User: sits
Date: 08/09/07 23:49:38
Modified: template/en/default header.html.tmpl
t/Http/Method reset-password.t
lib/Codestriker/Model User.pm
lib/Codestriker/Http/Method ResetPasswordMethod.pm
AuthenticateMethod.pm
lib/Codestriker/Http Template.pm
lib/Codestriker/Action UpdatePassword.pm
Added: lib/Codestriker/Action Authenticate.pm
Log:
Now have the login screen working, and checking against the password
correctly. Now need to enforce the use of a login depending on what
is set in codestriker.conf so that older deployments are not affected.
Index: header.html.tmpl
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/template/en/default/header.html.tmpl,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- header.html.tmpl 23 Jun 2008 10:12:16 -0000 1.17
+++ header.html.tmpl 8 Sep 2008 06:49:37 -0000 1.18
@@ -18,6 +18,7 @@
[% END %]
| <a href="[% create_topic_url | html_entity %]">Create new topic</a>
[% IF searchlist_enabled != 0 %] | <a href="[% search_url | html_entity
%]">Search</a> [% END %]
+ [% IF login_url != "" %] | <a href="[% login_url %]">Log In</a>[% END %]
[% IF help != "" %] | <a href="[% doc_url | html_entity %]/[% help
%]">Help</a>[% END %]
</div>
[% END %]
Index: reset-password.t
===================================================================
RCS file: /cvsroot/codestriker/codestriker/t/Http/Method/reset-password.t,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- reset-password.t 7 Sep 2008 12:20:30 -0000 1.2
+++ reset-password.t 8 Sep 2008 06:49:37 -0000 1.3
@@ -1,7 +1,7 @@
# Tests for the ResetPassword method.
use strict;
-use Test::More tests => 3;
+use Test::More tests => 2;
use lib '../../../lib';
use Test::MockObject;
@@ -18,22 +18,10 @@
my $url_nice =
Codestriker::Http::Method::ResetPasswordMethod->new($mock_query, 0);
is($url_cgi->url(email => '[EMAIL PROTECTED]'),
- $mock_query->url() . '?action=reset_password&email=joe%40bloggs.com',
+ $mock_query->url() . '?action=reset_password',
"Reset password URL CGI syntax");
is($url_nice->url(email => '[EMAIL PROTECTED]',
challenge => 'abcdefg'),
- $mock_query->url() . '/user/joe%40bloggs.com/password/reset',
+ $mock_query->url() . '/users/reset',
"Reset password URL nice syntax");
-
-# Check that the parameters extracted correctly.
-my $mock_http_input = Test::MockObject->new();
-$mock_http_input->{query} = $mock_query;
-$mock_http_input->mock('extract_cgi_parameters', sub { return undef; });
-$mock_query->mock('path_info',
- sub {
- return '/user/joe%40bloggs.com/password/reset';
- });
-$mock_query->mock('param', sub { return undef; });
-$url_nice->extract_parameters($mock_http_input);
-is ($mock_http_input->{email}, '[EMAIL PROTECTED]', "email nice URL
parameter extraction");
Index: User.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Model/User.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- User.pm 8 Sep 2008 05:17:18 -0000 1.4
+++ User.pm 8 Sep 2008 06:49:37 -0000 1.5
@@ -70,6 +70,13 @@
return $count;
}
+# Checks if the specified password matches this user record.
+sub check_password {
+ my ($self, $password) = @_;
+
+ return crypt($password, $self->{password_hash}) eq
$self->{password_hash};
+}
+
# Update an existing user record with a new password.
sub update_password {
my ($self, $new_password) = @_;
Index: ResetPasswordMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ResetPasswordMethod.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ResetPasswordMethod.pm 8 Sep 2008 05:17:19 -0000 1.3
+++ ResetPasswordMethod.pm 8 Sep 2008 06:49:38 -0000 1.4
@@ -10,6 +10,7 @@
package Codestriker::Http::Method::ResetPasswordMethod;
use strict;
+use Carp;
use Codestriker::Http::Method;
use Codestriker::Action::ResetPassword;
@@ -20,11 +21,9 @@
my ($self, %args) = @_;
if ($self->{cgi_style}) {
- return $self->{url_prefix} . "?action=reset_password" .
