liquid_feedback_frontend: app/main/index/_action/reset

liquid_feedback_frontend

annotate app/main/index/_action/reset_password.lua @ 6:8d91bccab0bf

Version beta2

Possibility to browse voters of a closed issue

Registration with invite code

Email confirmation and password recovery

Download function (for database dumps) added

Critical bug solved, which made it impossible to select your opinion on other peoples suggestions

Catching error, when trying to set an opinion on a suggestion which has been meanwhile deleted

Fixed wrong sorting order for "supporters" or "potential supporters"

Added format info for birthday (Error when entering dates in wrong format is NOT fixed in this release)

Strip space characters from certain fields and ensure they contain at least 3 characters

Showing grade in opinion/list as clear text instead of integer value

More information on initiative is displayed while voting

Colored notification box shown on pages of issues or initiatives which are currently in voting state

Changed default filter for issues to "Open"

Back link on suggestion page

Some optical changes

Removed wrong space character in LICENSE file

author	bsw/jbe
date	Sat Jan 02 12:00:00 2010 +0100 (2010-01-02)
parents
children	bf735d8095aa

rev	line source
bsw/jbe@6	1 local secret = param.get("secret")
bsw/jbe@6	2
bsw/jbe@6	3 if not secret then
bsw/jbe@6	4
bsw/jbe@6	5 local member = Member:new_selector()
bsw/jbe@6	6 :add_where{ "login = ?", param.get("login") }
bsw/jbe@6	7 :add_where("password_reset_secret ISNULL OR password_reset_secret_expiry < now()")
bsw/jbe@6	8 :optional_object_mode()
bsw/jbe@6	9 :exec()
bsw/jbe@6	10
bsw/jbe@6	11 if member then
bsw/jbe@6	12 if not member.notify_email then
bsw/jbe@6	13 slot.put_into("error", _"Sorry, but there is not confirmed email address for your account. Please contact the administrator or support.")
bsw/jbe@6	14 return false
bsw/jbe@6	15 end
bsw/jbe@6	16 member.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
bsw/jbe@6	17 local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry
bsw/jbe@6	18 member.password_reset_secret_expiry = expiry
bsw/jbe@6	19 member:save()
bsw/jbe@6	20 local content = slot.use_temporary(function()
bsw/jbe@6	21 slot.put(_"Hello " .. member.name .. ",\n\n")
bsw/jbe@6	22 slot.put(_"to reset your password please click on the following link:\n\n")
bsw/jbe@6	23 slot.put(config.absolute_base_url .. "index/reset_password.html?secret=" .. member.password_reset_secret .. "\n\n")
bsw/jbe@6	24 slot.put(_"If this link is not working, please open following url in your web browser:\n\n")
bsw/jbe@6	25 slot.put(config.absolute_base_url .. "index/reset_password.html\n\n")
bsw/jbe@6	26 slot.put(_"On that page please enter the reset code:\n\n")
bsw/jbe@6	27 slot.put(member.password_reset_secret .. "\n\n")
bsw/jbe@6	28 end)
bsw/jbe@6	29 local success = net.send_mail{
bsw/jbe@6	30 envelope_from = config.mail_envelope_from,
bsw/jbe@6	31 from = config.mail_from,
bsw/jbe@6	32 reply_to = config.mail_reply_to,
bsw/jbe@6	33 to = member.notify_email,
bsw/jbe@6	34 subject = config.mail_subject_prefix .. _"Password reset request",
bsw/jbe@6	35 content_type = "text/plain; charset=UTF-8",
bsw/jbe@6	36 content = content
bsw/jbe@6	37 }
bsw/jbe@6	38 end
bsw/jbe@6	39
bsw/jbe@6	40 slot.put_into("notice", _"Reset link has been send for this member")
bsw/jbe@6	41
bsw/jbe@6	42 else
bsw/jbe@6	43 local member = Member:new_selector()
bsw/jbe@6	44 :add_where{ "password_reset_secret = ?", secret }
bsw/jbe@6	45 :add_where{ "password_reset_secret_expiry > now()" }
bsw/jbe@6	46 :optional_object_mode()
bsw/jbe@6	47 :exec()
bsw/jbe@6	48
bsw/jbe@6	49 if not member then
bsw/jbe@6	50 slot.put_into("error", _"Reset code is invalid!")
bsw/jbe@6	51 return false
bsw/jbe@6	52 end
bsw/jbe@6	53
bsw/jbe@6	54 local password1 = param.get("password1")
bsw/jbe@6	55 local password2 = param.get("password2")
bsw/jbe@6	56
bsw/jbe@6	57 if password1 ~= password2 then
bsw/jbe@6	58 slot.put_into("error", _"Passwords don't match!")
bsw/jbe@6	59 return false
bsw/jbe@6	60 end
bsw/jbe@6	61
bsw/jbe@6	62 if #password1 < 8 then
bsw/jbe@6	63 slot.put_into("error", _"Passwords must consist of at least 8 characters!")
bsw/jbe@6	64 return false
bsw/jbe@6	65 end
bsw/jbe@6	66
bsw/jbe@6	67 member:set_password(password1)
bsw/jbe@6	68 member.password_reset_secret = nil
bsw/jbe@6	69 member.password_reset_secret_expiry = nil
bsw/jbe@6	70 member:save()
bsw/jbe@6	71
bsw/jbe@6	72 slot.put_into("notice", _"Password has been reset successfully")
bsw/jbe@6	73
bsw/jbe@6	74 end