User: sits
Date: 08/09/07 22:17:19
Modified: template/en/default newpassword.html.tmpl login.html.tmpl
lib/Codestriker/Model User.pm
lib/Codestriker/Http/Method UpdatePasswordMethod.pm
ResetPasswordMethod.pm
lib/Codestriker/Http UrlBuilder.pm Input.pm Dispatcher.pm
lib/Codestriker/Action ResetPassword.pm NewPassword.pm
Login.pm
Added: template/en/default createuser.html.tmpl adduser.html.tmpl
t/Http/Method create-new-user.t
lib/Codestriker/Http/Method CreateNewUserMethod.pm
AddNewUserMethod.pm
lib/Codestriker/Action UpdatePassword.pm CreateNewUser.pm
AddNewUser.pm
Log:
A whole stack of user functionality now works (registration,
forgetting password). Just need to actually implement the log-in
feature now.
Index: newpassword.html.tmpl
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/template/en/default/newpassword.html.tmpl,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- newpassword.html.tmpl 7 Sep 2008 12:20:29 -0000 1.1
+++ newpassword.html.tmpl 8 Sep 2008 05:17:18 -0000 1.2
@@ -1,9 +1,9 @@
-[%# Screen for the reset password form. #%]
+[%# Screen for the new password form. #%]
[% PROCESS header.html.tmpl version = version displaymenu = 1
- closehead = 1 subtitle = "Reset Password" %]
+ closehead = 1 subtitle = "New Password" %]
<p>
-Please enter your new password.
+Please enter your new password:
</p>
<form method="post" enctype="application/x-www-form-urlencoded" action="[%
action_url %]">
@@ -24,30 +24,10 @@
</tr>
</table>
- <input type="submit" name=".submit" value="Reset Password" />
+ <input type="submit" name=".submit" value="Submit New Password" />
</form>
-<!--
-<hr>
-
-<p>
-If you don't have a Codestriker account, you can create a new account.
-</p>
-
-<hr>
-
-<form method="post" enctype="application/x-www-form-urlencoded" action="[%
action_url %]">
- <input type="hidden" name="action" value="reset_password">
- <p>
- If you have an account, but have forgotten your password,
- enter your e-mail address below to generate a new password.
- </p>
- <input size="40" maxlength="80" name="email">
- <input type="submit" name=".submit2" value="Regenerate Password">
-</form>
--->
-
[% PROCESS trailer.html.tmpl %]
</body>
Index: login.html.tmpl
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/template/en/default/login.html.tmpl,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- login.html.tmpl 7 Sep 2008 04:49:26 -0000 1.1
+++ login.html.tmpl 8 Sep 2008 05:17:18 -0000 1.2
@@ -2,6 +2,12 @@
[% PROCESS header.html.tmpl version = version displaymenu = 1
closehead = 1 subtitle = "Login" %]
+
+[%# Display any "feedback" to the user if necessary. #%]
+[% IF feedback != '' %]
+ <span class="feedback">[% feedback %]</span>
+[% END %]
+
<p>
Please enter your email address and password to continue.
</p>
@@ -31,25 +37,23 @@
</form>
-<!--
<hr>
<p>
-If you don't have a Codestriker account, you can create a new account.
+If you don't have a Codestriker account, you can <a href="[% new_user_url
%]">create a new account</a>.
</p>
<hr>
-<form method="post" enctype="application/x-www-form-urlencoded" action="[%
action_url %]">
+<form method="post" enctype="application/x-www-form-urlencoded" action="[%
reset_password_url %]">
<input type="hidden" name="action" value="reset_password">
<p>
If you have an account, but have forgotten your password,
enter your e-mail address below to generate a new password.
</p>
<input size="40" maxlength="80" name="email">
- <input type="submit" name=".submit2" value="Regenerate Password">
+ <input type="submit" name=".submit2" value="Reset Password">
</form>
--->
[% PROCESS trailer.html.tmpl %]
Index: createuser.html.tmpl
===================================================================
RCS file: createuser.html.tmpl
diff -N createuser.html.tmpl
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ createuser.html.tmpl 8 Sep 2008 05:17:18 -0000 1.1
@@ -0,0 +1,34 @@
+[%# Screen for the create new user form. #%]
+
+[% PROCESS header.html.tmpl version = version displaymenu = 1
+ closehead = 1 subtitle = "Create new Account" %]
+
+[%# Display any "feedback" to the user if necessary. #%]
+[% IF feedback != '' %]
+ <span class="feedback">[% feedback %]</span>
+[% END %]
+
+<p>
+Please enter the email address of the new account.
