+# sub contact_passwd {
+# my $p = shift;
+# my($context, $session, $custnum) = _custoragent_session_custnum($p);
+# return { 'error' => $session } if $context eq 'error';
+#
+# return { 'error' => 'Not logged in as a contact.' }
+# unless $session->{'contactnum'};
+#
+# return { 'error' => "New passwords don't match." }
+# if $p->{'new_password'} ne $p->{'new_password2'};
+#
+# return { 'error' => 'Enter new password' }
+# unless length($p->{'new_password'});
+#
+# #my $search = { 'custnum' => $custnum };
+# #$search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
+# $custnum =~ /^(\d+)$/ or die "illegal custnum";
+# my $search = " AND selfservice_access IS NOT NULL ".
+# " AND selfservice_access = 'Y' ".
+# " AND ( disabled IS NULL OR disabled = '' )".
+# " AND custnum IS NOT NULL AND custnum = $1";
+# $search .= " AND agentnum = ". $session->{'agentnum'} if $context eq 'agent';
+#
+# my $contact = qsearchs( {
+# 'table' => 'contact',
+# 'addl_from' => 'LEFT JOIN cust_main USING ( custnum ) ',
+# 'hashref' => { 'contactnum' => $session->{'contactnum'}, },
+# 'extra_sql' => $search, #important
+# } )
+# or return { 'error' => "Email not found" }; #? how did we get logged in?
+# # deleted since then?
+#
+# my $error = '';
+#
+# # use these svc_acct length restrictions??
+# my $conf = new FS::Conf;
+# $error = 'Password too short.'
+# if length($p->{'new_password'}) < ($conf->config('passwordmin') || 6);
+# $error = 'Password too long.'
+# if length($p->{'new_password'}) > ($conf->config('passwordmax') || 8);
+#
+# $error ||= $contact->change_password($p->{'new_password'});
+#
+# return { 'error' => $error, };
+#
+# }
+
+sub reset_passwd {
+ my $p = shift;
+
+ my $info = skin_info($p);
+
+ my $conf = new FS::Conf;
+ my $verification = $conf->config('selfservice-password_reset_verification')
+ or return { %$info, 'error' => 'Password resets disabled' };
+
+ my $contact = '';
+ my $svc_acct = '';
+ my $cust_main = '';
+ if ( $p->{'email'} ) { #new-style, changes contact and svc_acct
+
+ $contact = FS::contact->by_selfservice_email($p->{'email'});
+
+ $cust_main = $contact->cust_main if $contact;
+
+ #also look for an svc_acct, otherwise it would be super confusing
+
+ my($username, $domain) = split('@', $p->{'email'});
+ my $svc_domain = qsearchs('svc_domain', { 'domain' => $domain } );
+ if ( $svc_domain ) {
+ $svc_acct = qsearchs('svc_acct', { 'username' => $p->{'username'},
+ 'domsvc' => $svc_domain->svcnum }
+ );
+ if ( $svc_acct ) {
+ my $cust_pkg = $svc_acct->cust_svc->cust_pkg;
+ $cust_main ||= $cust_pkg->cust_main if $cust_pkg;
+
+ #precaution: don't change svc_acct password not part of the same
+ # customer as contact
+ $svc_acct = '' if ! $cust_pkg
+ || $cust_pkg->custnum != $cust_main->custnum;
+ }
+
+ }
+
+ return { %$info, 'error' => 'Email address not found' }
+ unless $contact || $svc_acct;
+
+ } elsif ( $p->{'username'} ) { #old style, looks in svc_acct only
+
+ my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } )
+ or return { %$info, 'error' => 'Account not found' };
+
+ $svc_acct = qsearchs('svc_acct', { 'username' => $p->{'username'},
+ 'domsvc' => $svc_domain->svcnum }
+ )
+ or return { %$info, 'error' => 'Account not found' };
+
+ my $cust_pkg = $svc_acct->cust_svc->cust_pkg
+ or return { %$info, 'error' => 'Account not found' };
+
+ $cust_main = $cust_pkg->cust_main;
+
+ }
+
+ my %verify = (
+ 'email' => sub { 1; },
+ 'paymask' => sub {
+ my( $p, $cust_main ) = @_;
+ $cust_main->payby =~ /^(CARD|DCRD|CHEK|DCHK)$/
+ && $p->{'paymask'} eq substr($cust_main->paymask, -4)
+ },
+ 'amount' => sub {
+ my( $p, $cust_main ) = @_;
+ my $cust_pay = qsearchs({
+ 'table' => 'cust_pay',
+ 'hashref' => { 'custnum' => $cust_main->custnum },
+ 'order_by' => 'ORDER BY _date DESC LIMIT 1',
+ })
+ or return 0;
+
+ $p->{'amount'} == $cust_pay->paid;
+ },
+ 'zip' => sub {
+ my( $p, $cust_main ) = @_;
+ $p->{'zip'} eq $cust_main->zip
+ || ( $cust_main->ship_zip && $p->{'zip'} eq $cust_main->ship_zip );
+ },
+ );
+
+ foreach my $verify ( split(',', $verification) ) {
+
+ &{ $verify{$verify} }( $p, $cust_main )
+ or return { %$info, 'error' => 'Account not found' };
+
+ }
+
+ #okay, we're verified
+
+ if ( $contact ) {
+
+ my $error = $contact->send_reset_email(
+ 'svcnum' => ($svc_acct ? $svc_acct->svcnum : ''),
+ );
+
+ if ( $error ) {
+ return { %$info, 'error' => $error }; #????
