|
version 1.6, 2007/03/08 01:58:45
|
version 1.11.4.1, 2009/10/09 17:39:35
|
|
Line 1
|
Line 1
|
| # The LearningOnline Network |
# The LearningOnline Network |
| # Allow access to password changing via a token sent to user's e-mail. |
# Allow access to password changing via a token sent to user's e-mail. |
| # |
# |
| |
# $Id$ |
| |
# |
| # Copyright Michigan State University Board of Trustees |
# Copyright Michigan State University Board of Trustees |
| # |
# |
| # This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
# This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
|
Line 24
|
Line 26
|
| # http://www.lon-capa.org/ |
# http://www.lon-capa.org/ |
| # |
# |
| # |
# |
| |
|
| |
=pod |
| |
|
| |
=head1 NAME |
| |
|
| |
Apache::resetpw: reset user password. |
| |
|
| |
=head1 SYNOPSIS |
| |
|
| |
Handles resetting of forgotten passwords. |
| |
|
| |
This is part of the LearningOnline Network with CAPA project |
| |
described at http://www.lon-capa.org. |
| |
|
| |
=head1 OVERVIEW |
| |
|
| |
A user with an e-mail address associated with his/her LON-CAPA username |
| |
can reset a forgotten password, using a link sent to the e-mail address |
| |
if the authentication type for the account is "internal". |
| |
|
| |
=cut |
| |
|
| package Apache::resetpw; |
package Apache::resetpw; |
| |
|
| use strict; |
use strict; |
|
Line 41 sub handler {
|
Line 65 sub handler {
|
| if ($r->header_only) { |
if ($r->header_only) { |
| return OK; |
return OK; |
| } |
} |
| my $start_page = |
|
| &Apache::loncommon::start_page('Reset password','', |
|
| { |
|
| 'no_inline_link' => 1,}); |
|
| $r->print($start_page); |
|
| my $contact_name = &mt('LON-CAPA helpdesk'); |
my $contact_name = &mt('LON-CAPA helpdesk'); |
| my $contact_email = $r->dir_config('lonSupportEMail'); |
my $contact_email = $r->dir_config('lonSupportEMail'); |
| my $server = $r->dir_config('lonHostID'); |
my $server = $r->dir_config('lonHostID'); |
| my $defdom = $r->dir_config('lonDefDomain'); |
my $defdom = &Apache::lonnet::default_login_domain(); |
| &Apache::lonacc::get_posted_cgi($r); |
&Apache::lonacc::get_posted_cgi($r); |
| &Apache::lonlocal::get_language_handle($r); |
&Apache::lonlocal::get_language_handle($r); |
| &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']); |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']); |
|
Line 58 sub handler {
|
Line 77 sub handler {
|
| my $uname = &unescape($env{'form.uname'}); |
my $uname = &unescape($env{'form.uname'}); |
| my $udom = $env{'form.udom'}; |
my $udom = $env{'form.udom'}; |
| my $token = $env{'form.token'}; |
my $token = $env{'form.token'}; |
| $r->print(&mt('<h3>Reset forgotten LON-CAPA password</h3>')); |
my $start_page = |
| |
&Apache::loncommon::start_page('Reset password','', |
| |
{ |
| |
'no_inline_link' => 1,}); |
| |
$r->print($start_page); |
| |
$r->print('<h3>'.&mt('Reset forgotten LON-CAPA password').'</h3>'); |
| my $output; |
my $output; |
| if ($token) { |
if ($token) { |
| $output = &reset_passwd($r,$token,$contact_name,$contact_email); |
$output = &reset_passwd($r,$token,$contact_name,$contact_email); |
|
Line 122 sub get_uname {
|
Line 146 sub get_uname {
|
| proc => 'Proceed'); |
proc => 'Proceed'); |
| |
|
| my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); |
my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); |
| $msg .= '<br /><br />'.&mt('Three conditions must be met:<ul><li>An e-mail address must have previously been associated with your LON-CAPA username.</li><li>You must be able to access e-mail sent to that address.</li><li>Your account must be of a type for which LON-CAPA can reset a password.</ul>'); |
$msg .= '<br /><br />'.&mt('Three conditions must be met:') |
| |
.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>' |
| |
