liquid_feedback_frontend

changeset 1232:77dc363fa0be

Local function secret_token() in model/member.lua to create secret tokens for several purposes
author jbe
date Tue Dec 01 18:22:37 2015 +0100 (2015-12-01)
parents e7fc3fed1593
children ad207be24c7a
files model/member.lua
line diff
     1.1 --- a/model/member.lua	Tue Dec 01 18:12:00 2015 +0100
     1.2 +++ b/model/member.lua	Tue Dec 01 18:22:37 2015 +0100
     1.3 @@ -1,6 +1,14 @@
     1.4  Member = mondelefant.new_class()
     1.5  Member.table = 'member'
     1.6  
     1.7 +local function secret_token()
     1.8 +  local parts = {}
     1.9 +  for i = 1, 5 do
    1.10 +    parts[#parts+1] = multirand.string(5, "23456789bcdfghjkmnpqrstvwxyz")
    1.11 +  end
    1.12 +  return (table.concat(parts, "-"))
    1.13 +end
    1.14 +
    1.15  Member:add_reference{
    1.16    mode          = "1m",
    1.17    to            = "MemberHistory",
    1.18 @@ -549,7 +557,7 @@
    1.19    if not self.notify_email then
    1.20      return false
    1.21    end
    1.22 -  self.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
    1.23 +  self.password_reset_secret = secret_token()
    1.24    local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry
    1.25    self.password_reset_secret_expiry = expiry
    1.26    self:save()
    1.27 @@ -576,7 +584,7 @@
    1.28  
    1.29  function Member.object:send_invitation(template_file, subject)
    1.30    trace.disable()
    1.31 -  self.invite_code = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
    1.32 +  self.invite_code = secret_token()
    1.33    self:save()
    1.34    
    1.35    local subject = subject
    1.36 @@ -615,7 +623,7 @@
    1.37    trace.disable()
    1.38    local expiry = db:query("SELECT now() + '7 days'::interval as expiry", "object").expiry
    1.39    self.notify_email_unconfirmed = notify_email
    1.40 -  self.notify_email_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
    1.41 +  self.notify_email_secret = secret_token()
    1.42    self.notify_email_secret_expiry = expiry
    1.43    local content = slot.use_temporary(function()
    1.44      slot.put(_"Hello " .. self.name .. ",\n\n")

Impressum / About Us