From: Marius Gavrilescu <marius@ieval.ro>
Date: Mon, 16 Feb 2015 15:43:08 +0000 (+0200)
Subject: Merge branch 'master' into newmc
X-Git-Url: http://git.ieval.ro/?a=commitdiff_plain;ds=sidebyside;h=8ee0846af473b6b58ad0641406b56b255ca26366;hp=-c;p=plack-app-gruntmaster.git

Merge branch 'master' into newmc
---

8ee0846af473b6b58ad0641406b56b255ca26366
diff --combined lib/Plack/App/Gruntmaster.pm
index 185017b,bfc2e27..0cb7aab
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@@ -16,6 -16,9 +16,9 @@@ use Web::Simple
  use Gruntmaster::Data;
  use Plack::App::Gruntmaster::HTML;
  
+ use Email::Sender::Simple qw/sendmail/;
+ use Email::Simple;
+ 
  use warnings NONFATAL => 'all';
  no warnings 'illegalproto';
  
@@@ -160,8 -163,7 +163,8 @@@ sub dispatch_request
  
  		sub (/ed/:contest) {
  			forbid contest->is_running;
 -			response ed => 'Editorial of ' . contest->name, db->problem_list(contest => $_{contest}, solution => 1);
 +			my $pblist = db->problem_list(contest => $_{contest}, solution => 1);
 +			response ed => 'Editorial of ' . contest->name, {%$pblist, editorial => contest->editorial};
  		},
  
  		sub (/login) {
@@@ -260,7 -262,49 +263,49 @@@
  
  			purge '/log/';
  			[303, [Location => '/log/' . $newjob->id], []]
- 		}
+ 		},
+ 
+ 		sub (/action/request-reset + %:username=) {
+ 			return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM};
+ 			my $user = db->user($_{username});
+ 			return reply 'No such user' unless $user;
+ 			my $token = join ':', $user->make_reset_hmac;
+ 			my $body = <<EOF;
+ Someone has requested a password reset for your account.
+ 
+ To reset your password, please submit the reset password form on the
+ website using the following information:
+ 
+ Username: $_{username}
+ Password: <your new password>
+ Reset token: $token
+ EOF
+ 			my $email = Email::Simple->create(
+ 				header => [
+ 					From    => $ENV{GRUNTMASTER_RESET_FROM},
+ 					To      => $user->email,
+ 					Subject => 'Password reset token',
+ 				],
+ 				body => $body,
+ 			);
+ 
+ 			my $ok = 0;
+ 			eval {
+ 				sendmail $email;
+ 				$ok = 1;
+ 			};
+ 			return reply 'Email sent' if $ok;
+ 			reply "Failure sending email: $@";
+ 		},
+ 
+ 		sub (/action/reset + %:username=&:password=&:token=) {
+ 			my $user = db->user($_{username});
+ 			return reply 'No such user' unless $user;
+ 			my ($token, $exp) = split ':', $_{token};
+ 			return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
+ 			$user->set_passphrase($_{password});
+ 			reply 'Password reset successfully';
+ 		},
  	}
  }