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>' |
| |
.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.') |
| |
.'</ul>'; |
| $msg .= qq| |
$msg .= qq| |
| <form name="forgotpw" method="post"> |
<form name="forgotpw" method="post"> |
| <table> |
<table> |
|
Line 146 sub get_uname {
|
Line 174 sub get_uname {
|
| sub send_token { |
sub send_token { |
| my ($uname,$udom,$email,$server,$domdesc,$contact_name, |
my ($uname,$udom,$email,$server,$domdesc,$contact_name, |
| $contact_email) = @_; |
$contact_email) = @_; |
| my $msg = &mt('Thank you for your request to reset the password for your |
my $msg = &mt('Thank you for your request to reset the password for your LON-CAPA account.').'<br /><br />'; |
| LON-CAPA account.').'<br /><br />'; |
|
| |
|
| my $now = time; |
my $now = time; |
| my $temppasswd = &create_passwd(); |
my $temppasswd = &create_passwd(); |
|
Line 161 sub send_token {
|
Line 188 sub send_token {
|
| my $token = &Apache::lonnet::tmpput(\%info,$server,'resetpw'); |
my $token = &Apache::lonnet::tmpput(\%info,$server,'resetpw'); |
| if ($token !~ /^error/ && $token ne 'no_such_host') { |
if ($token !~ /^error/ && $token ne 'no_such_host') { |
| my $esc_token = &escape($token); |
my $esc_token = &escape($token); |
| my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ". |
my $mailmsg = "A request was submitted on ".&Apache::lonlocal::locallocaltime(time)." for a reset of the ". |
| "password for your LON-CAPA account.". |
"password for your LON-CAPA account.". |
| "To complete this process please open a web browser and enter the following ". |
"To complete this process please open a web browser and enter the following ". |
| "URL in the address/location box: ".&Apache::lonnet::absolute_url()."/adm/resetpw?token=$esc_token"; |
"URL in the address/location box: ".&Apache::lonnet::absolute_url()."/adm/resetpw?token=$esc_token"; |
|
Line 170 sub send_token {
|
Line 197 sub send_token {
|
| if ($result eq 'ok') { |
if ($result eq 'ok') { |
| $msg .= &mt("An e-mail message sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours."); |
$msg .= &mt("An e-mail message sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours."); |
| } else { |
} else { |
| $msg .= ("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); |
$msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); |
| } |
} |
| } else { |
} else { |
| $msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); |
$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); |
|
Line 201 sub invalid_state {
|
Line 228 sub invalid_state {
|
| my ($error,$domdesc,$contact_name,$contact_email) = @_; |
my ($error,$domdesc,$contact_name,$contact_email) = @_; |
| my $msg; |
my $msg; |
| if ($error eq 'invalid') { |
if ($error eq 'invalid') { |
| $msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc).&mt(' Please <a href="javascript:history.go(-1)"><u>go back</u></a> and try again.'); |
$msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc) |
| |
.' '.&mt('Please [_1]go back[_2] and try again.','<a href="javascript:history.go(-1)"><u>','</u></a>'); |
| } else { |
} else { |
| if ($error eq 'baduseremail') { |
if ($error eq 'baduseremail') { |
| $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); |
$msg = &mt('The e-mail address you provided does not appear to be a valid address.'); |
|
Line 214 sub invalid_state {
|
Line 242 sub invalid_state {
|
| } |
} |
| if ($contact_email ne '') { |
if ($contact_email ne '') { |
| my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); |
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); |
| $msg .= '<br />'.&mt(' You may wish to contact the <a href="/adm/helpdesk?origurl=[_1]">LON-CAPA helpdesk</a> for the [_2] domain.',$escuri,$domdesc); |
