From 120718856665ca90ad852535d1155f8ea8ecb6b6 Mon Sep 17 00:00:00 2001
From: Ivan Kohler <ivan@freeside.biz>
Date: Thu, 9 May 2013 01:42:39 -0700
Subject: NG auth: pw changes, RT#21563

---
 httemplate/pref/pref-process.html | 36 ++++++++++++++++++------------------
 httemplate/pref/pref.html         | 34 ++++++++++++++++++----------------
 2 files changed, 36 insertions(+), 34 deletions(-)

(limited to 'httemplate/pref')

diff --git a/httemplate/pref/pref-process.html b/httemplate/pref/pref-process.html
index 242e12294..962ee51b6 100644
--- a/httemplate/pref/pref-process.html
+++ b/httemplate/pref/pref-process.html
@@ -13,35 +13,35 @@ if ( FS::Conf->new->exists('disable_acl_changes') ) {
 }
 
 my $error = '';
-my $access_user = '';
 
-if ( grep { $cgi->param($_) !~ /^\s*$/ }
-          qw(_password new_password new_password2)
+if ( FS::Auth->auth_class->can('change_password')
+       && grep { $cgi->param($_) !~ /^\s*$/ }
+            qw(_password new_password new_password2)
    ) {
 
-  $access_user = qsearchs( 'access_user', {
-    'usernum'   => $FS::CurrentUser::CurrentUser->usernum,
-    'username'  => $FS::CurrentUser::CurrentUser->username,
-    '_password' => scalar($cgi->param('_password')),
-  } );
+  if ( $cgi->param('new_password') ne $cgi->param('new_password2') ) {
+    $error = "New passwords don't match";
 
-  $error = 'Current password incorrect; password not changed'
-    unless $access_user;
+  } elsif ( ! length($cgi->param('new_password')) ) {
+    $error = 'No new password entered';
 
-  $error ||= "New passwords don't match"
-    unless $cgi->param('new_password') eq $cgi->param('new_password2');
+  } elsif ( ! FS::Auth->authenticate( $FS::CurrentUser::CurrentUser,
+                                      scalar($cgi->param('_password')) )
+          ) {
+    $error = 'Current password incorrect; password not changed';
 
-  $error ||= "No new password entered"
-   unless length($cgi->param('new_password'));
+  } else {
 
-  $access_user->_password($cgi->param('new_password')) unless $error;
+    $error = $FS::CurrentUser::CurrentUser->change_password(
+      scalar($cgi->param('new_password'))
+    );
 
-} else {
-
-  $access_user = $FS::CurrentUser::CurrentUser;
+  }
 
 }
 
+my $access_user = $FS::CurrentUser::CurrentUser;
+
 #well, if you got your password change wrong, you don't get anything else
 #changed right now.  but it should be sticky on the form
 unless ( $error ) { # if ($access_user) {
diff --git a/httemplate/pref/pref.html b/httemplate/pref/pref.html
index 9861c3f85..dc44db0b0 100644
--- a/httemplate/pref/pref.html
+++ b/httemplate/pref/pref.html
@@ -4,28 +4,30 @@
 
 <% include('/elements/error.html') %>
 
+% if ( FS::Auth->auth_class->can('change_password') ) {
 
-<% mt('Change password (leave blank for no change)') |h %>
-<% ntable("#cccccc",2) %>
+    <% mt('Change password (leave blank for no change)') |h %>
+    <% ntable("#cccccc",2) %>
 
-  <TR>
-    <TH ALIGN="right">Current password: </TH>
-    <TD><INPUT TYPE="password" NAME="_password"></TD>
-  </TR>
+      <TR>
+        <TH ALIGN="right">Current password: </TH>
+        <TD><INPUT TYPE="password" NAME="_password"></TD>
+      </TR>
 
-  <TR>
-    <TH ALIGN="right">New password: </TH>
-    <TD><INPUT TYPE="password" NAME="new_password"></TD>
-  </TR>
+      <TR>
+        <TH ALIGN="right">New password: </TH>
+        <TD><INPUT TYPE="password" NAME="new_password"></TD>
+      </TR>
 
-  <TR>
-   <TH ALIGN="right">Re-enter new password: </TH>
-   <TD><INPUT TYPE="password" NAME="new_password2"></TD>
-  </TR>
+      <TR>
+       <TH ALIGN="right">Re-enter new password: </TH>
+       <TD><INPUT TYPE="password" NAME="new_password2"></TD>
+      </TR>
 
-</TABLE>
-<BR>
+    </TABLE>
+    <BR>
 
+% }
 
 Interface
 <% ntable("#cccccc",2) %>
-- 
cgit v1.2.1