- "&email=" . CGI::escape($args{email});
+ return $self->{url_prefix} . "?action=reset_password";
} else {
- return $self->{url_prefix} . "/user/" . CGI::escape($args{email}) .
- "/password/reset";
+ return $self->{url_prefix} . "/users/reset";
}
}
@@ -36,9 +35,8 @@
if ($self->{cgi_style} && defined $action && $action eq
"reset_password") {
$http_input->extract_cgi_parameters();
return 1;
- } elsif ($path_info =~ m{^/user/.*/password/reset$}) {
- $self->_extract_nice_parameters($http_input,
- user => 'email');
+ } elsif ($path_info eq '/users/reset') {
+ $self->_extract_nice_parameters($http_input);
return 1;
} else {
return 0;
Index: AuthenticateMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AuthenticateMethod.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- AuthenticateMethod.pm 7 Sep 2008 04:49:26 -0000 1.2
+++ AuthenticateMethod.pm 8 Sep 2008 06:49:38 -0000 1.3
@@ -11,6 +11,7 @@
use strict;
use Codestriker::Http::Method;
+use Codestriker::Action::Authenticate;
@Codestriker::Http::Method::AuthenticateMethod::ISA =
("Codestriker::Http::Method");
Index: Template.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Template.pm,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- Template.pm 6 Sep 2008 00:31:47 -0000 1.20
+++ Template.pm 8 Sep 2008 06:49:38 -0000 1.21
@@ -126,6 +126,7 @@
$vars->{'create_topic_url'} = $url_builder->create_topic_url();
$vars->{'search_url'} = $url_builder->search_url();
$vars->{'doc_url'} = $url_builder->doc_url();
+ $vars->{'login_url'} = $url_builder->login_url();
my $data = "";
my $rc = $self->{template}->process($self->{name} . "." . $self->{type}
. ".tmpl",
Index: UpdatePassword.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Action/UpdatePassword.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- UpdatePassword.pm 8 Sep 2008 05:17:19 -0000 1.1
+++ UpdatePassword.pm 8 Sep 2008 06:49:38 -0000 1.2
@@ -38,7 +38,7 @@
"Your password has not been changed.";
} else {
$user->update_password($password);
- $feedback = "Password has been updated.";
+ $feedback = "Your password has been updated.";
}
}
Index: Authenticate.pm
===================================================================
RCS file: Authenticate.pm
diff -N Authenticate.pm
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ Authenticate.pm 8 Sep 2008 06:49:38 -0000 1.1
@@ -0,0 +1,54 @@
+###############################################################################
+# Codestriker: Copyright (c) 2001, 2002 David Sitsky. All rights reserved.
+# [EMAIL PROTECTED]
+#
+# This program is free software; you can redistribute it and modify it under
+# the terms of the GPL.
+
+# Action object for authenticating a user.
+
+package Codestriker::Action::Authenticate;
+
+use strict;
+use Codestriker::Http::UrlBuilder;
+use Codestriker::Model::User;
+
+sub process {
+ my ($type, $http_input, $http_response) = @_;
+
+ my $query = $http_response->get_query();
+ my $email = $http_input->get('email');
+ my $password = $http_input->get('password');
+ my $redirect = $http_input->get('redirect');
+
+ my $feedback = "";
+
+ # Check if the account for this email address is valid.
+ if (!Codestriker::Model::User->exists($email)) {
+ $feedback = "The username or password you entered is not valid.";
+ } else {
+ my $user = Codestriker::Model::User->new($email);
+
+ # Check that the password entered is correct.
+ if (! $user->check_password($password)) {
+ $feedback = "The username or password you entered is not valid.";
+ }
+ }
+
+ # If there is feedback, redirect to the login screen.
+ my $url_builder = Codestriker::Http::UrlBuilder->new($query);
+ if ($feedback ne "") {
+ my $url = $url_builder->login_url(feedback => $feedback);
+ print $query->redirect(-URI => $url);
+ } else {
+ # Redirect to the specified URL, if present, otherwise go to the
default
+ # URL.
+ if (defined $redirect && $redirect ne "") {
+ print $query->redirect(-URI => $redirect);
+ } else {
+ print $query->redirect(-URI => $query->url());
+ }
+ }
+}
+
+1;
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Codestriker-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/codestriker-commits
