6 files changed, 224 insertions, 46 deletions

diff --git a/fs_selfservice/FS-SelfService/cgi/do_forgot_password.html b/fs_selfservice/FS-SelfService/cgi/do_forgot_password.html
new file mode 100644
index 0000000..adf8cca
--- /dev/null
+++ b/fs_selfservice/FS-SelfService/cgi/do_forgot_password.html
@@ -0,0 +1,18 @@
+<HTML>
+  <HEAD>
+    <TITLE>Forgot password</TITLE>
+    <%= $head %>
+  </HEAD>
+  <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>">
+  <%= $body_header %>
+
+<FONT SIZE=5>Forgot password</FONT><BR><BR>
+<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT>
+
+<%= if (!$error) {
+  $OUT .= 'A verification email has been sent to your mailbox.  Please follow
+           the link in your email to complete your password reset.';
+  }
+%>
+
+<%= $body_footer %>
diff --git a/fs_selfservice/FS-SelfService/cgi/do_process_forgot_password.html b/fs_selfservice/FS-SelfService/cgi/do_process_forgot_password.html
new file mode 100644
index 0000000..9274f92
--- /dev/null
+++ b/fs_selfservice/FS-SelfService/cgi/do_process_forgot_password.html
@@ -0,0 +1,18 @@
+<HTML>
+  <HEAD>
+    <TITLE>Reset password</TITLE>
+    <%= $head %>
+  </HEAD>
+  <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>">
+  <%= $body_header %>
+
+<FONT SIZE=5>Reset password</FONT><BR><BR>
+<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT>
+
+<%= if (!$error) {
+  $self_url =~ s/\?.*//;
+  $OUT .= "Your password has been changed.  You can now <A HREF=\"$self_url\">log in</A>.";
+  }
+%>
+
+<%= $body_footer %>
diff --git a/fs_selfservice/FS-SelfService/cgi/forgot_password.html b/fs_selfservice/FS-SelfService/cgi/forgot_password.html
new file mode 100644
index 0000000..e14034c
--- /dev/null
+++ b/fs_selfservice/FS-SelfService/cgi/forgot_password.html
@@ -0,0 +1,53 @@
+<HTML>
+  <HEAD>
+    <TITLE>Forgot password</TITLE>
+    <%= $head %>
+  </HEAD>
+  <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>">
+  <%= $body_header %>
+
+<FONT SIZE=5>Forgot password</FONT><BR><BR>
+<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT>
+
+<FORM ACTION="<%= $self_url %>" METHOD=POST>
+<INPUT TYPE="hidden" NAME="action" VALUE="do_forgot_password">
+<INPUT TYPE="hidden" NAME="agentnum" VALUE="<%= $agentnum %>">
+
+Please enter your email address.  A password reset email will be sent to that address.
+
+<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0>
+
+<TR>
+  <TH ALIGN="right">Email address </TH>
+  <TD>
+    <INPUT TYPE="text" NAME="email" VALUE="<%= $username %>"><%= $single_domain ? '@'.$single_domain : '' %>
+  </TD>
+</TR>
+
+<%=
+if ( $single_domain ) {
+
+  $OUT .= qq(<INPUT TYPE="hidden" NAME="domain" VALUE="$single_domain">);
+
+} else {
+
+  $OUT .= qq(
+    <TR>
+      <TH ALIGN="right">Domain </TH>
+      <TD>
+        <INPUT TYPE="text" NAME="domain" VALUE="$domain">
+      </TD>
+    </TR>
+  );
+
+}
+
+%>
+
+<TR>
+  <TD COLSPAN=2 ALIGN="center"><INPUT TYPE="submit" VALUE="Send reset email"></TD>
+</TR>
+</TABLE>
+</FORM>
+
+<%= $body_footer %>
diff --git a/fs_selfservice/FS-SelfService/cgi/login.html b/fs_selfservice/FS-SelfService/cgi/login.html
index 68f3ae4..65efd7b 100644
--- a/fs_selfservice/FS-SelfService/cgi/login.html
+++ b/fs_selfservice/FS-SelfService/cgi/login.html
@@ -15,25 +15,26 @@
 
 <TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0>
 
-<TR>
-  <TH ALIGN="right">Username </TH>
-  <TD>
-    <INPUT TYPE="text" NAME="username" VALUE="<%= $username %>"><%= $single_domain ? '@'.$single_domain : '' %>
-  </TD>
-</TR>
-
 <%=
 if ( $single_domain ) {
 
-  $OUT .= qq(<INPUT TYPE="hidden" NAME="domain" VALUE="$single_domain">);
+  $OUT .= qq(
+    <TR>
+      <TH ALIGN="right">Username </TH>
+      <TD>
+        <INPUT TYPE="text" NAME="username" VALUE="$username">\@$single_domain
+      </TD>
+    </TR>
+    <INPUT TYPE="hidden" NAME="domain" VALUE="$single_domain">
+  );
 
