Permalink
Browse files

Item14506: Enhancements to Reset Password

 - Avoid sending the die message to the UI if send email fails.
 - Add ability to reset password by email address
 - Other cleanup on sendEmail ... It doesn't need to handle registration
   messages
  • Loading branch information...
gac410 committed Oct 13, 2017
1 parent 5f4cdb2 commit f659d6a2509125849b3120f2c0ec20002b191e5e
@@ -21,7 +21,7 @@
</div>
<div class="foswikiFormStep">
%TABLE{databg="transparent" tableborder="0" tablerules="none"}%
| %MAKETEXT{"Your [[[_1]][username]]:" args="%SYSTEMWEB%.UserName"}% | <input type="text" name="LoginName" value="%URLPARAM{username}%" size="40" class="foswikiInputField" /> |
| %IF{ "{TemplateLogin}{AllowLoginUsingEmailAddress}" then="%MAKETEXT{"Username or email address"}%" else="%MAKETEXT{"Username"}%" }% | <input type="text" name="LoginName" value="%URLPARAM{username}%" size="40" class="foswikiInputField" /> |
</div><!-- /foswikiFormStep-->
<div class="foswikiFormStep foswikiLast">
<input type="hidden" name="action" value="resetPassword">
@@ -60,6 +60,38 @@ sub _RESTresetPassword {
throw Foswiki::OopsException( 'password', def => 'no_users_to_reset' );
}
if ( $Foswiki::cfg{TemplateLogin}{AllowLoginUsingEmailAddress}
&& ( $userName =~ $Foswiki::regex{emailAddrRegex} ) )
{
# try email addresses if it is one
my $cuidList = $users->findUserByEmail($userName);
if ( scalar @$cuidList > 1 ) {
throw Foswiki::OopsException(
'password',
topic => $Foswiki::cfg{HomeTopicName},
def => 'reset_bad',
params =>
['The entered email address is not unique. Use a WikiName']
);
}
else {
$userName = @$cuidList[0];
}
}
else {
throw Foswiki::OopsException(
'password',
status => 200,
topic => $Foswiki::cfg{HomeTopicName},
def => 'reset_bad',
params => [
'This Foswiki is not configured to permit access by email address. Please enter a WikiName or Login name.'
],
);
}
my $user = Foswiki::Func::getCanonicalUserID($userName);
unless ( $user && $session->{users}->userExists($user) ) {
throw Foswiki::OopsException(
@@ -143,7 +175,7 @@ sub _RESTresetPassword {
status => 200,
topic => $Foswiki::cfg{HomeTopicName},
def => 'reset_ok',
params => [ $Foswiki::cfg{Login}{TokenLifetime}, $errors ]
params => [ $Foswiki::cfg{Login}{TokenLifetime} || 900, $errors ]
);
}
else {
@@ -158,7 +190,7 @@ sub _RESTresetPassword {
=begin TML
---++ StaticMethod RESTchangePassword
---++ StaticMethod RESTchangePassword
Change the user's password. Details of the user and password
are passed in CGI parameters.
@@ -228,8 +260,9 @@ sub _RESTchangePassword {
if ($resetActive) {
$oldpassword = 1; # Allow password change without oldpassword.
}
elsif ( $users->isAdmin($requestUser)
&& ! length($oldpassword) ) {
elsif ( $users->isAdmin($requestUser)
&& !length($oldpassword) )
{
$oldpassword = 1; # Allow an admin to omit the oldpassword
}
else {
@@ -244,8 +277,7 @@ sub _RESTchangePassword {
);
}
unless ( $users->checkPassword( $login, $oldpassword ) )
{
unless ( $users->checkPassword( $login, $oldpassword ) ) {
throw Foswiki::OopsException(
'password',
web => $webName,
@@ -302,27 +334,26 @@ sub _sendEmail {
my ( $session, $template, $data ) = @_;
my $text = $session->templates->readTemplate($template);
$data->{Introduction} ||= '';
$data->{Name} ||= $data->{WikiName};
my @unexpanded;
foreach my $field ( keys %$data ) {
my $f = uc($field);
unless ( $text =~ s/\%$f\%/$data->{$field}/g ) {
unless ( $field =~ m/^Password|Confirm|form|webName/
|| !defined( $data->{$field} )
|| $data->{$field} !~ /\W/ )
{
push( @unexpanded, "$field: $data->{$field}" );
}
}
$text =~ s/\%$f\%/$data->{$field}/g;
}
$text =~ s/%REGISTRATION_DATA%/join("\n", map {"\t* $_" } @unexpanded)/ge;
my $topicObject = Foswiki::Meta->new( $session, $Foswiki::cfg{UsersWebName},
$data->{WikiName} );
$text = $topicObject->expandMacros($text);
return $session->net->sendEmail($text);
# SMELL: For some reason Net::sendEmail issues a "die" if the email address
# is bad. But only in a REST handler. Send to the exact same email from
# UI::Password, and it returns an error without the "die".
# The eval{} avoids the issue.
my $results;
eval { $results = $session->net->sendEmail($text); };
return $results;
}
1;

0 comments on commit f659d6a

Please sign in to comment.