password_requests.pm: improve password check
* css for form * return reason for failed password check * show check reults as error or info
This commit is contained in:
Milan
@@ -146,10 +146,10 @@ sub sendToken ($$) {
|
||||
my $baseUrl = $config->{locations}->{source_base_url} . $config->{locations}->{editor_base_url};
|
||||
my $url = $baseUrl . "/request-password.cgi?token=" . $entry->{token};
|
||||
my $content = "Hi,$user->{full_name}\n\n";
|
||||
$content .= "Someone just tried to reset your password for $baseUrl.\n\n";
|
||||
$content .= "If you like to set a new password, please follow the link below\n";
|
||||
$content .= "Someone has just tried to reset your password for $baseUrl.\n\n";
|
||||
$content .= "If you want to set a new password, please follow this link\n";
|
||||
$content .= $url . "\n\n";
|
||||
$content .= "If you do not like to set a new password, please ignore this mail.\n";
|
||||
$content .= "If you do not want to set a new password, please ignore this mail.\n";
|
||||
|
||||
mail::send(
|
||||
{
|
||||
@@ -171,21 +171,21 @@ sub changePassword ($$$) {
|
||||
my $permissions = $request->{permissions};
|
||||
|
||||
unless ( ( defined $userName ) || ( $userName eq '' ) ) {
|
||||
return { error => 'user not found' };
|
||||
return { error => 'The User could not be found.' };
|
||||
}
|
||||
|
||||
my $user = uac::get_user( $config, $userName );
|
||||
|
||||
unless ( ( defined $user ) && ( defined $user->{id} ) && ( $user->{id} ne '' ) ) {
|
||||
return { error => 'user id not found' };
|
||||
return { error => 'Te User ID could not be found.' };
|
||||
}
|
||||
|
||||
unless ( password_requests::checkPassword( $params->{user_password} ) ) {
|
||||
return { error => 'password does not meet requirements' };
|
||||
if ( my $msg = password_requests::isPasswordInvalid( $params->{user_password} ) ) {
|
||||
return { error => $msg } if $msg;
|
||||
}
|
||||
|
||||
if ( $params->{user_password} ne $params->{user_password2} ) {
|
||||
return { error => 'entered passwords do not match' };
|
||||
return { error => 'The passwords entered do not match.' };
|
||||
}
|
||||
|
||||
my $crypt = auth::crypt_password( $params->{user_password} );
|
||||
@@ -196,41 +196,30 @@ sub changePassword ($$$) {
|
||||
$config->{access}->{write} = 1;
|
||||
my $result = uac::update_user( $config, $user );
|
||||
$config->{access}->{write} = 0;
|
||||
return { success => "password changed for $userName" };
|
||||
return { success => "The password was changed for $userName." };
|
||||
}
|
||||
|
||||
sub checkPassword($) {
|
||||
sub isPasswordInvalid($) {
|
||||
my $password = shift;
|
||||
unless ( defined $password || $password eq '' ) {
|
||||
error("password is empty");
|
||||
return;
|
||||
return "The password must not be empty.";
|
||||
}
|
||||
if ( length($password) < 8 ) {
|
||||
error("password to short");
|
||||
return 0;
|
||||
return "The password must have at least 8 characters.";
|
||||
}
|
||||
unless ( $password =~ /[a-z]/ ) {
|
||||
error("password should contains at least one small character");
|
||||
return 0;
|
||||
return "The password must contain at least one small character.";
|
||||
}
|
||||
unless ( $password =~ /[A-Z]/ ) {
|
||||
error("password should contains at least one big character");
|
||||
return 0;
|
||||
return "The password must contain at least one big character";
|
||||
}
|
||||
unless ( $password =~ /[0-9]/ ) {
|
||||
error("password should contains at least one number");
|
||||
return 0;
|
||||
return "The password must contain at least one number.";
|
||||
}
|
||||
unless ( $password =~ /[^a-zA-Z0-9]/ ) {
|
||||
error("password should contains at least one special character");
|
||||
return 0;
|
||||
return "The password must contain at least one special character.";
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
sub error($) {
|
||||
my $msg = shift;
|
||||
print "ERROR: $msg<br/>\n";
|
||||
return 0;
|
||||
}
|
||||
|
||||
#do not delete last line!