$msg .= '<br /> '.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.' |
| |
,'<a href="/adm/helpdesk?origurl='.$escuri.'">','</a>',$domdesc); |
| } else { |
} else { |
| $msg .= '<br />'.&mt(' You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); |
$msg .= '<br /> '.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); |
| } |
} |
| } |
} |
| return $msg; |
return $msg; |
|
Line 236 sub reset_passwd {
|
Line 265 sub reset_passwd {
|
| ($data{'domain'} ne '') && |
($data{'domain'} ne '') && |
| ($data{'email'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) && |
($data{'email'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) && |
| ($data{'temppasswd'} =~/^\w+$/)) { |
($data{'temppasswd'} =~/^\w+$/)) { |
| my $reqtime = localtime($data{'time'}); |
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); |
| if ($now - $data{'time'} < 7200) { |
if ($now - $data{'time'} < 7200) { |
| if ($env{'form.action'} eq 'verify_and_change_pass') { |
if ($env{'form.action'} eq 'verify_and_change_pass') { |
| |
unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) { |
| |
$msg = &generic_failure_msg($contact_name,$contact_email); |
| |
return $msg; |
| |
} |
| my $change_failed = |
my $change_failed = |
| &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
| if (!$change_failed) { |
if (!$change_failed) { |
| my $delete = &Apache::lonnet::tmpdel($token); |
my $delete = &Apache::lonnet::tmpdel($token); |
| my $now = localtime(time); |
my $now = &Apache::lonlocal::locallocaltime(time); |
| my $domdesc = |
my $domdesc = |
| &Apache::lonnet::domain($data{'domain'},'description'); |
&Apache::lonnet::domain($data{'domain'},'description'); |
| my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
|
Line 255 sub reset_passwd {
|
Line 288 sub reset_passwd {
|
| $msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'}); |
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'}); |
| } |
} |
| $msg .= '<br /><br />'.&mt('<a href="/adm/login">Go to the login page</a>.'); |
$msg .= '<br /><br />'.&mt('<a href="/adm/login">Go to the login page</a>.'); |
| |
} elsif ($change_failed eq 'invalid_client') { |
| |
my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'}); |
| |
if ($homeserver eq 'no_host') { |
| |
$msg .= &generic_failure_msg($contact_name,$contact_email); |
| |
} else { |
| |
my $protocol = $Apache::lonnet::protocol{$homeserver}; |
| |
$protocol = 'http' if ($protocol ne 'https'); |
| |
my $url = $protocol.'://'.&Apache::lonnet::hostname($homeserver). |
| |
'/adm/resetpw'; |
| |
my ($opentag,$closetag); |
| |
if ($url) { |
| |
$opentag = '<a href="'.$url.'">'; |
| |
$closetag = '</a>'; |
| |
} |
| |
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag); |
| |
} |
| } else { |
} else { |
| $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - (<a href="mailto:[_2]">[_2]</a>) for assistance.',$contact_name,$contact_email); |
$msg .= &generic_failure_msg($contact_name,$contact_email); |
| } |
} |
| } else { |
} else { |
| $r->print(&mt('The token included in an email sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />'); |
$r->print(&mt('The token included in an email sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />'); |
|
Line 272 sub reset_passwd {
|
Line 321 sub reset_passwd {
|
| return $msg; |
return $msg; |
| } |
} |
| |
|
| |
sub generic_failure_msg { |
| |
my ($contact_name,$contact_email) = @_; |
| |
return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.', |
| |
$contact_name,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>'); |
| |
} |
| |
|
| sub create_passwd { |
sub create_passwd { |
| my $passwd = ''; |
my $passwd = ''; |
| my @letts = ("a".."z"); |
my @letts = ("a".."z"); |
![[BACK]](/icons/back.gif){kind=icon}
Return to resetpw.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface