diff options
Diffstat (limited to 'fs_selfservice')
6 files changed, 224 insertions, 46 deletions
diff --git a/fs_selfservice/FS-SelfService/cgi/do_forgot_password.html b/fs_selfservice/FS-SelfService/cgi/do_forgot_password.html new file mode 100644 index 0000000..adf8cca --- /dev/null +++ b/fs_selfservice/FS-SelfService/cgi/do_forgot_password.html @@ -0,0 +1,18 @@ +<HTML> + <HEAD> + <TITLE>Forgot password</TITLE> + <%= $head %> + </HEAD> + <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>"> + <%= $body_header %> + +<FONT SIZE=5>Forgot password</FONT><BR><BR> +<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT> + +<%= if (!$error) { + $OUT .= 'A verification email has been sent to your mailbox. Please follow + the link in your email to complete your password reset.'; + } +%> + +<%= $body_footer %> diff --git a/fs_selfservice/FS-SelfService/cgi/do_process_forgot_password.html b/fs_selfservice/FS-SelfService/cgi/do_process_forgot_password.html new file mode 100644 index 0000000..9274f92 --- /dev/null +++ b/fs_selfservice/FS-SelfService/cgi/do_process_forgot_password.html @@ -0,0 +1,18 @@ +<HTML> + <HEAD> + <TITLE>Reset password</TITLE> + <%= $head %> + </HEAD> + <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>"> + <%= $body_header %> + +<FONT SIZE=5>Reset password</FONT><BR><BR> +<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT> + +<%= if (!$error) { + $self_url =~ s/\?.*//; + $OUT .= "Your password has been changed. You can now <A HREF=\"$self_url\">log in</A>."; + } +%> + +<%= $body_footer %> diff --git a/fs_selfservice/FS-SelfService/cgi/forgot_password.html b/fs_selfservice/FS-SelfService/cgi/forgot_password.html new file mode 100644 index 0000000..e14034c --- /dev/null +++ b/fs_selfservice/FS-SelfService/cgi/forgot_password.html @@ -0,0 +1,53 @@ +<HTML> + <HEAD> + <TITLE>Forgot password</TITLE> + <%= $head %> + </HEAD> + <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>"> + <%= $body_header %> + +<FONT SIZE=5>Forgot password</FONT><BR><BR> +<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT> + +<FORM ACTION="<%= $self_url %>" METHOD=POST> +<INPUT TYPE="hidden" NAME="action" VALUE="do_forgot_password"> +<INPUT TYPE="hidden" NAME="agentnum" VALUE="<%= $agentnum %>"> + +Please enter your email address. A password reset email will be sent to that address. + +<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0> + +<TR> + <TH ALIGN="right">Email address </TH> + <TD> + <INPUT TYPE="text" NAME="email" VALUE="<%= $username %>"><%= $single_domain ? '@'.$single_domain : '' %> + </TD> +</TR> + +<%= +if ( $single_domain ) { + + $OUT .= qq(<INPUT TYPE="hidden" NAME="domain" VALUE="$single_domain">); + +} else { + + $OUT .= qq( + <TR> + <TH ALIGN="right">Domain </TH> + <TD> + <INPUT TYPE="text" NAME="domain" VALUE="$domain"> + </TD> + </TR> + ); + +} + +%> + +<TR> + <TD COLSPAN=2 ALIGN="center"><INPUT TYPE="submit" VALUE="Send reset email"></TD> +</TR> +</TABLE> +</FORM> + +<%= $body_footer %> diff --git a/fs_selfservice/FS-SelfService/cgi/login.html b/fs_selfservice/FS-SelfService/cgi/login.html index 68f3ae4..65efd7b 100644 --- a/fs_selfservice/FS-SelfService/cgi/login.html +++ b/fs_selfservice/FS-SelfService/cgi/login.html @@ -15,25 +15,26 @@ <TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0> -<TR> - <TH ALIGN="right">Username </TH> - <TD> - <INPUT TYPE="text" NAME="username" VALUE="<%= $username %>"><%= $single_domain ? '@'.$single_domain : '' %> - </TD> -</TR> - <%= if ( $single_domain ) { - $OUT .= qq(<INPUT TYPE="hidden" NAME="domain" VALUE="$single_domain">); + $OUT .= qq( + <TR> + <TH ALIGN="right">Username </TH> + <TD> + <INPUT TYPE="text" NAME="username" VALUE="$username">\@$single_domain + </TD> + </TR> + <INPUT TYPE="hidden" NAME="domain" VALUE="$single_domain"> + ); } else { $OUT .= qq( <TR> - <TH ALIGN="right">Domain </TH> + <TH ALIGN="right">Email address </TH> <TD> - <INPUT TYPE="text" NAME="domain" VALUE="$domain"> + <INPUT TYPE="text" NAME="email" VALUE="$email"> </TD> </TR> ); diff --git a/fs_selfservice/FS-SelfService/cgi/process_forgot_password.html b/fs_selfservice/FS-SelfService/cgi/process_forgot_password.html new file mode 100644 index 0000000..3d8c058 --- /dev/null +++ b/fs_selfservice/FS-SelfService/cgi/process_forgot_password.html @@ -0,0 +1,44 @@ +<HTML> + <HEAD> + <TITLE>Reset password</TITLE> + <%= $head %> + </HEAD> + <BODY BGCOLOR="<%= $body_bgcolor || '#eeeeee' %>"> + <%= $body_header %> + +<FONT SIZE=5>Reset password</FONT><BR><BR> +<FONT SIZE="+1" COLOR="#ff0000"><%= $error %></FONT> + +<FORM ACTION="<%= $self_url %>" METHOD=POST> +<INPUT TYPE="hidden" NAME="action" VALUE="do_process_forgot_password"> +<INPUT TYPE="hidden" NAME="session_id" VALUE="<%= $session_id %>"> +<INPUT TYPE="hidden" NAME="agentnum" VALUE="<%= $agentnum %>"> + +<TABLE BGCOLOR="<%= $box_bgcolor || '#c0c0c0' %>" BORDER=0 CELLSPACING=2 CELLPADDING=0> + +<%= if (!$error) { + + $OUT .= <<'END'; + + <TR> + <TH ALIGN="right">New password: </TH> + <TD><INPUT TYPE="password" NAME="new_password" SIZE="18"></TD> + </TR> + + <TR> + <TH ALIGN="right">Re-enter new password: </TH> + <TD><INPUT TYPE="password" NAME="new_password2" SIZE="18"></TD> + </TR> + + <TR> + <TD COLSPAN=2 ALIGN="center"><INPUT TYPE="submit" VALUE="Change password"></TD> + </TR> +END + + } +%> + +</TABLE> +</FORM> + +<%= $body_footer %> diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index ea2a40b..8d3a23b 100755 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -22,6 +22,7 @@ use FS::SelfService qw( adjust_ticket_priority mason_comp port_graph start_thirdparty finish_thirdparty + reset_passwd check_reset_passwd process_reset_passwd ); $template_dir = '.'; @@ -42,54 +43,68 @@ if ( exists($cookies{'session'}) ) { if ( $session_id eq 'login' ) { # then we've just come back from the login page - $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i; - my $username = $1; - - $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/; - my $domain = $1; - $cgi->param('password') =~ /^(.{0,$form_max})$/; my $password = $1; - if ( $username and $domain and $password ) { + if ( $cgi->param('email') =~ /^\s*([a-z0-9_\-\.\@]{1,$form_max})\s*$/i ) { - # authenticate + my $email = $1; $login_rv = login( - 'username' => $username, - 'domain' => $domain, - 'password' => $password, + 'email' => $email, + 'password' => $password ); $session_id = $login_rv->{'session_id'}; - } elsif ( $username or $domain or $password ) { + } else { + + $cgi->param('username') =~ /^\s*([a-z0-9_\-\.\&]{0,$form_max})\s*$/i; + my $username = $1; + + $cgi->param('domain') =~ /^\s*([\w\-\.]{0,$form_max})\s*$/; + my $domain = $1; + + if ( $username and $domain and $password ) { + + # authenticate + $login_rv = login( + 'username' => $username, + 'domain' => $domain, + 'password' => $password, + ); + $session_id = $login_rv->{'session_id'}; + + } elsif ( $username or $domain or $password ) { - my $error = 'Illegal '; #XXX localization... - my $count = 0; - if ( !$username ) { - $error .= 'username'; - $count++; - } - if ( !$domain ) { - $error .= ', ' if $count; - $error .= 'domain'; - $count++; - } - if ( !$password ) { - $error .= ', ' if $count; - $error .= 'and ' if $count > 1; - $error .= 'password'; - $count++; + my $error = 'Illegal '; #XXX localization... + my $count = 0; + if ( !$username ) { + $error .= 'username'; + $count++; + } + if ( !$domain ) { + $error .= ', ' if $count; + $error .= 'domain'; + $count++; + } + if ( !$password ) { + $error .= ', ' if $count; + $error .= 'and ' if $count > 1; + $error .= 'password'; + $count++; + } + $error .= '.'; + $login_rv = { + 'username' => $username, + 'domain' => $domain, + 'password' => $password, + 'error' => $error, + }; + $session_id = undef; # attempt login again + } - $error .= '.'; - $login_rv = { - 'username' => $username, - 'domain' => $domain, - 'password' => $password, - 'error' => $error, - }; - $session_id = undef; # attempt login again } # else there was no input, so show no error message + } # else session_id ne 'login' } else { @@ -157,6 +172,10 @@ my @actions = ( qw( real_port_graph change_password process_change_password + forgot_password + do_forgot_password + process_forgot_password + do_process_forgot_password customer_suspend_pkg process_suspend_pkg )); @@ -991,6 +1010,31 @@ sub process_change_password { } +sub forgot_password { + login_info( 'agentnum' => scalar($cgi->param('agentnum')) ); #skin_info +} + +sub do_forgot_password { + reset_passwd( + map { $_ => scalar($cgi->param($_)) } + qw( email username domain ) + ); +} + +sub process_forgot_password { + check_reset_passwd( + map { $_ => scalar($cgi->param($_)) } + qw( session_id ) + ); +} + +sub do_process_forgot_password { + process_reset_passwd( + map { $_ => scalar($cgi->param($_)) } + qw( session_id new_password new_password2 ) + ); +} + #-- sub do_template { |