1 contributor
<%
# API
my $api = gitprep_api;
# Parameters
my $op = param('op') || '';
my $user = param('user');
my $reset_password_conf_on = app->config->{admin}{reset_password};
my $logined_admin = $api->logined_admin;
my $logined_user = $api->logined($user);
if ($reset_password_conf_on) {
my $admin_user = app->manager->admin_user;
$user = $admin_user ? $admin_user->{id} : undef;
}
elsif (!$logined_admin && !$logined_user) {
$self->redirect_to('/');
return;
}
# Error
my $errors;
# Reset password
if ($op eq 'reset') {
# Validation
my $params = $api->params;
my $rule = [
password => [
['not_blank' => 'Password is empty.'],
['ascii' => 'Password contains invalid character.'],
[{'length' => {max => 20}} => 'Password is too long.']
],
{password_check => [qw/password password2/]}
=> {copy => 0}
=> [
['duplication' => "Two password don't match"]
]
];
my $vresult = $self->app->vc->validate($params, $rule);
if ($vresult->is_ok) {
# Valid parameters
my $valid_params = $vresult->data;
my ($password_encrypted, $salt)
= $api->encrypt_password($valid_params->{password});
# Reset password
my $dbi = app->dbi;
my $count = $dbi->model('user')
->update({password => $password_encrypted, salt => $salt}, id => $user);
if ($count) {
# Redirect
my $messages = [];
push @$messages, "Success Reset Password: User $user password is changed";
if ($reset_password_conf_on) {
my $message = "Password is reseted. Don't forget"
. " to comment out reset_password option line from config file";
push @$messages, $message;
}
flash(messages => $messages);
if ($reset_password_conf_on) {
$self->redirect_to('current');
}
elsif ($logined_admin) {
my $url = url_for->query(user => $user);
$self->redirect_to($url);
}
else {
my $url = url_for->query(user => $user);
session(password => $password_encrypted);
$self->redirect_to($url);
}
return;
}
else { $errors = ["User $user don't exists"] }
}
else { $errors = $vresult->messages }
}
%>
% layout 'common', title => 'Reset password';
%= include '/include/header';
<!-- Reset password page -->
<div class="container">
% if (my $messages = flash('messages')) {
<div class="alert alert-success">
<button type="button" class="close" data-dismiss="alert">×</button>
% for my $message (@$messages) {
<div><%= $message %></div>
% }
</div>
% }
% if ($errors) {
<div class="alert alert-error">
<button type="button" class="close" data-dismiss="alert">×</button>
% for my $error (@$errors) {
<div><%= $error %></div>
% }
</div>
% }
<div class="text-center"><h3>Reset Password</h3></div>
<div class="well" style="background:white;padding-top:15px;padding-left:60px;width:300px;margin-left:auto;margin-right:auto">
<form action="<%= url_for->query(op => 'reset') %>" method="post">
<div class="control-group">
<label class="control-label" for="user-name">User name</label>
<div>
<b><%= $user %></b>
%= hidden_field user => $user;
</div>
</div>
<div class="control-group">
<label class="control-label" for="input-password">Password</label>
<div class="controls">
<%= password_field 'password', id => 'input-password', placeholder => 'Password' %>
<%= password_field 'password2', id => 'input-password', placeholder => 'Password Again' %>
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" class="btn">Reset Password</button>
</div>
</div>
</form>
</div>
% if ($logined_admin) {
<div class="text-center" style="margin-bottom:20px;font-size:120%"><a href="<%= url_for('_admin/users') %>">Users</a></div>
% }
</div>
%= include '/include/footer';