+</p>
+
+<form method="post" enctype="application/x-www-form-urlencoded" action="[%
action_url %]">
+
+<input type="hidden" name="action" value="add_new_user" />
+ <table>
+ <tr>
+ <th align="right">E-mail address:</th>
+ <td>
+ <input size="40" maxlength="80" name="email">
+ </td>
+ </tr>
+ </table>
+
+ <input type="submit" name=".submit" value="Create new Account" />
+
+</form>
+
+[% PROCESS trailer.html.tmpl %]
+
+</body>
+</html>
Index: adduser.html.tmpl
===================================================================
RCS file: adduser.html.tmpl
diff -N adduser.html.tmpl
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ adduser.html.tmpl 8 Sep 2008 05:17:18 -0000 1.1
@@ -0,0 +1,15 @@
+[%# Screen for the add new user confirmation. #%]
+
+[% PROCESS header.html.tmpl version = version displaymenu = 1
+ closehead = 1 subtitle = "New Account" %]
+
+<p>
+An email has been sent containing instructions on completing registration for
+this new account. Please follow the instructions in this email to complete
+registration.
+</p>
+
+[% PROCESS trailer.html.tmpl %]
+
+</body>
+</html>
Index: create-new-user.t
===================================================================
RCS file: create-new-user.t
diff -N create-new-user.t
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ create-new-user.t 8 Sep 2008 05:17:18 -0000 1.1
@@ -0,0 +1,26 @@
+# Tests for the CreateNewUser method.
+
+use strict;
+use Test::More tests => 2;
+
+use lib '../../../lib';
+use Test::MockObject;
+use Codestriker;
+use Codestriker::Http::Method::CreateNewUserMethod;
+
+# Create a CGI mock object for these tests.
+my $mock_query = Test::MockObject->new();
+$mock_query->mock('url',
+ sub { 'http://localhost.localdomain/codestriker/codestriker.pl'
} );
+
+# Create two method objects to test each URL scheme.
+my $url_cgi =
Codestriker::Http::Method::CreateNewUserMethod->new($mock_query, 1);
+my $url_nice =
Codestriker::Http::Method::CreateNewUserMethod->new($mock_query, 0);
+
+is($url_cgi->url(),
+ $mock_query->url() . '?action=create_new_user',
+ "New user URL CGI syntax");
+
+is($url_nice->url(),
+ $mock_query->url() . '/users/create',
+ "New user URL nice syntax");
Index: User.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Model/User.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- User.pm 7 Sep 2008 04:49:26 -0000 1.3
+++ User.pm 8 Sep 2008 05:17:18 -0000 1.4
@@ -116,7 +116,7 @@
}
# Create a new user into the database with all of the specified properties.
-# Return the new password which has been assigned to the user.
+# Return the new challenge which has been assigned to the user.
sub create {
my ($type, $email, $admin) = @_;
@@ -148,7 +148,7 @@
# case where a user can update their password via a
# challenge/response protocol.
sub create_challenge {
- my ($self, $email) = @_;
+ my ($self) = @_;
# Obtain a database connection.
my $dbh = Codestriker::DB::DBI->get_connection();
@@ -163,7 +163,7 @@
$dbh->prepare_cached('UPDATE usertable ' .
'SET challenge = ? ' .
