liquid_feedback_frontend
changeset 1231:e7fc3fed1593
Refactored password reset functionality
author | bsw |
---|---|
date | Tue Dec 01 18:12:00 2015 +0100 (2015-12-01) |
parents | 02772bc49467 |
children | 77dc363fa0be |
files | app/main/index/_action/reset_password.lua model/member.lua |
line diff
1.1 --- a/app/main/index/_action/reset_password.lua Tue Dec 01 17:55:08 2015 +0100 1.2 +++ b/app/main/index/_action/reset_password.lua Tue Dec 01 18:12:00 2015 +0100 1.3 @@ -15,28 +15,7 @@ 1.4 slot.put_into("error", _"Sorry, but there is not confirmed email address for your account. Please contact the administrator or support.") 1.5 return false 1.6 end 1.7 - member.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" ) 1.8 - local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry 1.9 - member.password_reset_secret_expiry = expiry 1.10 - member:save() 1.11 - local content = slot.use_temporary(function() 1.12 - slot.put(_"Hello " .. member.name .. ",\n\n") 1.13 - slot.put(_"to reset your password please click on the following link:\n\n") 1.14 - slot.put(request.get_absolute_baseurl() .. "index/reset_password.html?secret=" .. member.password_reset_secret .. "\n\n") 1.15 - slot.put(_"If this link is not working, please open following url in your web browser:\n\n") 1.16 - slot.put(request.get_absolute_baseurl() .. "index/reset_password.html\n\n") 1.17 - slot.put(_"On that page please enter the reset code:\n\n") 1.18 - slot.put(member.password_reset_secret .. "\n\n") 1.19 - end) 1.20 - local success = net.send_mail{ 1.21 - envelope_from = config.mail_envelope_from, 1.22 - from = config.mail_from, 1.23 - reply_to = config.mail_reply_to, 1.24 - to = member.notify_email, 1.25 - subject = config.mail_subject_prefix .. _"Password reset request", 1.26 - content_type = "text/plain; charset=UTF-8", 1.27 - content = content 1.28 - } 1.29 + member:send_password_reset_mail() 1.30 end 1.31 1.32 slot.put_into("notice", _"Your request has been processed.") 1.33 @@ -67,8 +46,6 @@ 1.34 end 1.35 1.36 member:set_password(password1) 1.37 - member.password_reset_secret = nil 1.38 - member.password_reset_secret_expiry = nil 1.39 member:save() 1.40 1.41 slot.put_into("notice", _"Password has been reset successfully")
2.1 --- a/model/member.lua Tue Dec 01 17:55:08 2015 +0100 2.2 +++ b/model/member.lua Tue Dec 01 18:12:00 2015 +0100 2.3 @@ -326,6 +326,8 @@ 2.4 end 2.5 2.6 self.password = hash 2.7 + self.password_reset_secret = nil 2.8 + self.password_reset_secret_expiry = nil 2.9 end 2.10 2.11 function Member.object:check_password(password) 2.12 @@ -542,6 +544,36 @@ 2.13 :add_where("activated NOTNULL AND active") 2.14 end 2.15 2.16 +function Member.object:send_password_reset_mail() 2.17 + trace.disable() 2.18 + if not self.notify_email then 2.19 + return false 2.20 + end 2.21 + self.password_reset_secret = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" ) 2.22 + local expiry = db:query("SELECT now() + '1 days'::interval as expiry", "object").expiry 2.23 + self.password_reset_secret_expiry = expiry 2.24 + self:save() 2.25 + local content = slot.use_temporary(function() 2.26 + slot.put(_"Hello " .. self.name .. ",\n\n") 2.27 + slot.put(_"to reset your password please click on the following link:\n\n") 2.28 + slot.put(request.get_absolute_baseurl() .. "index/reset_password.html?secret=" .. self.password_reset_secret .. "\n\n") 2.29 + slot.put(_"If this link is not working, please open following url in your web browser:\n\n") 2.30 + slot.put(request.get_absolute_baseurl() .. "index/reset_password.html\n\n") 2.31 + slot.put(_"On that page please enter the reset code:\n\n") 2.32 + slot.put(self.password_reset_secret .. "\n\n") 2.33 + end) 2.34 + local success = net.send_mail{ 2.35 + envelope_from = config.mail_envelope_from, 2.36 + from = config.mail_from, 2.37 + reply_to = config.mail_reply_to, 2.38 + to = self.notify_email, 2.39 + subject = config.mail_subject_prefix .. _"Password reset request", 2.40 + content_type = "text/plain; charset=UTF-8", 2.41 + content = content 2.42 + } 2.43 + return success 2.44 +end 2.45 + 2.46 function Member.object:send_invitation(template_file, subject) 2.47 trace.disable() 2.48 self.invite_code = multirand.string( 24, "23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz" )