liquid_feedback_frontend
changeset 1232:77dc363fa0be
Local function secret_token() in model/member.lua to create secret tokens for several purposes
author | jbe |
---|---|
date | Tue Dec 01 18:22:37 2015 +0100 (2015-12-01) |
parents | e7fc3fed1593 |
children | ad207be24c7a |
files | model/member.lua |
line diff
1.1 --- a/model/member.lua Tue Dec 01 18:12:00 2015 +0100 1.2 +++ b/model/member.lua Tue Dec 01 18:22:37 2015 +0100 1.3 @@ -1,6 +1,14 @@ 1.4 Member = mondelefant.new_class() 1.5 Member.table = 'member' 1.6 1.7 +local function secret_token() 1.8 + local parts = {} 1.9 + for i = 1, 5 do 1.10 + parts[#parts+1] = multirand.string(5, "23456789bcdfghjkmnpqrstvwxyz") 1.11 + end 1.12 + return (table.concat(parts, "-")) 1.13 +end 1.14 + 1.15 Member:add_reference{ 1.16 mode = "1m", 1.17 to = "MemberHistory", 1.18 @@ -549,7 +557,7 @@ 1.19 if not self.notify_email then 1.20 return false 1.21 end 1.22 - self.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" ) 1.23 + self.password_reset_secret = secret_token() 1.24 local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry 1.25 self.password_reset_secret_expiry = expiry 1.26 self:save() 1.27 @@ -576,7 +584,7 @@ 1.28 1.29 function Member.object:send_invitation(template_file, subject) 1.30 trace.disable() 1.31 - self.invite_code = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" ) 1.32 + self.invite_code = secret_token() 1.33 self:save() 1.34 1.35 local subject = subject 1.36 @@ -615,7 +623,7 @@ 1.37 trace.disable() 1.38 local expiry = db:query("SELECT now() + '7 days'::interval as expiry", "object").expiry 1.39 self.notify_email_unconfirmed = notify_email 1.40 - self.notify_email_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" ) 1.41 + self.notify_email_secret = secret_token() 1.42 self.notify_email_secret_expiry = expiry 1.43 local content = slot.use_temporary(function() 1.44 slot.put(_"Hello " .. self.name .. ",\n\n")