'WHERE email = ? ');
- $challenge_update->execute($self->{email}, $challenge);
+ $challenge_update->execute($challenge, $self->{email});
};
my $success = $@ ? 0 : 1;
Index: UpdatePasswordMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdatePasswordMethod.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- UpdatePasswordMethod.pm 7 Sep 2008 12:20:30 -0000 1.2
+++ UpdatePasswordMethod.pm 8 Sep 2008 05:17:19 -0000 1.3
@@ -11,6 +11,7 @@
use strict;
use Codestriker::Http::Method;
+use Codestriker::Action::UpdatePassword;
@Codestriker::Http::Method::UpdatePasswordMethod::ISA =
("Codestriker::Http::Method");
@@ -47,7 +48,7 @@
sub execute {
my ($self, $http_input, $http_output) = @_;
-# Codestriker::Action::UpdatePassword->process($http_input, $http_output);
+ Codestriker::Action::UpdatePassword->process($http_input, $http_output);
}
1;
Index: ResetPasswordMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ResetPasswordMethod.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- ResetPasswordMethod.pm 7 Sep 2008 12:20:30 -0000 1.2
+++ ResetPasswordMethod.pm 8 Sep 2008 05:17:19 -0000 1.3
@@ -11,6 +11,7 @@
use strict;
use Codestriker::Http::Method;
+use Codestriker::Action::ResetPassword;
@Codestriker::Http::Method::ResetPasswordMethod::ISA =
("Codestriker::Http::Method");
@@ -47,7 +48,7 @@
sub execute {
my ($self, $http_input, $http_output) = @_;
-# Codestriker::Action::UpdatePassword->process($http_input, $http_output);
+ Codestriker::Action::ResetPassword->process($http_input, $http_output);
}
1;
Index: CreateNewUserMethod.pm
===================================================================
RCS file: CreateNewUserMethod.pm
diff -N CreateNewUserMethod.pm
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ CreateNewUserMethod.pm 8 Sep 2008 05:17:19 -0000 1.1
@@ -0,0 +1,53 @@
+###############################################################################
+# Codestriker: Copyright (c) 2001, 2002 David Sitsky. All rights reserved.
+# [EMAIL PROTECTED]
+#
+# This program is free software; you can redistribute it and modify it under
+# the terms of the GPL.
+
+# Method for creating a new user.
+
+package Codestriker::Http::Method::CreateNewUserMethod;
+
+use strict;
+use Codestriker::Http::Method;
+use Codestriker::Action::CreateNewUser;
+
[EMAIL PROTECTED]::Http::Method::CreateNewUserMethod::ISA =
("Codestriker::Http::Method");
+
+# Generate a URL for this method.
+sub url() {
+ my ($self, %args) = @_;
+
+ if ($self->{cgi_style}) {
+ return $self->{url_prefix} . "?action=create_new_user" .
+ (defined $args{feedback} ? "&feedback=" .
CGI::escape($args{feedback}) : "");
+ } else {
+ return $self->{url_prefix} . "/users/create" .
+ (defined $args{feedback} ? "/feedback/" .
CGI::escape($args{feedback}) : "");
+ }
+}
+
+sub extract_parameters {
+ my ($self, $http_input) = @_;
+
+ my $action = $http_input->{query}->param('action');
+ my $path_info = $http_input->{query}->path_info();
+ if ($self->{cgi_style} && defined $action && $action eq
"create_new_user") {
+ $http_input->extract_cgi_parameters();
+ return 1;
+ } elsif ($path_info eq "/users/create") {
+ $self->_extract_nice_parameters($http_input);
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+sub execute {
+ my ($self, $http_input, $http_output) = @_;
+
+ Codestriker::Action::CreateNewUser->process($http_input, $http_output);
+}
+
+1;
Index: AddNewUserMethod.pm
===================================================================
RCS file: AddNewUserMethod.pm
diff -N AddNewUserMethod.pm
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ AddNewUserMethod.pm 8 Sep 2008 05:17:19 -0000 1.1
@@ -0,0 +1,50 @@
+###############################################################################
+# Codestriker: Copyright (c) 2001, 2002 David Sitsky. All rights reserved.
+# [EMAIL PROTECTED]
+#
+# This program is free software; you can redistribute it and modify it under
+# the terms of the GPL.
+
+# Method for handling the creation of a new user.
+
+package Codestriker::Http::Method::AddNewUserMethod;
+
+use strict;
+use Codestriker::Http::Method;
+
[EMAIL PROTECTED]::Http::Method::AddNewUserMethod::ISA =
("Codestriker::Http::Method");
+
+# Generate a URL for this method.
