From 3c434a02d3cc1438e4944c2a143e4989ab0c74a6 Mon Sep 17 00:00:00 2001 From: Marius Gavrilescu Date: Mon, 16 Feb 2015 17:42:46 +0200 Subject: [PATCH] Add password reset functionality --- a/account.en | 14 +++++++++++ lib/Plack/App/Gruntmaster.pm | 47 +++++++++++++++++++++++++++++++++++- 2 files changed, 60 insertions(+), 1 deletion(-) diff --git a/a/account.en b/a/account.en index cd5eaef..422b949 100644 --- a/a/account.en +++ b/a/account.en @@ -268,3 +268,17 @@
+ +

Request a password reset token

+
+
+ +
+ +

Reset password

+
+
+
+
+ +
diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm index 62bef32..bfc2e27 100644 --- a/lib/Plack/App/Gruntmaster.pm +++ b/lib/Plack/App/Gruntmaster.pm @@ -16,6 +16,9 @@ use Web::Simple; use Gruntmaster::Data; use Plack::App::Gruntmaster::HTML; +use Email::Sender::Simple qw/sendmail/; +use Email::Simple; + use warnings NONFATAL => 'all'; no warnings 'illegalproto'; @@ -259,7 +262,49 @@ sub dispatch_request{ purge '/log/'; [303, [Location => '/log/' . $newjob->id], []] - } + }, + + sub (/action/request-reset + %:username=) { + return reply 'Password resets are disabled' unless $ENV{GRUNTMASTER_RESET_FROM}; + my $user = db->user($_{username}); + return reply 'No such user' unless $user; + my $token = join ':', $user->make_reset_hmac; + my $body = < +Reset token: $token +EOF + my $email = Email::Simple->create( + header => [ + From => $ENV{GRUNTMASTER_RESET_FROM}, + To => $user->email, + Subject => 'Password reset token', + ], + body => $body, + ); + + my $ok = 0; + eval { + sendmail $email; + $ok = 1; + }; + return reply 'Email sent' if $ok; + reply "Failure sending email: $@"; + }, + + sub (/action/reset + %:username=&:password=&:token=) { + my $user = db->user($_{username}); + return reply 'No such user' unless $user; + my ($token, $exp) = split ':', $_{token}; + return reply 'Bad reset token' unless $user->make_reset_hmac($exp) eq $token; + $user->set_passphrase($_{password}); + reply 'Password reset successfully'; + }, } } -- 2.39.2