GitPrep
Login
gitprep / templates / reset-password.html.ep /
Yuki Kimoto improved password encrypt system
15f878f 11 years ago
1 contributor
114 lines | 3.431kb 
<%
  use Mojo::Util 'md5_sum';
  
  # API
  my $api = gitprep_api;
  
  # Operator
  my $op = param('op') || '';
  
  # Error
  my $errors;
  
  # Reset password
  if ($op eq 'reset') {
    
    # Sleep to protect password atack
    sleep 3;
    
    # Check existence admin user
    my $admin_user = app->dbi->model('user')->select(id => 'admin')->one;
    
    # Reset password
    if ($admin_user) {
      # Validation
      my $params = $api->params;
      my $rule = [
        password => [
          ['not_blank' => 'Password is emplty'],
          ['ascii' => 'Password contain invalid character.'],
          [{'length' => {max => 20}} => 'Password is too long.']
        ],
        {password_check => [qw/password password2/]}
          => {copy => 0}
          => [
            ['duplication' => "Two password don't match"]
          ]
      ];
      my $vresult = $self->app->validator->validate($params, $rule);
      
      if ($vresult->is_ok) {
        
        # Valid parameters
        my $valid_params = $vresult->data;
        my $id = 'admin';
        my ($new_password, $salt)
          = $api->sulted_md5_sum($valid_params->{password});
        
        # Create admin user
        my $dbi = app->dbi;
        
        my $config_json = $dbi->model('user')->select(id => $id)->one;
        if ($config) {
          my $config = $api->json($config_json);
          $config->{password} = $new_password;
          $config->{salt} = $salt;
          $self->app->dbi->model('user')->update({config => $config_json}, id => $id);
        }
        else { $errors = ['Internal Error'] }
        
        # Redirect
        flash(message => 'Password is reset');
        $self->redirect_to('current');
      }
      else { $errors = $vresult->messages }
    }
    else { $errors = ['admin user no exists'] }
  }
%>

% layout 'common';

  %= include '/include/header';

  <div class="container">
    % if (flash($message)) {
      <div class="alert alert-success">
        <button type="button" class="close" data-dismiss="alert">&times;</button>
        <div><%= $message %></div>
    % }
    
    % if ($errors) {
      <div class="alert alert-error">
        <button type="button" class="close" data-dismiss="alert">&times;</button>
        % for my $error (@$errors) {
          <div><%= $error %></div>
        % }
      </div>
    % }
    <div class="text-center"><h3>Reset Admin Password</h3></div>
    <div class="well" style="background-color:white;padding-top:15px;padding-left:60px;width:300px;margin-left:auto;margin-right:auto">
      <form action="<%= url_for->query(op => 'reset') %>" method="post">
        <div class="control-group">
          <label class="control-label" for="user-name">User name</label>
          <div>
            <b>admin</b>
          </div>
        </div>
        <div class="control-group">
          <label class="control-label" for="input-password">Password</label>
          <div class="controls">
            <%= password_field 'password', id => 'input-password', placeholder => 'Password' %>
            <%= password_field 'password2', id => 'input-password', placeholder => 'Password Again' %>
          </div>
        </div>
        <div class="control-group">
          <div class="controls">
            <button type="submit" class="btn">Reset Admin Password</button>
          </div>
        </div>
      </form>
    </div>
  </div>

  %= include '/include/footer';
Gitprep Version v2.6_dev build on Mojolicious