liquid_feedback_frontend

changeset 1231:e7fc3fed1593

find changesets by author, revision, files, or words in the commit message
Refactored password reset functionality
author bsw
date Tue Dec 01 18:12:00 2015 +0100 (2015-12-01)
parents 02772bc49467
children 77dc363fa0be
files app/main/index/_action/reset_password.lua model/member.lua
line diff
     1.1 --- a/app/main/index/_action/reset_password.lua	Tue Dec 01 17:55:08 2015 +0100
     1.2 +++ b/app/main/index/_action/reset_password.lua	Tue Dec 01 18:12:00 2015 +0100
     1.3 @@ -15,28 +15,7 @@
     1.4        slot.put_into("error", _"Sorry, but there is not confirmed email address for your account. Please contact the administrator or support.")
     1.5        return false
     1.6      end
     1.7 -    member.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
     1.8 -    local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry
     1.9 -    member.password_reset_secret_expiry = expiry
    1.10 -    member:save()
    1.11 -    local content = slot.use_temporary(function()
    1.12 -      slot.put(_"Hello " .. member.name .. ",\n\n")
    1.13 -      slot.put(_"to reset your password please click on the following link:\n\n")
    1.14 -      slot.put(request.get_absolute_baseurl() .. "index/reset_password.html?secret=" .. member.password_reset_secret .. "\n\n")
    1.15 -      slot.put(_"If this link is not working, please open following url in your web browser:\n\n")
    1.16 -      slot.put(request.get_absolute_baseurl() .. "index/reset_password.html\n\n")
    1.17 -      slot.put(_"On that page please enter the reset code:\n\n")
    1.18 -      slot.put(member.password_reset_secret .. "\n\n")
    1.19 -    end)
    1.20 -    local success = net.send_mail{
    1.21 -      envelope_from = config.mail_envelope_from,
    1.22 -      from          = config.mail_from,
    1.23 -      reply_to      = config.mail_reply_to,
    1.24 -      to            = member.notify_email,
    1.25 -      subject       = config.mail_subject_prefix .. _"Password reset request",
    1.26 -      content_type  = "text/plain; charset=UTF-8",
    1.27 -      content       = content
    1.28 -    }
    1.29 +    member:send_password_reset_mail()
    1.30    end
    1.31  
    1.32    slot.put_into("notice", _"Your request has been processed.")
    1.33 @@ -67,8 +46,6 @@
    1.34    end
    1.35  
    1.36    member:set_password(password1)
    1.37 -  member.password_reset_secret = nil
    1.38 -  member.password_reset_secret_expiry = nil
    1.39    member:save()
    1.40  
    1.41    slot.put_into("notice", _"Password has been reset successfully")

     2.1 --- a/model/member.lua	Tue Dec 01 17:55:08 2015 +0100
     2.2 +++ b/model/member.lua	Tue Dec 01 18:12:00 2015 +0100
     2.3 @@ -326,6 +326,8 @@
     2.4    end
     2.5    
     2.6    self.password = hash
     2.7 +  self.password_reset_secret = nil
     2.8 +  self.password_reset_secret_expiry = nil
     2.9  end
    2.10  
    2.11  function Member.object:check_password(password)
    2.12 @@ -542,6 +544,36 @@
    2.13      :add_where("activated NOTNULL AND active")
    2.14  end
    2.15  
    2.16 +function Member.object:send_password_reset_mail()
    2.17 +  trace.disable()
    2.18 +  if not self.notify_email then
    2.19 +    return false
    2.20 +  end
    2.21 +  self.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )
    2.22 +  local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry
    2.23 +  self.password_reset_secret_expiry = expiry
    2.24 +  self:save()
    2.25 +  local content = slot.use_temporary(function()
    2.26 +    slot.put(_"Hello " .. self.name .. ",\n\n")
    2.27 +    slot.put(_"to reset your password please click on the following link:\n\n")
    2.28 +    slot.put(request.get_absolute_baseurl() .. "index/reset_password.html?secret=" .. self.password_reset_secret .. "\n\n")
    2.29 +    slot.put(_"If this link is not working, please open following url in your web browser:\n\n")
    2.30 +    slot.put(request.get_absolute_baseurl() .. "index/reset_password.html\n\n")
    2.31 +    slot.put(_"On that page please enter the reset code:\n\n")
    2.32 +    slot.put(self.password_reset_secret .. "\n\n")
    2.33 +  end)
    2.34 +  local success = net.send_mail{
    2.35 +    envelope_from = config.mail_envelope_from,
    2.36 +    from          = config.mail_from,
    2.37 +    reply_to      = config.mail_reply_to,
    2.38 +    to            = self.notify_email,
    2.39 +    subject       = config.mail_subject_prefix .. _"Password reset request",
    2.40 +    content_type  = "text/plain; charset=UTF-8",
    2.41 +    content       = content
    2.42 +  }
    2.43 +  return success
    2.44 +end
    2.45 +
    2.46  function Member.object:send_invitation(template_file, subject)
    2.47    trace.disable()
    2.48    self.invite_code = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )

Impressum / About Us