]> iEval git - plack-app-gruntmaster.git/commitdiff
Add password reset functionality
authorMarius Gavrilescu <marius@ieval.ro>
Mon, 16 Feb 2015 15:42:46 +0000 (17:42 +0200)
committerMarius Gavrilescu <marius@ieval.ro>
Mon, 16 Feb 2015 15:42:46 +0000 (17:42 +0200)
a/account.en
lib/Plack/App/Gruntmaster.pm

index cd5eaef1f67ce8c4e0cab992cfcae0682b1c72f3..422b94991eb7db62fd9f8b13e31d9305e48de180 100644 (file)
 <div class="form-group"><label for="ch_confirm_new_password">Confirm new password</label><input type="password" id="ch_confirm_new_password" name="confirm_new_password" class="form-control" required></div>
 <input type="submit" class="btn btn-default" value="Change password">
 </form>
+
+<h1>Request a password reset token</h1>
+<form action="/action/request-reset" method="POST" class="jsform" role="form">
+<div class="form-group"><label for="req_username">Username</label><input type="text" id="req_username" name="username" class="form-control" required></div>
+<input type="submit" class="btn btn-default" value="Send request">
+</form>
+
+<h1>Reset password</h1>
+<form action="/action/reset" method="POST" class="jsform" role="form">
+<div class="form-group"><label for="rst_username">Username</label><input type="text" id="rst_username" name="username" class="form-control" required></div>
+<div class="form-group"><label for="rst_password">New password</label><input type="password" id="rst_password" name="password" class="form-control" required></div>
+<div class="form-group"><label for="rst_token">Reset token</label><input type="text" id="rst_token" name="token" class="form-control" required></div>
+<input type="submit" class="btn btn-default" value="Reset password">
+</form>
index 62bef3283d6b6672af1051bd4748ef295f1162a9..bfc2e27049b064f09bc4d7f6e1c4d4fb5b01c8bc 100644 (file)
@@ -16,6 +16,9 @@ use Web::Simple;
 use Gruntmaster::Data;
 use Plack::App::Gruntmaster::HTML;
 
+use Email::Sender::Simple qw/sendmail/;
+use Email::Simple;
+
 use warnings NONFATAL => 'all';
 no warnings 'illegalproto';
 
@@ -259,7 +262,49 @@ sub dispatch_request{
 
                        purge '/log/';
                        [303, [Location => '/log/' . $newjob->id], []]
-               }
+               },
+
+               sub (/action/request-reset + %:username=) {
+                       return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
+                       my $user = db->user($_{username});
+                       return reply 'No such user' unless $user;
+                       my $token = join ':', $user->make_reset_hmac;
+                       my $body = <<EOF;
+Someone has requested a password reset for your account.
+
+To reset your password, please submit the reset password form on the
+website using the following information:
+
+Username: $_{username}
+Password: <your new password>
+Reset token: $token
+EOF
+                       my $email = Email::Simple->create(
+                               header => [
+                                       From    => $ENV{GRUNTMASTER_RESET_FROM},
+                                       To      => $user->email,
+                                       Subject => 'Password reset token',
+                               ],
+                               body => $body,
+                       );
+
+                       my $ok = 0;
+                       eval {
+                               sendmail $email;
+                               $ok = 1;
+                       };
+                       return reply 'Email sent' if $ok;
+                       reply "Failure sending email: $@";
+               },
+
+               sub (/action/reset + %:username=&:password=&:token=) {
+                       my $user = db->user($_{username});
+                       return reply 'No such user' unless $user;
+                       my ($token, $exp) = split ':', $_{token};
+                       return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
+                       $user->set_passphrase($_{password});
+                       reply 'Password reset successfully';
+               },
        }
 }
 
This page took 0.032705 seconds and 4 git commands to generate.