+sub url() {
+ my ($self, %args) = @_;
+
+ if ($self->{cgi_style}) {
+ return $self->{url_prefix} . "?action=add_new_user";
+ } else {
+ return $self->{url_prefix} . "/users/add";
+ }
+}
+
+sub extract_parameters {
+ my ($self, $http_input) = @_;
+
+ my $action = $http_input->{query}->param('action');
+ my $path_info = $http_input->{query}->path_info();
+ if ($self->{cgi_style} && defined $action && $action eq "add_new_user") {
+ $http_input->extract_cgi_parameters();
+ return 1;
+ } elsif ($path_info eq "/users/add") {
+ $self->_extract_nice_parameters($http_input);
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+sub execute {
+ my ($self, $http_input, $http_output) = @_;
+
+ Codestriker::Action::AddNewUser->process($http_input, $http_output);
+}
+
+1;
Index: UrlBuilder.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/UrlBuilder.pm,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -r1.52 -r1.53
--- UrlBuilder.pm 7 Sep 2008 12:20:31 -0000 1.52
+++ UrlBuilder.pm 8 Sep 2008 05:17:19 -0000 1.53
@@ -40,6 +40,8 @@
use Codestriker::Http::Method::NewPasswordMethod;
use Codestriker::Http::Method::UpdatePasswordMethod;
use Codestriker::Http::Method::ResetPasswordMethod;
+use Codestriker::Http::Method::CreateNewUserMethod;
+use Codestriker::Http::Method::AddNewUserMethod;
# Constructor for this class.
sub new {
@@ -260,5 +262,16 @@
return
Codestriker::Http::Method::AuthenticateMethod->new($self->{query})->url(%args);
}
+# Create the URL for creating a new user.
+sub create_new_user_url {
+ my ($self, %args) = @_;
+ return
Codestriker::Http::Method::CreateNewUserMethod->new($self->{query})->url(%args);
+}
+
+# Create the URL for adding a new user.
+sub add_new_user_url {
+ my ($self, %args) = @_;
+ return
Codestriker::Http::Method::AddNewUserMethod->new($self->{query})->url(%args);
+}
1;
Index: Input.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Input.pm,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -r1.52 -r1.53
--- Input.pm 7 Sep 2008 11:49:45 -0000 1.52
+++ Input.pm 8 Sep 2008 05:17:19 -0000 1.53
@@ -108,6 +108,8 @@
$self->{email_event} = $query->param('email_event');
$self->{redirect} = $query->param('redirect');
$self->{challenge} = $query->param('challenge');
+ $self->{password} = $query->param('password');
+ $self->{feedback} = $query->param('feedback');
# Set any missing parameters from the cookie.
my %cookie = Codestriker::Http::Cookie->get($query);
@@ -130,6 +132,7 @@
$self->{obsoletes} = "" if ! defined $self->{obsoletes};
$self->{default_to_head} = 0 if ! defined $self->{default_to_head};
$self->{email_event} = 1 if ! defined $self->{email_event};
+ $self->{feedback} = "" if ! defined $self->{feedback};
my @topic_metrics = $query->param('topic_metric');
$self->{topic_metric} = [EMAIL PROTECTED];
@@ -234,9 +237,6 @@
$self->{cc} = $self->make_canonical_email_list($self->{cc});
$self->{bug_ids} = $self->make_canonical_bug_list($self->{bug_ids});
$self->{comment_cc} =
$self->make_canonical_email_list($self->{comment_cc});
-
- # Initialise the feedback field to empty.
- $self->{feedback} = "";
}
# Return the query object associated with this object.
@@ -352,14 +352,14 @@
sub _untaint_email($$) {
my ($self, $name) = @_;
- $self->_untaint($name, '[\s]*[-_\w\.]{1,200}([EMAIL
PROTECTED],200})?[\s]*');
+ $self->_untaint($name, '[\s]*[-_\+\w\.]{1,200}([EMAIL
PROTECTED],200})?[\s]*');
}
# Untaint a list of email addresses.
sub _untaint_emails($$) {
my ($self, $name) = @_;
- $self->_untaint($name, '[\s]*([-_\w\.]{1,200}([EMAIL
PROTECTED],200})?[\s,;]*){1,100}[\s]*');
+ $self->_untaint($name, '[\s]*([-_\+\w\.]{1,200}([EMAIL
PROTECTED],200})?[\s,;]*){1,100}[\s]*');
}
# Untaint a list of bug ids.
Index: Dispatcher.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Dispatcher.pm,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- Dispatcher.pm 7 Sep 2008 12:20:31 -0000 1.13
+++ Dispatcher.pm 8 Sep 2008 05:17:19 -0000 1.14
@@ -43,6 +43,8 @@
use Codestriker::Http::Method::NewPasswordMethod;
use Codestriker::Http::Method::UpdatePasswordMethod;
use Codestriker::Http::Method::ResetPasswordMethod;
+use Codestriker::Http::Method::CreateNewUserMethod;
+use Codestriker::Http::Method::AddNewUserMethod;
