version 1.2, 2006/10/23 21:40:31
|
version 1.11.2.1, 2009/09/14 14:48:20
|
Line 1
|
Line 1
|
# The LearningOnline Network |
# The LearningOnline Network |
# Allow access to password changing via a token sent to user's e-mail. |
# Allow access to password changing via a token sent to user's e-mail. |
# |
# |
|
# $Id$ |
|
# |
# Copyright Michigan State University Board of Trustees |
# Copyright Michigan State University Board of Trustees |
# |
# |
# This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
# This file is part of the LearningOnline Network with CAPA (LON-CAPA). |
Line 41 sub handler {
|
Line 43 sub handler {
|
if ($r->header_only) { |
if ($r->header_only) { |
return OK; |
return OK; |
} |
} |
my $start_page = |
|
&Apache::loncommon::start_page('Reset password','', |
|
{ |
|
'no_inline_link' => 1,}); |
|
$r->print($start_page); |
|
my $contact_name = &mt('LON-CAPA helpdesk'); |
my $contact_name = &mt('LON-CAPA helpdesk'); |
my $contact_email = $r->dir_config('lonSupportEMail'); |
my $contact_email = $r->dir_config('lonSupportEMail'); |
my $server = $r->dir_config('lonHostID'); |
my $server = $r->dir_config('lonHostID'); |
Line 58 sub handler {
|
Line 55 sub handler {
|
my $uname = &unescape($env{'form.uname'}); |
my $uname = &unescape($env{'form.uname'}); |
my $udom = $env{'form.udom'}; |
my $udom = $env{'form.udom'}; |
my $token = $env{'form.token'}; |
my $token = $env{'form.token'}; |
$r->print(&mt('<h3>Reset forgotten LON-CAPA password</h3>')); |
my $start_page = |
|
&Apache::loncommon::start_page('Reset password','', |
|
{ |
|
'no_inline_link' => 1,}); |
|
$r->print($start_page); |
|
$r->print('<h3>'.&mt('Reset forgotten LON-CAPA password').'</h3>'); |
my $output; |
my $output; |
if ($token) { |
if ($token) { |
$output = &reset_passwd($r,$token,$contact_name,$contact_email); |
$output = &reset_passwd($r,$token,$contact_name,$contact_email); |
} elsif ($uname && $udom) { |
} elsif ($uname && $udom) { |
my $domdesc = $Apache::lonnet::domaindescription{$udom}; |
my $domdesc = &Apache::lonnet::domain($udom,'description'); |
my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom); |
my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom); |
if ($authtype =~ /^internal/) { |
if ($authtype =~ /^internal/) { |
my %userinfo = |
my $useremail = $env{'form.useremail'}; |
&Apache::lonnet::get('environment',\@emailtypes,$udom,$uname); |
if ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { |
my $email = ''; |
$output = &invalid_state('baduseremail',$domdesc, |
my $emailtarget; |
|
foreach my $type (@emailtypes) { |
|
$email = $userinfo{$type}; |
|
if ($email =~ /[^\@]+\@[^\@]+/) { |
|
$emailtarget = $type; |
|
last; |
|
} |
|
} |
|
if ($email =~ /[^\@]+\@[^\@]+/) { |
|
$output = &send_token($uname,$udom,$email,$server,$domdesc, |
|
$contact_name,$contact_email); |
|
} else { |
|
$output = &invalid_state('missing',$domdesc, |
|
$contact_name,$contact_email); |
$contact_name,$contact_email); |
|
} else { |
|
my %userinfo = |
|
&Apache::lonnet::get('environment',\@emailtypes, |
|
$udom,$uname); |
|
my $email = ''; |
|
my $emailtarget; |
|
foreach my $type (@emailtypes) { |
|
$email = $userinfo{$type}; |
|
if ($email =~ /[^\@]+\@[^\@]+/) { |
|
$emailtarget = $type; |
|
last; |
|
} |
|
} |
|
if ($email =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { |
|
if ($useremail eq $email) { |
|
$output = &send_token($uname,$udom,$email,$server, |
|
$domdesc,$contact_name, |
|
$contact_email); |
|
} else { |
|
$output = &invalid_state('mismatch',$domdesc, |
|
$contact_name, |
|
$contact_email); |
|
} |
|
} else { |
|
$output = &invalid_state('missing',$domdesc, |
|
$contact_name,$contact_email); |
|
} |
} |
} |
} elsif ($authtype =~ /^(krb|unix|local)/) { |
} elsif ($authtype =~ /^(krb|unix|local)/) { |
$output = &invalid_state('authentication',$domdesc, |
$output = &invalid_state('authentication',$domdesc, |
Line 104 sub get_uname {
|
Line 120 sub get_uname {
|
my %lt = &Apache::lonlocal::texthash( |
