[Bps-public-commit] rt-extension-resetpassword branch, new-user-create-password, created. 1.04-2-ga8ae09d
Craig Kaiser
craig at bestpractical.com
Thu Jan 9 11:50:15 EST 2020
The branch, new-user-create-password has been created
at a8ae09d34e772ba14e0fbfde27a905b5d6069444 (commit)
- Log -----------------------------------------------------------------
commit 5d80792e7f4ced04ac29d08e78e5dd540231ad1e
Author: Craig Kaiser <craig at bestpractical.com>
Date: Thu Jan 9 11:42:11 2020 -0500
Move token generation and password reset to lib method
diff --git a/html/NoAuth/ResetPassword/Request.html b/html/NoAuth/ResetPassword/Request.html
index 794c44c..8a45b20 100644
--- a/html/NoAuth/ResetPassword/Request.html
+++ b/html/NoAuth/ResetPassword/Request.html
@@ -65,22 +65,7 @@ if ($ARGS{'Email'}) {
my $u = RT::User->new($RT::SystemUser);
$u->LoadByCols(EmailAddress => $ARGS{'Email'});
if ($u->id and $u->HasPassword and not $u->Disabled) {
- my $token = Digest::MD5->new()->add(
- $u->id,
- $u->__Value('Password'),
- $RT::DatabasePassword,
- $u->LastUpdated,
- @{[$RT::WebPath]} . '/NoAuth/ResetPassword/Reset'
- )->hexdigest();
-
- my ($status, $msg) = RT::Interface::Email::SendEmailUsingTemplate(
- To => $u->EmailAddress,
- Template => 'PasswordReset',
- Arguments => {
- Token => $token,
- User => $u,
- },
- );
+ my ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
if ($status) {
push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
diff --git a/lib/RT/Extension/ResetPassword.pm b/lib/RT/Extension/ResetPassword.pm
index 1e96f02..13f973c 100644
--- a/lib/RT/Extension/ResetPassword.pm
+++ b/lib/RT/Extension/ResetPassword.pm
@@ -5,6 +5,29 @@ use warnings;
our $VERSION = '1.04';
+sub CreateTokenAndResetPassword {
+ my $self = shift;
+ my $user = shift;
+
+ my $token = Digest::MD5->new()->add(
+ $user->id,
+ $user->__Value('Password'),
+ $RT::DatabasePassword,
+ $user->LastUpdated,
+ @{[$RT::WebPath]} . '/NoAuth/ResetPassword/Reset'
+ )->hexdigest();
+
+ my ($status, $msg) = RT::Interface::Email::SendEmailUsingTemplate(
+ To => $user->EmailAddress,
+ Template => 'PasswordReset',
+ Arguments => {
+ Token => $token,
+ User => $user,
+ },
+ );
+ return ($status, $msg);
+}
+
=head1 NAME
RT::Extension::ResetPassword - add "forgot your password?" link to RT instance
commit a8ae09d34e772ba14e0fbfde27a905b5d6069444
Author: Craig Kaiser <craig at bestpractical.com>
Date: Thu Jan 9 11:43:07 2020 -0500
Allow for users to create priv user records with no account
diff --git a/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default b/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
index 3c99919..d6e744a 100644
--- a/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
+++ b/html/Callbacks/RT-Extension-ResetPassword/Elements/Login/Default
@@ -1,2 +1,5 @@
<br/><div id="lostpassword" style="align:left;clear:both;">
<a href="<%$RT::WebPath%>/NoAuth/ResetPassword/Request.html"><&|/l&>Forgot your password?</&></a></div>
+
+<div id="firstpassword" style="align:right;clear:both;">
+<a href="<%$RT::WebPath%>/NoAuth/ResetPassword/NewUser.html"><&|/l&>New user and need a password?</&></a></div>
diff --git a/html/NoAuth/ResetPassword/NewUser.html b/html/NoAuth/ResetPassword/NewUser.html
new file mode 100644
index 0000000..4910f0f
--- /dev/null
+++ b/html/NoAuth/ResetPassword/NewUser.html
@@ -0,0 +1,117 @@
+%# BEGIN BPS TAGGED BLOCK {{{
+%#
+%# COPYRIGHT:
+%#
+%# This software is Copyright (c) 1996-2019 Best Practical Solutions, LLC
+%# <sales at bestpractical.com>
+%#
+%# (Except where explicitly superseded by other copyright notices)
+%#
+%#
+%# LICENSE:
+%#
+%# This work is made available to you under the terms of Version 2 of
+%# the GNU General Public License. A copy of that license should have
+%# been provided with this software, but in any event can be snarfed
+%# from www.gnu.org.
