From: Marius Gavrilescu <marius@ieval.ro>
Date: Mon, 16 Feb 2015 15:54:18 +0000 (+0200)
Subject: Merge branch 'master' into newmc
X-Git-Url: http://git.ieval.ro/?a=commitdiff_plain;h=fd85a0df209242d83d453d9847aebfe4513100f4;hp=8ee0846af473b6b58ad0641406b56b255ca26366;p=gruntmaster-page.git

Merge branch 'master' into newmc
---

diff --git a/Makefile.PL b/Makefile.PL
index f198fa6..796f5d7 100644
--- a/Makefile.PL
+++ b/Makefile.PL
@@ -27,6 +27,8 @@ WriteMakefile(
 		   warnings    0
 
 		   CSS::Minifier::XS           0
+		   Email::Simple               0
+		   Email::Sender::Simple       0
 		   File::Slurp                 0
 		   Gruntmaster::Data           0
 		   HTML::Seamstress            0
diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm
index 0cb7aab..e0f921d 100644
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@ -279,6 +279,8 @@ website using the following information:
 Username: $_{username}
 Password: <your new password>
 Reset token: $token
+
+The token is valid for 24 hours.
 EOF
 			my $email = Email::Simple->create(
 				header => [
@@ -302,6 +304,7 @@ EOF
 			my $user = db->user($_{username});
 			return reply 'No such user' unless $user;
 			my ($token, $exp) = split ':', $_{token};
+			return reply 'Reset token is expired' if time >= $exp;
 			return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token;
 			$user->set_passphrase($_{password});
 			reply 'Password reset successfully';