ -50,7 +53,7 @@ use constant FORMAT_EXTENSION => { SBCL => 'l', }; -use constant NOT_FOUND => [404, ['Content-Type' => 'text/plain'], ['Not found']]; +use constant NOT_FOUND => [404, ['X-Forever' => 1, 'Content-Type' => 'text/plain'], ['Not found']]; use constant FORBIDDEN => [401, ['Content-Type' => 'text/plain', 'WWW-Authenticate' => 'Basic realm="Gruntmaster 6000"'], ['Forbidden']]; sub development() { ($ENV{PLACK_ENV} // 'development') eq 'development' } @@ -72,7 +75,7 @@ sub job { db->job ($_{job}) } sub user { db->user ($_{user}) } sub redirect { [301, ['X-Forever' => 1, 'Location' => $_[0]], []] } -sub reply { [200, ['Content-Type' => 'text/plain'], \@_] } +sub reply { [200, ['Content-Type' => 'text/plain; charset=utf-8'], \@_] } sub response { my ($template, $title, $params, $maxage) = @_; unless ($params) { @@ -101,17 +104,20 @@ sub dispatch_request{ return NOT_FOUND unless -e "css/themes/$theme.css"; my $css = read_file "css/themes/$theme.css"; $css .= read_file $_ for ; - my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css'); + my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'text/css; charset=utf-8'); [200, \@headers, [development ? $css : CSS::Minifier::XS::minify $css]] }, sub (/js.js) { my $js; $js .= read_file $_ for ; - my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript'); + my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => 'application/javascript; charset=utf-8'); [200, \@headers, [development ? $js : JavaScript::Minifier::XS::minify $js]] }, + sub (/robots.txt) { NOT_FOUND }, + sub (/favicon.ico) { NOT_FOUND }, + sub (/src/:job) { return NOT_FOUND if !job; my $isowner = remote_user && remote_user->id eq job->rawowner; @@ -142,9 +148,9 @@ sub dispatch_request{ return $r if ref $r ne 'Plack::App::Gruntmaster::Response'; my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}"); push @hdrs, Vary => 'Authorization' if $privacy eq 'private'; - return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json'; + return [200, ['Content-Type' => 'application/json; charset=utf-8', @hdrs], [encode_json $r->{params}]] if $format eq 'json'; my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}}; - [200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]] + [200, ['Content-Type' => 'text/html; charset=utf-8', @hdrs], [encode 'UTF-8', $ret]] }, }, @@ -208,7 +214,7 @@ sub dispatch_request{ sub (/) { redispatch_to '/index' }, sub (/favicon.ico) { redirect '/static/favicon.ico' }, - sub (/:article) { [200, ['Content-Type' => 'text/html', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] } + sub (/:article) { [200, ['Content-Type' => 'text/html; charset=utf-8', 'Cache-Control' => 'public, max-age=60', 'X-Forever' => 1], [render_article $_{article}, 'en']] } }, sub (POST) { @@ -221,7 +227,6 @@ sub dispatch_request{ db->users->create({id => $_{username}, name => $_{name}, email => $_{email}, phone => $_{phone}, town => $_{town}, university => $_{university}, country => $_{country}, level => $_{level}}); db->user($_{username})->set_passphrase($_{password}); - purge '/us/'; reply 'Registered successfully'; }, @@ -258,9 +263,53 @@ sub dispatch_request{ owner => remote_user->id, }); - purge '/log/'; [303, [Location => '/log/' . $newjob->id], []] - } + }, + + sub (/action/request-reset + %:username=) { + return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM}; + my $user = db->user($_{username}); + return reply 'No such user' unless $user; + my $token = join ':', $user->make_reset_hmac; + my $body = < +Reset token: $token + +The token is valid for 24 hours. +EOF + my $email = Email::Simple->create( + header => [ + From => $ENV{GRUNTMASTER_RESET_FROM}, + To => $user->email, + Subject => 'Password reset token', + ], + body => $body, + ); + + my $ok = 0; + eval { + sendmail $email; + $ok = 1; + }; + return reply 'Email sent' if $ok; + reply "Failure sending email: $@"; + }, + + sub (/action/reset + %:username=&:password=&:token=) { + my $user = db->user($_{username}); + return reply 'No such user' unless $user; + my ($token, $exp) = split ':', $_{token}; + return reply 'Reset token is expired' if time >= $exp; + return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token; + $user->set_passphrase($_{password}); + reply 'Password reset successfully'; + }, } }