1 contributor
<%
# API
my $api = gitprep_api;
# Parameters
my $op = param('op') || '';
my $user = param('user');
my $reset_password_conf_on = app->config->{admin}{reset_password};
my $logined_admin = $api->logined_admin;
my $logined_user = $api->logined($user);
if ($reset_password_conf_on) {
my $admin_user = app->manager->admin_user;
$user = $admin_user ? $admin_user->{id} : undef;
}
elsif (!$logined_admin && !$logined_user) {
$self->redirect_to('/');
return;
}
# Error
my $errors;
# Reset password
if ($op eq 'reset') {
# Parameters
my $password = param('password');
my $password2 = param('password2');
# Validator
my $vc = app->vc;
# Validation result
my $validation = $vc->validation;
# "password" check
if (!(defined $password && length $password)) {
$validation->add_failed(password => "Password is empty.");
}
elsif (!$vc->check($password, 'ascii_graphic')) {
$validation->add_failed(password => 'Password contains invalid character.');
}
elsif ($password ne $password2) {
$validation->add_failed(password => "Two password don't match");
}
if ($validation->is_valid) {
# Valid parameters
my ($password_encrypted, $salt) = $api->encrypt_password($password);
# Reset password
my $dbi = app->dbi;
my $count = $dbi->model('user')->update(
{password => $password_encrypted, salt => $salt},
where => {id => $user}
);
if ($count) {
# Redirect
my $messages = [];
push @$messages, "Success Reset Password: User $user password is changed";
if ($reset_password_conf_on) {
my $message = "Password is reseted. Don't forget"
. " to comment out reset_password option line from config file";
push @$messages, $message;
}
flash(messages => $messages);
if ($reset_password_conf_on) {
$self->redirect_to('current');
}
elsif ($logined_admin) {
my $url = url_for->query(user => $user);
$self->redirect_to($url);
}
else {
my $url = url_for->query(user => $user);
session(password => $password_encrypted);
$self->redirect_to($url);
}
return;
}
else { $errors = ["User $user don't exists"] }
}
else { $errors = $validation->messages }
}
%>
% layout 'common', title => 'Reset password';
%= include '/include/header';
<!-- Reset password page -->
<div class="container">
% if (my $messages = flash('messages')) {
<div class="alert alert-success">
<button type="button" class="close" data-dismiss="alert">×</button>
% for my $message (@$messages) {
<div><%= $message %></div>
% }
</div>
% }
% if ($errors) {
<div class="alert alert-error">
<button type="button" class="close" data-dismiss="alert">×</button>
% for my $error (@$errors) {
<div><%= $error %></div>
% }
</div>
% }
<div class="topic1" style="text-align:center"><h3>Reset Password</h3></div>
<form class="user-form" action="<%= url_for->query(op => 'reset') %>" method="post">
<div class="user-form-container">
<div>User name</div>
<div style="margin:1px 0 10px 0">
<b><%= $user %></b>
%= hidden_field user => $user;
</div>
<div>
<div>Password</div>
<div>
<%= password_field 'password', id => 'input-password', placeholder => 'Password' %>
<%= password_field 'password2', id => 'input-password', placeholder => 'Password Again' %>
</div>
</div>
<div style="margin-top:20px">
<button type="submit" class="btn btn-green btn-new">Reset Password</button>
</div>
</div>
</form>
% if ($logined_admin) {
<div style="text-align:center;margin:20px 0;font-size:120%"><a href="<%= url_for('_admin/users') %>">Users</a></div>
% }
</div>
%= include '/include/footer';