Changeset 1640 for trunk

Timestamp:

01/18/16 23:32:48 (8 years ago)

Author:

nanardon

Message:

Add basic functions for anonymous password reset

Location:

trunk/LATMOS-Accounts

Files:

• MANIFEST (modified) (2 diffs)
• bin/la-sql-reset-passwd (added)
• bin/la-sql-upgrade.in (modified) (1 diff)
• lib/LATMOS/Accounts/Bases/Sql/User.pm (modified) (2 diffs)
• templates/mail/passwordreset.mail (added)

trunk/LATMOS-Accounts/MANIFEST

@@ -32 +32 @@
 bin/la-sql-log
 bin/la-sql-rename-host
+bin/la-sql-reset-passwd
 bin/la-sql-rev
 bin/la-sql-runstat
@@ -176 +177 @@
 templates/mail/account_expire.mail
 templates/mail/account_expired_reminder.mail
+templates/mail/passwordreset.mail
 testdata/acls1
 testdata/acls2

trunk/LATMOS-Accounts/bin/la-sql-upgrade.in

@@ -883 +883 @@
 
         ],
-    }
+    },
+    {
+        ver => 17,
+        sql => [
+            q{
+            CREATE TABLE passwordreset
+            (
+            -- Hérité(e) from table revisions:  rev integer NOT NULL DEFAULT nextval('revisions_rev_seq'::regclass),
+            -- Hérité(e) from table revisions:  date timestamp with time zone NOT NULL DEFAULT now(),
+            -- Hérité(e) from table revisions:  "create" timestamp with time zone NOT NULL DEFAULT now(),
+            -- Hérité(e) from table revisions:  ikey integer NOT NULL DEFAULT nextval('ikey_seq'::regclass),
+            "user" text NOT NULL,
+            id text NOT NULL,
+            CONSTRAINT passwordreset_pkey PRIMARY KEY (id),
+            CONSTRAINT password_reset_user_fkey FOREIGN KEY ("user")
+            REFERENCES "user" (name) MATCH SIMPLE
+            ON UPDATE CASCADE ON DELETE CASCADE
+            )
+            INHERITS (revisions)
+            WITH (
+            OIDS=FALSE
+            );
+            },
+        ],
+    },
 );
 

trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/User.pm

@@ -15 +15 @@
 use LATMOS::Accounts::I18N;
 use Date::Calc;
+use LATMOS::Accounts::Mail;
 
 our $VERSION = (q$Rev$ =~ /^Rev: (\d+) /)[0];
@@ -1496 +1497 @@
 }
 
+=head2 GenPasswordResetId
+
+Return a new id allowing passowrd reset
+
+=cut
+
+sub GenPasswordResetId {
+    my ($self) = @_;
+
+    my $id = LATMOS::Accounts::Utils::genpassword(length => 32);
+
+    my $sth = $self->base->db->prepare_cached(q{
+        INSERT INTO passwordreset (id, "user") values (?,?)
+    });
+
+    if ($sth->execute($id, $self->id)) {
+        return $id;
+    } else {
+        return;
+    }
+}
+
+=head2 SendPasswordReset($url)
+
+Generate a password reset Id and the to the user.
+
+C<$url> is the URL where the password can changed (printf forward, the %s is
+replaced by the request id)
+
+=cut
+
+sub SendPasswordReset {
+    my ($self, $url) = @_;
+
+    my $id = $self->GenPasswordResetId;
+
+    my $mail = $self->get_attributes('mail') or do {
+        $self->base->log(LA_ERR, "Cannot sent reset password mail: no mail found");
+        return;
+    };
+
+    my %mail = (
+        Subject => 'LATMOS: pasword reset',
+        'X-LATMOS-Reason' => 'Account destruction',
+        to => $mail,
+    );
+
+    my $vars = {
+        url => sprintf($url, $id),
+    };
+    $vars->{id} =  $id;
+    $vars->{obj} = $self;
+
+    my $lamail = LATMOS::Accounts::Mail->new(
+        $self->base->la,
+        'passwordreset.mail',
+    );
+
+    if ($lamail->process(\%mail, $vars)) {
+        $self->base->log(LA_NOTICE,
+            "Reset password sent to %s for user %s",
+            $mail{to},
+            $self->id,
+        );
+    }
+}
+
+=head2 CheckPasswordResetId($id)
+
+Return True if the reset password ID can be found and is less than one day old
+
+=cut
+
+sub CheckPasswordResetId {
+    my ($self, $id) = @_;
+
+    my $sth = $self->base->db->prepare_cached(q{
+        SELECT * FROM passwordreset WHERE
+            "user" = ? and
+            id = ? and
+            "create" >= now() - '1 days'::interval
+    });
+    $sth->execute($self->id, $id);
+
+    my $res = $sth->fetchrow_hashref;
+    $sth->finish;
+
+    return $res ? 1 : 0;
+}
+
 1;