1 contributor
<%
use Mojo::Util 'md5_sum';
# API
my $api = gitprep_api;
# Operator
my $op = param('op') || '';
# Error
my $errors;
# Reset password
if ($op eq 'reset') {
# Sleep to protect password atack
sleep 3;
# Check existence admin user
my $admin_user = app->dbi->model('user')->select(id => 'admin')->one;
# Reset password
if ($admin_user) {
# Validation
my $params = $api->params;
my $rule = [
password => [
['not_blank' => 'Password is emplty'],
['ascii' => 'Password contain invalid character.'],
[{'length' => {max => 20}} => 'Password is too long.']
],
{password_check => [qw/password password2/]}
=> {copy => 0}
=> [
['duplication' => "Two password don't match"]
]
];
my $vresult = $self->app->validator->validate($params, $rule);
if ($vresult->is_ok) {
# Valid parameters
my $valid_params = $vresult->data;
my $id = 'admin';
my ($new_password, $salt)
= $api->sulted_md5_sum($valid_params->{password});
# Create admin user
my $dbi = app->dbi;
my $config_json = $dbi->model('user')->select(id => $id)->one;
if ($config) {
my $config = $api->json($config_json);
$config->{password} = $new_password;
$config->{salt} = $salt;
$self->app->dbi->model('user')->update({config => $config_json}, id => $id);
}
else { $errors = ['Internal Error'] }
# Redirect
flash(message => 'Password is reset');
$self->redirect_to('current');
}
else { $errors = $vresult->messages }
}
else { $errors = ['admin user no exists'] }
}
%>
% layout 'common';
%= include '/include/header';
<div class="container">
% if (flash($message)) {
<div class="alert alert-success">
<button type="button" class="close" data-dismiss="alert">×</button>
<div><%= $message %></div>
% }
% if ($errors) {
<div class="alert alert-error">
<button type="button" class="close" data-dismiss="alert">×</button>
% for my $error (@$errors) {
<div><%= $error %></div>
% }
</div>
% }
<div class="text-center"><h3>Reset Admin Password</h3></div>
<div class="well" style="background-color:white;padding-top:15px;padding-left:60px;width:300px;margin-left:auto;margin-right:auto">
<form action="<%= url_for->query(op => 'reset') %>" method="post">
<div class="control-group">
<label class="control-label" for="user-name">User name</label>
<div>
<b>admin</b>
</div>
</div>
<div class="control-group">
<label class="control-label" for="input-password">Password</label>
<div class="controls">
<%= password_field 'password', id => 'input-password', placeholder => 'Password' %>
<%= password_field 'password2', id => 'input-password', placeholder => 'Password Again' %>
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" class="btn">Reset Admin Password</button>
</div>
</div>
</form>
</div>
</div>
%= include '/include/footer';