+ }
+
+ } elsif ( $svc_acct ) {
+
+ #create a unique session
+
+ my $reset_session = {
+ 'svcnum' => $svc_acct->svcnum,
+ 'agentnum' =>
+ };
+
+ my $timeout = '1 hour'; #?
+
+ my $reset_session_id;
+ do {
+ $reset_session_id = sha512_hex(time(). {}. rand(). $$)
+ } until ( ! defined _cache->get("reset_passwd_$reset_session_id") );
+ #just in case
+
+ _cache->set( "reset_passwd_$reset_session_id", $reset_session, $timeout );
+
+ #email it
+
+ my $msgnum = $conf->config('selfservice-password_reset_msgnum',
+ $cust_main->agentnum);
+ #die "selfservice-password_reset_msgnum unset" unless $msgnum;
+ return { %$info, 'error' => "selfservice-password_reset_msgnum unset" }
+ unless $msgnum;
+ my $msg_template = qsearchs('msg_template', { msgnum => $msgnum } );
+ my $error = $msg_template->send( 'cust_main' => $cust_main,
+ 'object' => $svc_acct,
+ 'substitutions' => {
+ 'session_id' => $reset_session_id,
+ }
+ );
+ if ( $error ) {
+ return { %$info, 'error' => $error }; #????
+ }
+
+ }
+
+ return { %$info, 'error' => '' };
+}
+
+sub check_reset_passwd {
+ my $p = shift;
+
+ my $conf = new FS::Conf;
+ my $verification = $conf->config('selfservice-password_reset_verification')
+ or return { 'error' => 'Password resets disabled' };
+
+ my $reset_session = _cache->get('reset_passwd_'. $p->{'session_id'})
+ or return { 'error' => "Can't resume session" }; #better error message
+
+ if ( $reset_session->{'svcnum'} ) {
+
+ my $svcnum = $reset_session->{'svcnum'};
+
+ my $svc_acct = qsearchs('svc_acct', { 'svcnum' => $svcnum } )
+ or return { 'error' => "Service not found" };
+
+ $p->{'agentnum'} = $svc_acct->cust_svc->cust_pkg->cust_main->agentnum;
+ my $info = skin_info($p);
+
+ return { %$info,
+ 'error' => '',
+ 'session_id' => $p->{'session_id'},
+ 'username' => $svc_acct->username,
+ };
+
+ } elsif ( $reset_session->{'contactnum'} ) {
+
+ my $contactnum = $reset_session->{'contactnum'};
+
+ my $contact = qsearchs('contact', { 'contactnum' => $contactnum } )
+ or return { 'error' => "Contact not found" };
+
+ my @contact_email = $contact->contact_email;
+ return { 'error' => 'No contact email' } unless @contact_email;
+
+ $p->{'agentnum'} = $contact->cust_main->agentnum;
+ my $info = skin_info($p);
+
+ return { %$info,
+ 'error' => '',
+ 'session_id' => $p->{'session_id'},
+ 'email' => $contact_email[0]->email, #the first?
+ };
+
+ } else {
+
+ return { 'error' => 'No svcnum or contactnum in session' }; #??
+
+ }
+
+}
+
+sub process_reset_passwd {
+ my $p = shift;
+
+ my $conf = new FS::Conf;
+ my $verification = $conf->config('selfservice-password_reset_verification')
+ or return { 'error' => 'Password resets disabled' };
+
+ my $reset_session = _cache->get('reset_passwd_'. $p->{'session_id'})
+ or return { 'error' => "Can't resume session" }; #better error message
+
+ my $info = '';
+
+ my $svc_acct = '';
+ if ( $reset_session->{'svcnum'} ) {
+
+ my $svcnum = $reset_session->{'svcnum'};
+
+ $svc_acct = qsearchs('svc_acct', { 'svcnum' => $svcnum } )
+ or return { 'error' => "Service not found" };
+
+ $p->{'agentnum'} ||= $svc_acct->cust_svc->cust_pkg->cust_main->agentnum;
+ $info ||= skin_info($p);
+
+ }
+
+ my $contact = '';
+ if ( $reset_session->{'contactnum'} ) {
+
+ my $contactnum = $reset_session->{'contactnum'};
+
+ $contact = qsearchs('contact', { 'contactnum' => $contactnum } )
+ or return { 'error' => "Contact not found" };
+
+ $p->{'agentnum'} ||= $contact->cust_main->agentnum;
+ $info ||= skin_info($p);
+
+ }
+
+ return { %$info, 'error' => "New passwords don't match." }
+ if $p->{'new_password'} ne $p->{'new_password2'};
+
+ return { %$info, 'error' => 'Enter new password' }
+ unless length($p->{'new_password'});
+
+ if ( $svc_acct ) {
+
+ $svc_acct->set_password($p->{'new_password'});
+ my $error = $svc_acct->replace();
+
+ return { %$info, 'error' => $error } if $error;
+
+ #my($label, $value) = $svc_acct->cust_svc->label;
+ #return { 'error' => $error,
+ # #'label' => $label,
+ # #'value' => $value,
+ # };
+
+ }
+
+ if ( $contact ) {
+
+ my $error = $contact->change_password($p->{'new_password'});
+
+ return { %$info, 'error' => $error }; # if $error;
+
+ }
+
+ #password changed ,so remove session, don't want it reused
+ _cache->remove($p->{'session_id'});
+
+ return { %$info, 'error' => '' };
+
+}
+