# Initialise all of the methods that are known to the system.
# TODO: add configuration to the parameter.
@@ -87,6 +89,8 @@
push @methods, Codestriker::Http::Method::NewPasswordMethod->new($query);
push @methods,
Codestriker::Http::Method::UpdatePasswordMethod->new($query);
push @methods,
Codestriker::Http::Method::ResetPasswordMethod->new($query);
+ push @methods, Codestriker::Http::Method::AddNewUserMethod->new($query);
+ push @methods,
Codestriker::Http::Method::CreateNewUserMethod->new($query);
$self->{methods} = [EMAIL PROTECTED];
return bless $self, $type;
Index: ResetPassword.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Action/ResetPassword.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ResetPassword.pm 7 Sep 2008 11:49:45 -0000 1.1
+++ ResetPassword.pm 8 Sep 2008 05:17:19 -0000 1.2
@@ -5,30 +5,60 @@
# This program is free software; you can redistribute it and modify it under
# the terms of the GPL.
-# Action object for displaying the reset password page.
+# Action object for handling a reset password action.
package Codestriker::Action::ResetPassword;
use strict;
+use Net::SMTP;
use Codestriker::Http::UrlBuilder;
+use Codestriker::Model::User;
+use Codestriker::Action::AddNewUser;
-# Create an appropriate form for reseting the password.
sub process {
my ($type, $http_input, $http_response) = @_;
my $query = $http_response->get_query();
+ my $url_builder = Codestriker::Http::UrlBuilder->new($query);
+
+ my $email = $http_input->get('email');
+
+ # Check that the user account exists.
+ if (!Codestriker::Model::User->exists($email)) {
+ my $feedback = "Unknown user $email specified.";
+ my $login_url = $url_builder->login(email => $email,
+ feedback => $feedback);
+ print $query->redirect(-URI => $login_url);
+ return;
+ }
$http_response->generate_header(topic_title=>"Reset Password",
reload=>0, cache=>1);
- # Target URL to divert the post to.
- my $vars = {};
- my $url_builder = Codestriker::Http::UrlBuilder->new($query);
- $vars->{'action_url'} = $url_builder->update_password_url();
- $vars->{'challenge'} = $http_input->get('challenge');
- $vars->{'email'} = $http_input->get('email');
+ # Create a new challenge for this user.
+ my $user = Codestriker::Model::User->new($email);
+ my $challenge = $user->create_challenge();
+
+ # Now send out an email to the user with the magic URL so that they
+ # can prove they own this email address.
+ my $magic_url = $url_builder->new_password_url(email => $email,
+ challenge => $challenge);
+ Codestriker::Action::AddNewUser->_send_email($email,
+ "Reset Password for
Codestriker Account",
+ <<"END_EMAIL_TEXT"
+You have (or someone impersonating you has) requested to change your
+Codestriker password. To complete the change, visit the following link:
+
+$magic_url
+
+If you are not the person who made this request, or you wish to cancel
+this request, simply ignore and delete this email.
+END_EMAIL_TEXT
+);
+ # Show the post reset-password screen.
my $template = Codestriker::Http::Template->new("resetpassword");
+ my $vars = {};
$template->process($vars);
$http_response->generate_footer();
Index: NewPassword.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Action/NewPassword.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- NewPassword.pm 7 Sep 2008 12:20:31 -0000 1.1
+++ NewPassword.pm 8 Sep 2008 05:17:19 -0000 1.2
@@ -17,6 +17,8 @@
my ($type, $http_input, $http_response) = @_;
my $query = $http_response->get_query();
+ my $email = $http_input->get('email');
+ my $challenge = $http_input->get('challenge');
$http_response->generate_header(topic_title=>"New Password",
reload=>0, cache=>1);