my %lt = &Apache::lonlocal::texthash( |
unam => 'username', |
unam => 'username', |
udom => 'domain', |
udom => 'domain', |
|
uemail => 'E-mail address in LON-CAPA', |
proc => 'Proceed'); |
proc => 'Proceed'); |
|
|
my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); |
my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); |
$msg .= '<br /><br />'.&mt('Three conditions must be met:<ul><li>An e-mail address must have previously been associated with your LON-CAPA username.</li><li>You must be able to access e-mail sent to that address.</li><li>Your account must be of a type for which LON-CAPA can reset a password.</ul>'); |
$msg .= &mt('Three conditions must be met:') |
|
.'<ul><li>'.&mt('An e-mail address must have previously been associated with your GCI WebCenter username.').'</li>' |
|
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>' |
|
.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.') |
|
.'</ul>'; |
$msg .= qq| |
$msg .= qq| |
<form name="forgotpw" method="post"> |
<form name="forgotpw" method="post"> |
<table> |
<table> |
<tr><td> |
<tr><td> |
<tr><td align="left">LON-CAPA $lt{'unam'}: </td> |
<tr><td align="left">GCI WebCenter $lt{'unam'}: </td> |
<td><input type="text" name="uname" size="10" /> </td></tr> |
<td><input type="text" name="uname" size="15" /> </td></tr> |
<tr><td align="left">LON-CAPA $lt{'udom'}: </td> |
<tr><td align="left">GCI WebCenter $lt{'udom'}: </td> |
<td>|; |
<td>|; |
$msg .= &Apache::loncommon::select_dom_form($defdom,'udom'); |
$msg .= &Apache::loncommon::select_dom_form($defdom,'udom'); |
$msg .= qq|</td></tr> |
$msg .= qq|</td></tr> |
|
<tr><td align="left">$lt{'uemail'}: </td> |
|
<td><input type="text" name="useremail" size="30" /></td></tr> |
<tr><td colspan="2" align="left"><br /> |
<tr><td colspan="2" align="left"><br /> |
<input type="button" value="$lt{'proc'}" onClick="document.forgotpw.submit()"></td></tr> |
<input type="button" value="$lt{'proc'}" onClick="document.forgotpw.submit()"></td></tr> |
</table> |
</table> |
Line 129 sub get_uname {
|
Line 152 sub get_uname {
|
sub send_token { |
sub send_token { |
my ($uname,$udom,$email,$server,$domdesc,$contact_name, |
my ($uname,$udom,$email,$server,$domdesc,$contact_name, |
$contact_email) = @_; |
$contact_email) = @_; |
# my $token = MD5->hexhash(MD5->hexhash(time.{}.rand().$$)); |
my $msg = &mt('Thank you for your request to reset the password for your LON-CAPA account.').'<br /><br />'; |
my $msg = &mt('Thank you for your request to reset the password for your |
|
LON-CAPA account.').'<br /><br />'; |
|
|
|
my $now = time; |
my $now = time; |
my $temppasswd = &create_passwd(); |
my $temppasswd = &create_passwd(); |
Line 142 sub send_token {
|
Line 163 sub send_token {
|
'email' => $email, |
'email' => $email, |
'temppasswd' => $temppasswd); |
'temppasswd' => $temppasswd); |
|
|
my $token = &Apache::lonnet::tmpput(\%info,$server); |
my $token = &Apache::lonnet::tmpput(\%info,$server,'resetpw'); |
if ($token !~ /^error/) { |
if ($token !~ /^error/ && $token ne 'no_such_host') { |
my $esc_token = &escape($token); |
my $esc_token = &escape($token); |
my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ". |
my $showtime = &Apache::lonlocal::locallocaltime(time); |
"password for your LON-CAPA account.". |
my $reseturl = &Apache::lonnet::absolute_url().'/adm/resetpw?token='.$esc_token; |
"To complete this process please open a web browser and enter the following ". |
my $mailmsg = &mt('A request was submitted on [_1] for a reset of the password for your LON-CAPA account.',$showtime).' '.&mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]',$reseturl); |
"URL in the address/location box: ".&Apache::lonnet::absolute_url()."/adm/resetpw?token=$esc_token"; |
|
my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name, |
my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name, |
$contact_email); |
$contact_email); |
if ($result eq 'ok') { |
if ($result eq 'ok') { |