|
||||
|
||||
@@ -27,11 +27,25 @@ print "Content-type:text/html\n\n";
|
||||
print qq{<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta charset="UTF-8">
|
||||
</head>
|
||||
<style>
|
||||
* {text-align:center; font-family: sans-serif;}
|
||||
div,input {padding:6px;margin:6px;}
|
||||
.error {background:red; color:white;}
|
||||
.info {background:blue; color:white;}
|
||||
</style>
|
||||
<body>
|
||||
<h1>Change your password</h1>
|
||||
};
|
||||
|
||||
sub info{
|
||||
print qq{<div class="info">$_[0]</div>\n};
|
||||
}
|
||||
sub error{
|
||||
print qq{<div class="error">$_[0]</div>\n};
|
||||
}
|
||||
|
||||
if ( defined $params->{user} ) {
|
||||
sendToken( $config, $params );
|
||||
return;
|
||||
@@ -45,9 +59,9 @@ sub sendToken {
|
||||
my $params = shift;
|
||||
my $entry = password_requests::sendToken( $config, { user => $params->{user} } );
|
||||
if ( defined $entry ) {
|
||||
print "Please check you mails\n";
|
||||
info "Please check you mails.";
|
||||
} else {
|
||||
print "Sorry\n";
|
||||
error "Sorry.";
|
||||
}
|
||||
}
|
||||
|
||||
@@ -59,20 +73,17 @@ sub checkToken {
|
||||
|
||||
my $entry = password_requests::get( $config, { token => $token } );
|
||||
unless ( defined $entry ) {
|
||||
print "invalid token\n";
|
||||
return undef;
|
||||
return error "The token is invalid.";
|
||||
}
|
||||
|
||||
print STDERR Dumper($entry);
|
||||
my $created_at = $entry->{created_at};
|
||||
unless ( defined $created_at ) {
|
||||
print "invalid token age\n";
|
||||
return undef;
|
||||
return error "The token age is invalid.";
|
||||
}
|
||||
|
||||
my $age = time() - time::datetime_to_time($created_at);
|
||||
if ( $age > 600 ) {
|
||||
print "token is too old\n";
|
||||
error "The token is too old.";
|
||||
password_requests::delete( $config, { token => $token } );
|
||||
return undef;
|
||||
}
|
||||
@@ -83,7 +94,7 @@ sub checkToken {
|
||||
$config->{access}->{write} = 0;
|
||||
|
||||
if ( $entry->{max_attempts} > 10 ) {
|
||||
print "too many failed attempts, please request a new token by mail\n";
|
||||
error "Too many failed attempts. Please request a new token by mail.";
|
||||
password_requests::delete( $config, { token => $token } );
|
||||
return undef;
|
||||
}
|
||||
@@ -100,24 +111,20 @@ sub checkToken {
|
||||
params => { checked => $params }
|
||||
};
|
||||
my $result = password_requests::changePassword( $config, $request, $user );
|
||||
|
||||
if ( defined $result->{error} ) {
|
||||
|
||||
#print "sorry\n";
|
||||
print $result->{error} . "\n";
|
||||
error $result->{error};
|
||||
printForm($token);
|
||||
}
|
||||
|
||||
if ( defined $result->{success} ) {
|
||||
|
||||
#print "success\n";
|
||||
print $result->{success} . "\n";
|
||||
info $result->{success};
|
||||
password_requests::delete( $config, { user => $user } );
|
||||
my $url = $config->{locations}->{editor_base_url};
|
||||
print qq{
|
||||
<script type="text/javascript">
|
||||
window.location = "$url";
|
||||
setTimeout( () => window.location = "$url", 3000);
|
||||
</script>
|
||||
You will be forwarded to $url …
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -129,8 +136,8 @@ sub printForm {
|
||||
print qq{
|
||||
<form method="post">
|
||||
<input type="hidden" name="token" value="$token">
|
||||
<input type="password" name="user_password" placeholder="enter new password">
|
||||
<input type="password" name="user_password2" placeholder="repeat password">
|
||||
<input type="password" name="user_password" placeholder="Please enter a password">
|
||||
<input type="password" name="user_password2" placeholder="Please repeat the password">
|
||||
<input type="submit" name="action" value="change">
|
||||
</form>
|
||||
};
|
||||
|
||||
@@ -200,7 +200,9 @@ sub update_user {
|
||||
return;
|
||||
}
|
||||
|
||||
return unless password_requests::checkPassword( $params->{user_password} );
|
||||
my $error = password_requests::isPasswordInvalid( $params->{user_password} );
|
||||
error($error) if $error;
|
||||
return if $error;
|
||||
|
||||
if ( $params->{user_password} ne $params->{user_password2} ) {
|
||||
error('password mismatch');
|
||||
|
||||
Reference in New Issue
Block a user