@@ -24,9 +26,9 @@
# Target URL to divert the post to.
my $vars = {};
my $url_builder = Codestriker::Http::UrlBuilder->new($query);
- $vars->{'action_url'} = $url_builder->update_password_url();
- $vars->{'challenge'} = $http_input->get('challenge');
- $vars->{'email'} = $http_input->get('email');
+ $vars->{'action_url'} = $url_builder->update_password_url(email =>
$email);
+ $vars->{'email'} = $email;
+ $vars->{'challenge'} = $challenge;
my $template = Codestriker::Http::Template->new("newpassword");
$template->process($vars);
Index: Login.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Action/Login.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Login.pm 7 Sep 2008 04:49:27 -0000 1.1
+++ Login.pm 8 Sep 2008 05:17:19 -0000 1.2
@@ -25,6 +25,9 @@
my $vars = {};
my $url_builder = Codestriker::Http::UrlBuilder->new($query);
$vars->{'action_url'} = $url_builder->authenticate_url();
+ $vars->{'new_user_url'} = $url_builder->create_new_user_url();
+ $vars->{'reset_password_url'} = $url_builder->reset_password_url();
+ $vars->{'feedback'} = $http_input->get('feedback');
my $template = Codestriker::Http::Template->new("login");
$template->process($vars);
Index: UpdatePassword.pm
===================================================================
RCS file: UpdatePassword.pm
diff -N UpdatePassword.pm
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ UpdatePassword.pm 8 Sep 2008 05:17:19 -0000 1.1
@@ -0,0 +1,51 @@
+###############################################################################
+# Codestriker: Copyright (c) 2001, 2002 David Sitsky. All rights reserved.
+# [EMAIL PROTECTED]
+#
+# This program is free software; you can redistribute it and modify it under
+# the terms of the GPL.
+
+# Action object for updating the password for a user account.
+
+package Codestriker::Action::UpdatePassword;
+
+use strict;
+use Codestriker::Http::UrlBuilder;
+use Codestriker::Model::User;
+
+# Try to update the user's password assuming the challenge/response
+# is correct, then redirect to the login screen with the appropriate
+# feedback.
+sub process {
+ my ($type, $http_input, $http_response) = @_;
+
+ my $query = $http_response->get_query();
+ my $email = $http_input->get('email');
+ my $challenge = $http_input->get('challenge');
+ my $password = $http_input->get('password');
+
+ my $feedback = "";
+
+ # Check if the account for this email address is valid.
+ if (!Codestriker::Model::User->exists($email)) {
+ $feedback = "Unknown user $email specified.";
+ } else {
+ my $user = Codestriker::Model::User->new($email);
+
+ # Check that the challenge specified is correct.
+ if ($user->{challenge} ne $challenge) {
+ $feedback = "Challenge specified is incorrect. " .
+ "Your password has not been changed.";
+ } else {
+ $user->update_password($password);
+ $feedback = "Password has been updated.";
+ }
+ }
+
+ # Redirect to the login screen with the appropriate feedback.
+ my $url_builder = Codestriker::Http::UrlBuilder->new($query);
+ my $url = $url_builder->login_url(feedback => $feedback);
+ print $query->redirect(-URI => $url);
+}
+
+1;
Index: CreateNewUser.pm
===================================================================
RCS file: CreateNewUser.pm
diff -N CreateNewUser.pm
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ CreateNewUser.pm 8 Sep 2008 05:17:19 -0000 1.1
@@ -0,0 +1,36 @@
+###############################################################################
+# Codestriker: Copyright (c) 2001, 2002 David Sitsky. All rights reserved.
+# [EMAIL PROTECTED]
+#
+# This program is free software; you can redistribute it and modify it under
+# the terms of the GPL.
+
+# Action object for displaying the create new user page.
+
+package Codestriker::Action::CreateNewUser;
+
+use strict;
+use Codestriker::Http::UrlBuilder;
+
+# Create an appropriate form for creating a new user.
+sub process {
+ my ($type, $http_input, $http_response) = @_;
+
+ my $query = $http_response->get_query();
+
+ $http_response->generate_header(topic_title=>"Create User",
+ reload=>0, cache=>1);
+
+ # Target URL to divert the post to.
+ my $vars = {};
+ my $url_builder = Codestriker::Http::UrlBuilder->new($query);
+ $vars->{'action_url'} = $url_builder->add_new_user_url();
+ $vars->{'feedback'} = $http_input->get('feedback');
+
+ my $template = Codestriker::Http::Template->new("createuser");
+ $template->process($vars);
+
+ $http_response->generate_footer();
+}
+
+1;
Index: AddNewUser.pm
===================================================================
RCS file: AddNewUser.pm
diff -N AddNewUser.pm
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ AddNewUser.pm 8 Sep 2008 05:17:19 -0000 1.1
@@ -0,0 +1,123 @@
+###############################################################################
+# Codestriker: Copyright (c) 2001, 2002 David Sitsky. All rights reserved.