+%#
+%# This work is distributed in the hope that it will be useful, but
+%# WITHOUT ANY WARRANTY; without even the implied warranty of
+%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+%# General Public License for more details.
+%#
+%# You should have received a copy of the GNU General Public License
+%# along with this program; if not, write to the Free Software
+%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+%# 02110-1301 or visit their web page on the internet at
+%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+%#
+%#
+%# CONTRIBUTION SUBMISSION POLICY:
+%#
+%# (The following paragraph is not intended to limit the rights granted
+%# to you to modify and distribute this software under the terms of
+%# the GNU General Public License and is only of importance to you if
+%# you choose to contribute your changes and enhancements to the
+%# community by submitting them to Best Practical Solutions, LLC.)
+%#
+%# By intentionally submitting any modifications, corrections or
+%# derivatives to this work, or any other work intended for use with
+%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+%# you are the copyright holder for those contributions and you grant
+%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
+%# royalty-free, perpetual, license to use, copy, create derivative
+%# works based on those contributions, and sublicense and distribute
+%# those contributions and any derivatives thereof.
+%#
+%# END BPS TAGGED BLOCK }}}
+<& /Elements/Header, Title => $title &>
+<div id="body" class="login-body">
+
+<h1><%$title%></h1>
+<& /Elements/ListActions, actions => \@actions &>
+<p>
+<&|/l&>RT can send you an email message with a link that will allow you to set your password.</&>
+<form method="post" action="NewUser.html">
+ <&|/l&>Email address</&>:<input name="Email" value="" />
+ <input type="submit" class="button" value="<%loc('Send it!')%>" />
+</form>
+<a href="<%$RT::WebURL|n%>"><&|/l&>Login</&></a>
+</div>
+
+<%INIT>
+my @actions;
+
+my $title = loc("Create your password");
+
+if ($ARGS{'Email'}) {
+ my $u = RT::User->new($RT::SystemUser);
+ $u->LoadByCols(EmailAddress => $ARGS{'Email'});
+
+ if ($u->id and $u->HasPassword and $u->Privileged and not $u->Disabled) {
+ my ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+
+ if ($status) {
+ push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+ RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+ } else {
+ push @actions, loc("Failed to send password reset token, please contact your RT administrator.");
+ RT->Logger->error("Failed to send password reset token to " . $u->EmailAddress . ": $msg");
+ }
+ } elsif ($u->id and $u->Disabled) {
+ push @actions, loc("You can't reset your password because your user is disabled.");
+ RT->Logger->warning("Disabled user " . $u->Name . " attempted to reset password");
+ } elsif ($u->id and not $u->Privileged) {
+ my ($status, $msg) = $u->SetPrivileged(1);
+ RT::Logger->error($msg) unless $status;
+
+ ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+ if ($status) {
+ push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+ RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+ } else {
+ push @actions, loc("You can't reset your password as you don't already have one.");
+ RT->Logger->warning("$msg")
+ }
+ } else {
+ my ($status, $msg) = $u->Create(
+ Privileged => 1,
+ EmailAddress => $ARGS{'Email'},
+ );
+ RT::Logger->error($msg) unless $status;
+
+ ($status, $msg) = RT::Extension::ResetPassword->CreateTokenAndResetPassword($u);
+ if ($status) {
+ push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+ RT->Logger->info("Password reset token send to " . $u->EmailAddress);
+ } else {
+ push @actions, loc("Failed to send password reset token, please contact your RT administrator.");
+ RT->Logger->error("Failed to send password reset token to " . $u->EmailAddress . ": $msg");
+ }
+ }
+ if(RT->Config->Get("HidePasswordResetErrors")) {
+ pop @actions;
+ push @actions, loc("RT has sent you an email message with instructions about how to reset your password");
+ }
+}
+</%INIT>
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list