liquid_feedback_frontend

annotate app/main/index/_action/reset_password.lua @ 81:134fce4bede3

find changesets by author, revision, files, or words in the commit message
Cache for rendered wiki texts; Accountless API keys; Reverse id order for initiative API
- Support for caching html version of drafts
- Using pre-rendered html versions of help messages
- Added Support for api keys not connected to an account
- Added order option "id_desc" to initiative API
author bsw
date Sat Jul 24 17:22:05 2010 +0200 (2010-07-24)
parents 8d91bccab0bf
children bf735d8095aa
rev   line source
bsw/jbe@6 1 local secret = param.get("secret")
bsw/jbe@6 2
bsw/jbe@6 3 if not secret then
bsw/jbe@6 4
bsw/jbe@6 5 local member = Member:new_selector()
bsw/jbe@6 6 :add_where{ "login = ?", param.get("login") }
bsw/jbe@6 7 :add_where("password_reset_secret ISNULL OR password_reset_secret_expiry < now()")
bsw/jbe@6 8 :optional_object_mode()
bsw/jbe@6 9 :exec()
bsw/jbe@6 10
bsw/jbe@6 11 if member then
bsw/jbe@6 12 if not member.notify_email then
bsw/jbe@6 13 slot.put_into("error", _"Sorry, but there is not confirmed email address for your account. Please contact the administrator or support.")
bsw/jbe@6 14 return false
bsw/jbe@6 15 end
bsw/jbe@6 16 member.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
bsw/jbe@6 17 local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry
bsw/jbe@6 18 member.password_reset_secret_expiry = expiry
bsw/jbe@6 19 member:save()
bsw/jbe@6 20 local content = slot.use_temporary(function()
bsw/jbe@6 21 slot.put(_"Hello " .. member.name .. ",\n\n")
bsw/jbe@6 22 slot.put(_"to reset your password please click on the following link:\n\n")
bsw/jbe@6 23 slot.put(config.absolute_base_url .. "index/reset_password.html?secret=" .. member.password_reset_secret .. "\n\n")
bsw/jbe@6 24 slot.put(_"If this link is not working, please open following url in your web browser:\n\n")
bsw/jbe@6 25 slot.put(config.absolute_base_url .. "index/reset_password.html\n\n")
bsw/jbe@6 26 slot.put(_"On that page please enter the reset code:\n\n")
bsw/jbe@6 27 slot.put(member.password_reset_secret .. "\n\n")
bsw/jbe@6 28 end)
bsw/jbe@6 29 local success = net.send_mail{
bsw/jbe@6 30 envelope_from = config.mail_envelope_from,
bsw/jbe@6 31 from = config.mail_from,
bsw/jbe@6 32 reply_to = config.mail_reply_to,
bsw/jbe@6 33 to = member.notify_email,
bsw/jbe@6 34 subject = config.mail_subject_prefix .. _"Password reset request",
bsw/jbe@6 35 content_type = "text/plain; charset=UTF-8",
bsw/jbe@6 36 content = content
bsw/jbe@6 37 }
bsw/jbe@6 38 end
bsw/jbe@6 39
bsw/jbe@6 40 slot.put_into("notice", _"Reset link has been send for this member")
bsw/jbe@6 41
bsw/jbe@6 42 else
bsw/jbe@6 43 local member = Member:new_selector()
bsw/jbe@6 44 :add_where{ "password_reset_secret = ?", secret }
bsw/jbe@6 45 :add_where{ "password_reset_secret_expiry > now()" }
bsw/jbe@6 46 :optional_object_mode()
bsw/jbe@6 47 :exec()
bsw/jbe@6 48
bsw/jbe@6 49 if not member then
bsw/jbe@6 50 slot.put_into("error", _"Reset code is invalid!")
bsw/jbe@6 51 return false
bsw/jbe@6 52 end
bsw/jbe@6 53
bsw/jbe@6 54 local password1 = param.get("password1")
bsw/jbe@6 55 local password2 = param.get("password2")
bsw/jbe@6 56
bsw/jbe@6 57 if password1 ~= password2 then
bsw/jbe@6 58 slot.put_into("error", _"Passwords don't match!")
bsw/jbe@6 59 return false
bsw/jbe@6 60 end
bsw/jbe@6 61
bsw/jbe@6 62 if #password1 < 8 then
bsw/jbe@6 63 slot.put_into("error", _"Passwords must consist of at least 8 characters!")
bsw/jbe@6 64 return false
bsw/jbe@6 65 end
bsw/jbe@6 66
bsw/jbe@6 67 member:set_password(password1)
bsw/jbe@6 68 member.password_reset_secret = nil
bsw/jbe@6 69 member.password_reset_secret_expiry = nil
bsw/jbe@6 70 member:save()
bsw/jbe@6 71
bsw/jbe@6 72 slot.put_into("notice", _"Password has been reset successfully")
bsw/jbe@6 73
bsw/jbe@6 74 end

Impressum / About Us