+# [EMAIL PROTECTED]
+#
+# This program is free software; you can redistribute it and modify it under
+# the terms of the GPL.
+
+# Action object for handling the creation of a new user account.
+
+package Codestriker::Action::AddNewUser;
+
+use strict;
+use Net::SMTP;
+use Codestriker::Http::UrlBuilder;
+use Codestriker::Model::User;
+
+sub process {
+ my ($type, $http_input, $http_response) = @_;
+
+ my $query = $http_response->get_query();
+ my $url_builder = Codestriker::Http::UrlBuilder->new($query);
+
+ my $email = $http_input->get('email');
+
+ # Check that the user account doesn't already exist.
+ if (Codestriker::Model::User->exists($email)) {
+ my $feedback = "User account $email already exists.";
+ my $url = $url_builder->create_new_user_url(email => $email,
+ feedback => $feedback);
+ print $query->redirect(-URI => $url);
+ return;
+ }
+
+ $http_response->generate_header(topic_title=>"Add Account",
+ reload=>0, cache=>1);
+
+ # Add the new user to the system.
+ Codestriker::Action::AddNewUser->add_new_user($email, 0, $url_builder);
+
+ # Now indicate that the operation has succeeded.
+ my $template = Codestriker::Http::Template->new("adduser");
+ my $vars = {};
+ $template->process($vars);
+
+ $http_response->generate_footer();
+}
+
+# Add a new user to the system, and send out a challenge/response
+# to the specified email address. This method assumes the email
+# address does not already exist.
+sub add_new_user {
+ my ($type, $email, $admin, $url_builder) = @_;
+
+ # Add the new user to the system.
+ Codestriker::Model::User->create($email, $admin);
+
+ # Set a new challenge for this user.
+ my $user = Codestriker::Model::User->new($email);
+ my $challenge = $user->create_challenge();
+
+ # Now send them an email so that they can respond to the
+ # challenge, and prove they own the specified email address.
+ my $magic_url = $url_builder->new_password_url(email => $email,
+ challenge => $challenge);
+ Codestriker::Action::AddNewUser->_send_email($email,
+ "New Codestriker Account",
+ <<"END_EMAIL_TEXT"
+You have (or someone impersonating you has) requested a Codestriker
+account with this email address: $email. To complete registration,
+visit the following link:
+
+$magic_url
+
+If you are not the person who made this request, or you wish to cancel
+this request, simply ignore and delete this email.
+END_EMAIL_TEXT
+);
+
+}
+
+# Send an email to the end-user with new/update account information.
+sub _send_email {
+ my ($type, $email, $subject, $body) = @_;
+
+ # Send out an email to the user containing the magic URL so that they
+ # can prove they own this email address.
+ my $smtp = Net::SMTP->new($Codestriker::mailhost);
+ defined $smtp || die "Unable to connect to mail server: $!";
+
+ # Perform SMTP authentication if required.
+ if (defined $Codestriker::mailuser && $Codestriker::mailuser ne "" &&
+ defined $Codestriker::mailpasswd) {
+ eval 'use Authen::SASL';
+ die "Unable to load Authen::SASL module: [EMAIL PROTECTED]" if $@;
+ $smtp->auth($Codestriker::mailuser, $Codestriker::mailpasswd);
+ }
+
+ # Set the from/to addresses.
+ $smtp->mail("codestriker");
+ $smtp->ok() || die "Couldn't set sender to \"codestriker\": $!, " .
+ $smtp->message();
+ $smtp->recipient($email);
+ $smtp->ok() || die "Couldn't set recipient to \"$email\" $!, " .
+ $smtp->message();
+
+ # Set the email text.
+ $smtp->data();
+ $smtp->datasend("From: codestriker\n");
+ $smtp->datasend("To: $email\n");
+ $smtp->datasend("Subject: $subject\n");
+
+ # Insert the email body.
+ $smtp->datasend("\n");
+ $smtp->datasend($body);
+
+ # Now send the email.
+ $smtp->dataend();
+ $smtp->ok() || die "Couldn't send email $!, " . $smtp->message();
+ $smtp->quit();
+ $smtp->ok() || die "Couldn't send email $!, " . $smtp->message();
+}
+
+1;
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Codestriker-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/codestriker-commits
