Permalink
Browse files

Simple forgot password implementation.

  • Loading branch information...
1 parent ba5b586 commit b454fc6279748eb23b2874dcabb529b00efc0e6d @pupeno pupeno committed Aug 2, 2011
Showing with 51 additions and 3 deletions.
  1. +2 −1 project.clj
  2. +6 −1 src/clojars/config.clj
  3. +4 −0 src/clojars/db.clj
  4. +4 −0 src/clojars/web.clj
  5. +1 −0 src/clojars/web/login.clj
  6. +34 −1 src/clojars/web/user.clj
View
@@ -10,7 +10,8 @@
[ring/ring-jetty-adapter "0.3.1"]
[hiccup "0.3.0"]
[org.clojars.ato/nailgun "0.7.1"]
- [org.xerial/sqlite-jdbc "3.6.17"]]
+ [org.xerial/sqlite-jdbc "3.6.17"]
+ [org.apache.commons/commons-email "1.2"]]
:dev-dependencies [[lein-ring "0.4.5"]]
:ring {:handler clojars.web/clojars-app})
@@ -2,4 +2,9 @@
:subprotocol "sqlite"
:subname "data/db"}
:key-file "data/authorized_keys"
- :repo "repo"}
+ :repo "repo"
+ :mail {:hostname "smtp.gmail.com"
+ :username "clojars@pupeno.com"
+ :password "fuuuuuu"
+ :port 465 ; If you change ssl to false, the port might not be effective, search for .setSSL and .setSslSmtpPort
+ :ssl true}}
View
@@ -63,6 +63,10 @@
(with-query-results rs ["select * from users where user = ?" username]
(first rs)))
+(defn find-user-by-user-or-email [user-or-email]
+ (with-query-results rs ["select * from users where user = ? or email = ?" user-or-email user-or-email]
+ (first rs)))
+
(defn find-groups [username]
(with-query-results rs ["select * from groups where user = ?" username]
(doall (map :name rs))))
View
@@ -42,6 +42,10 @@
(register params))
(GET "/register" {params :params}
(register-form))
+ (POST "/forgot-password" {params :params}
+ (forgot-password params))
+ (GET "/forgot-password" {params :params}
+ (forgot-password-form))
(GET "/logout" request
(let [response (redirect "/")]
(assoc-in response [:session :account] nil)))
@@ -20,6 +20,7 @@
(text-field :user)
(label :password "Password:")
(password-field :password)
+ (link-to "/forgot-password" "Forgot password?") [:br]
(submit-button "Login"))))
(defn login [{username "user" password "password"}]
@@ -6,7 +6,8 @@
hiccup.page-helpers
hiccup.form-helpers
ring.middleware.session.store
- ring.util.response))
+ ring.util.response)
+ (:import [org.apache.commons.mail SimpleEmail]))
(defn register-form [ & [errors email user ssh-key]]
(html-doc nil "Register"
@@ -99,3 +100,35 @@
(unordered-list (map jar-link (jars-by-user (user :user))))
[:h2 "Groups"]
(unordered-list (map group-link (find-groups (user :user))))))
+
+(defn forgot-password-form []
+ (html-doc nil "Forgot password?"
+ [:h1 "Forgot password?"]
+ (form-to [:post "/forgot-password"]
+ (label :email-or-username "Email or username:")
+ (text-field :email-or-username "")
+ (submit-button "Send new password"))))
+
+;; TODO: move this to another file?
+(defn send-mail [to subject message]
+ (doto (SimpleEmail.)
+ (.setHostName ((clojars/config :mail) :hostname))
+ (.setAuthentication ((clojars/config :mail) :username) ((clojars/config :mail) :password))
+ (.setSslSmtpPort (str ((clojars/config :mail) :port)))
+ (.setSSL ((clojars/config :mail) :ssl))
+ (.setFrom "clojars@pupeno.com" "Clojars")
+ (.addTo to)
+ (.setSubject subject)
+ (.setMsg message)
+ (.send)))
+
+(defn forgot-password [{email-or-username "email-or-username"}]
+ (when-let [user (find-user-by-user-or-email email-or-username)]
+ (let [new-password (rand-string 15)]
+ (update-user (user :user) (user :email) (user :user) new-password (user :ssh_key))
+ (send-mail (user :email)
+ "Password reset for Clojars"
+ (str "Hello,\n\nYour new password for Clojars is: " new-password "\n\nKeep it safe this time."))))
+ (html-doc nil "Forgot password?"
+ [:h1 "Forgot password?"]
+ [:p "If your account was found, you should get an email with a new password soon."]))

0 comments on commit b454fc6

Please sign in to comment.