 } else {
 
   $OUT .= qq(
     <TR>
-      <TH ALIGN="right">Domain </TH>
+      <TH ALIGN="right">Email address </TH>
       <TD>
-        <INPUT TYPE="text" NAME="domain" VALUE="$domain">
+        <INPUT TYPE="text" NAME="email" VALUE="$email">
       </TD>
     </TR>
   );
diff --git a/fs_selfservice/FS-SelfService/cgi/process_forgot_password.html b/fs_selfservice/FS-SelfService/cgi/process_forgot_password.html
new file mode 100644
index 0000000..3d8c058
--- /dev/null
+++ b/fs_selfservice/FS-SelfService/cgi/process_forgot_password.html
@@ -0,0 +1,44 @@
+<HTML>
+  <HEAD>
+    <TITLE>Reset password</TITLE>
+    <%= $head %>
+  </HEAD>
+  <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>">
+  <%= $body_header %>
+
+<FONT SIZE=5>Reset password</FONT><BR><BR>
+<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT>
+
+<FORM ACTION="<%= $self_url %>" METHOD=POST>
+<INPUT TYPE="hidden" NAME="action" VALUE="do_process_forgot_password">
+<INPUT TYPE="hidden" NAME="session_id" VALUE="<%= $session_id %>">
+<INPUT TYPE="hidden" NAME="agentnum" VALUE="<%= $agentnum %>">
+
+<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0>
+
+<%= if (!$error) {
+
+  $OUT .= <<'END';
+
+  <TR>
+    <TH ALIGN="right">New password: </TH>
+    <TD><INPUT TYPE="password" NAME="new_password" SIZE="18"></TD>
+  </TR>
+
+  <TR>
+    <TH ALIGN="right">Re-enter new password: </TH>
+    <TD><INPUT TYPE="password" NAME="new_password2" SIZE="18"></TD>
+  </TR>
+
+  <TR>
+    <TD COLSPAN=2 ALIGN="center"><INPUT TYPE="submit" VALUE="Change password"></TD>
+  </TR>
+END
+
+  }
+%>
+
+</TABLE>
+</FORM>
+
+<%= $body_footer %>
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index ea2a40b..8d3a23b 100755
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -22,6 +22,7 @@ use FS::SelfService qw(
   adjust_ticket_priority
   mason_comp port_graph
   start_thirdparty finish_thirdparty
+  reset_passwd check_reset_passwd process_reset_passwd
 );
 
 $template_dir = '.';
@@ -42,54 +43,68 @@ if ( exists($cookies{'session'}) ) {
   if ( $session_id eq 'login' ) {
     # then we've just come back from the login page
 
-    $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i;
-    my $username = $1;
-
-    $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/;
-    my $domain = $1;
-
     $cgi->param('password') =~ /^(.{0,$form_max})$/;
     my $password = $1;
 
-    if ( $username and $domain and $password ) {
+    if ( $cgi->param('email') =~ /^\s*([a-z0-9_\-\.\@]{1,$form_max})\s*$/i ) {
 
-      # authenticate
+      my $email = $1;
       $login_rv = login(
-        'username' => $username,
-        'domain'   => $domain,
-        'password' => $password,
+        'email'    => $email,
+        'password' => $password
       );
       $session_id = $login_rv->{'session_id'};
 
-    } elsif ( $username or $domain or $password ) {
+    } else {
+
+      $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i;
+      my $username = $1;
+
+      $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/;
+      my $domain = $1;
+
+      if ( $username and $domain and $password ) {
+
+        # authenticate
+        $login_rv = login(
+          'username' => $username,
+          'domain'   => $domain,
+          'password' => $password,
+        );
+        $session_id = $login_rv->{'session_id'};
+
+      } elsif ( $username or $domain or $password ) {
       
-      my $error = 'Illegal '; #XXX localization...
-      my $count = 0;
-      if ( !$username ) {
-        $error .= 'username';
-        $count++;
-      }
-      if ( !$domain )  {
-        $error .= ', ' if $count;
-        $error .= 'domain';
-        $count++;
-      }
-      if ( !$password ) {
-        $error .= ', ' if $count;
-        $error .= 'and ' if $count > 1;
-        $error .= 'password';
-        $count++;
+        my $error = 'Illegal '; #XXX localization...
+        my $count = 0;
+        if ( !$username ) {
+          $error .= 'username';
+          $count++;
+        }
+        if ( !$domain )  {
+          $error .= ', ' if $count;
+          $error .= 'domain';
+          $count++;
+        }
+        if ( !$password ) {
+          $error .= ', ' if $count;
+          $error .= 'and ' if $count > 1;
+          $error .= 'password';
+          $count++;
+        }
+        $error .= '.';
+        $login_rv = {
+          'username'  => $username,
+          'domain'    => $domain,
+          'password'  => $password,
+          'error'     => $error,
+        };
+        $session_id = undef; # attempt login again
+
       }
-      $error .= '.';
-      $login_rv = {
-        'username'  => $username,
-        'domain'    => $domain,
-        'password'  => $password,
-        'error'     => $error,
-      };
-      $session_id = undef; # attempt login again
 
     } # else there was no input, so show no error message
+
   } # else session_id ne 'login'
 
 } else {
@@ -157,6 +172,10 @@ my @actions = ( qw(
   real_port_graph
   change_password
   process_change_password
+  forgot_password
+  do_forgot_password
+  process_forgot_password
+  do_process_forgot_password
   customer_suspend_pkg
   process_suspend_pkg
 ));
@@ -991,6 +1010,31 @@ sub process_change_password {
 
 }
 
+sub forgot_password {
+  login_info( 'agentnum' => scalar($cgi->param('agentnum')) ); #skin_info
+}
+
+sub do_forgot_password {
+  reset_passwd(
+    map { $_ => scalar($cgi->param($_)) }
+      qw( email username domain )
+  );
+}
+
+sub process_forgot_password {
+  check_reset_passwd(
+    map { $_ => scalar($cgi->param($_)) }
+      qw( session_id )
+  );
+}
+
+sub do_process_forgot_password {
+  process_reset_passwd(
+    map { $_ => scalar($cgi->param($_)) }
+      qw( session_id new_password new_password2 )
+  );
+}
+
 #--
 
 sub do_template {