|
1 | 1 | package BlogDB::Web::Controller::Root; |
2 | 2 | use Mojo::Base 'Mojolicious::Controller', -signatures; |
3 | 3 | use Try::Tiny; |
| 4 | +use Data::UUID; |
4 | 5 |
|
5 | 6 | sub get_register ($c) { |
6 | 7 | $c->set_template( 'register' ); |
@@ -63,27 +64,82 @@ sub post_register ($c) { |
63 | 64 |
|
64 | 65 | sub get_forgot ($c) { |
65 | 66 | $c->set_template( 'forgot' ); |
66 | | - |
67 | 67 | } |
68 | 68 |
|
69 | 69 | sub post_forgot ($c) { |
70 | 70 | $c->set_template( 'forgot' ); |
| 71 | + |
| 72 | + my $username = $c->stash->{form_username} = $c->param('username'); |
71 | 73 |
|
| 74 | + # Find the user -- if they have an @, assume it's an email addresss. |
| 75 | + my $person = $c->db->resultset('Person')->find( index($username, '@') == -1 |
| 76 | + ? { username => $username } |
| 77 | + : { email => $username } |
| 78 | + ); |
| 79 | + |
| 80 | + push @{$c->stash->{errors}}, "No such username or email address." |
| 81 | + unless $person; |
| 82 | + |
| 83 | + return 0 if $c->stash->{errors}; # Drop out of processing if there are errors. |
| 84 | + |
| 85 | + my $reset_token = $person->create_related( 'password_tokens', { |
| 86 | + token => Data::UUID->new->create_str, |
| 87 | + }); |
| 88 | + |
| 89 | + # TODO |
| 90 | + # This is the part where we email $person->email with $c->url_for( 'reset', { token => $reset_token->token } ); |
| 91 | + |
| 92 | + $c->stash->{success} = 1; |
72 | 93 | } |
73 | 94 |
|
74 | 95 | sub get_reset ($c) { |
75 | 96 | $c->set_template( 'reset' ); |
76 | 97 |
|
| 98 | + $c->stash->{form_token} = $c->param('token'); |
| 99 | + |
77 | 100 | } |
78 | 101 |
|
79 | 102 | sub post_reset ($c) { |
80 | 103 | $c->set_template( 'reset' ); |
| 104 | + |
| 105 | + my $form_token = $c->stash->{form_token} = $c->param('reset_token'); |
| 106 | + my $password = $c->stash->{form_password} = $c->param('password'); |
| 107 | + my $confirm = $c->stash->{form_confirm} = $c->param('confirm'); |
81 | 108 |
|
82 | | -} |
| 109 | + # Error Checking - We have all of the information. |
| 110 | + push @{$c->stash->{errors}}, "Password is required." unless $password; |
| 111 | + push @{$c->stash->{errors}}, "Confirm password is required." unless $password; |
| 112 | + push @{$c->stash->{errors}}, "Password & Confirmation must match." unless $password eq $confirm; |
| 113 | + push @{$c->stash->{errors}}, "Password must be at least 7 chars." unless 7 < length($password); |
83 | 114 |
|
84 | | -sub post_reset ($c) { |
85 | | - $c->set_template( 'login' ); |
| 115 | + return 0 if $c->stash->{errors}; # Drop out of processing, there are errors.. |
| 116 | + |
| 117 | + my $token = $c->db->resultset('PasswordToken')->search({ |
| 118 | + token => $form_token, |
| 119 | + is_redeemed => 0, |
| 120 | + })->first; |
| 121 | + |
| 122 | + push @{$c->stash->{errors}}, "Invalid token" unless $token;; |
| 123 | + return 0 if $c->stash->{errors}; # Drop out of processing, there are errors.. |
| 124 | + |
| 125 | + my $person = try { |
| 126 | + $c->db->storage->schema->txn_do( sub { |
| 127 | + # Update the user's password. |
| 128 | + $token->person->auth_password->update_password( $password ); |
| 129 | + |
| 130 | + # Mark the token used. |
| 131 | + $token->is_redeemed( 1 ); |
| 132 | + $token->update; |
| 133 | + |
| 134 | + return $token->person; |
| 135 | + }); |
| 136 | + } catch { |
| 137 | + push @{$c->stash->{errors}}, "The password could not be reset: $_"; |
| 138 | + }; |
| 139 | + |
| 140 | + return 0 if $c->stash->{errors}; # Drop out of processing the registration if there are any errors. |
86 | 141 |
|
| 142 | + $c->stash->{success} = 1; |
87 | 143 | } |
88 | 144 |
|
89 | 145 | sub post_login ($c) { |
|
0 commit comments