$msg .= &mt("An e-mail message sent to <b>$email</b> includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours."); |
$msg .= &mt("An e-mail message sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours."); |
} else { |
} else { |
$msg .= ("An error occurred when sending e-mail to $email with information about the reset process. Please contact the $contact_name ($contact_email) for assistance."); |
$msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); |
} |
} |
} else { |
} else { |
$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the $contact_name ($contact_email) for assistance."); |
$msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email); |
} |
} |
return $msg; |
return $msg; |
} |
} |
Line 185 sub invalid_state {
|
Line 205 sub invalid_state {
|
my ($error,$domdesc,$contact_name,$contact_email) = @_; |
my ($error,$domdesc,$contact_name,$contact_email) = @_; |
my $msg; |
my $msg; |
if ($error eq 'invalid') { |
if ($error eq 'invalid') { |
$msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc).&mt(' Please <a href="javascript:history.go(-1)"><u>go back</u></a> and try again.'); |
$msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc) |
|
.' '.&mt('Please [_1]go back[_2] and try again.','<a href="javascript:history.go(-1)"><u>','</u></a>'); |
} else { |
} else { |
if ($error eq 'missing') { |
if ($error eq 'baduseremail') { |
|
$msg = &mt('The e-mail address you provided does not appear to be a valid address.'); |
|
} elsif ($error eq 'mismatch') { |
|
$msg = &mt('The e-mail address you provided does not match the address recorded in the LON-CAPA system for the username and domain you provided.'); |
|
} elsif ($error eq 'missing') { |
$msg = &mt('A valid e-mail address was not located in the LON-CAPA system for the username and domain you provided.'); |
$msg = &mt('A valid e-mail address was not located in the LON-CAPA system for the username and domain you provided.'); |
} elsif ($error eq 'authentication') { |
} elsif ($error eq 'authentication') { |
$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.'); |
$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.'); |
} |
} |
if ($contact_email ne '') { |
if ($contact_email ne '') { |
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); |
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); |
$msg .= &mt(' You may wish to contact the <a href="/adm/helpdesk?origurl=[_1]">LON-CAPA helpdesk</a> for the [_2] domain.',$escuri,$domdesc); |
$msg .= '<br /> '.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.' |
|
,'<a href="/adm/helpdesk?origurl='.$escuri.'">','</a>',$domdesc); |
} else { |
} else { |
$msg .= &mt(' You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',Apache::lonnet::perlvar{'AdminEmail'},$domdesc); |
$msg .= '<br /> '.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); |
} |
} |
} |
} |
return $msg; |
return $msg; |
Line 214 sub reset_passwd {
|
Line 240 sub reset_passwd {
|
if (($data{'time'} =~ /^\d+$/) && |
if (($data{'time'} =~ /^\d+$/) && |
($data{'username'} ne '') && |
($data{'username'} ne '') && |
($data{'domain'} ne '') && |
($data{'domain'} ne '') && |
($data{'email'} =~ /^[^\@]+\@[^\@]+$/) && |
($data{'email'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) && |
($data{'temppasswd'} =~/^\w+$/)) { |
($data{'temppasswd'} =~/^\w+$/)) { |
my $reqtime = localtime($data{'time'}); |
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); |
if ($now - $data{'time'} < 7200) { |
if ($now - $data{'time'} < 7200) { |
if ($env{'form.action'} eq 'verify_and_change_pass') { |
if ($env{'form.action'} eq 'verify_and_change_pass') { |
my $change_failed = |
my $change_failed = |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
if (!$change_failed) { |
if (!$change_failed) { |
my $delete = &Apache::lonnet::tmpdel($token); |
my $delete = &Apache::lonnet::tmpdel($token); |
my $now = localtime(time); |
my $now = &Apache::lonlocal::locallocaltime(time); |
my $domdesc = |
my $domdesc = |
$Apache::lonnet::domaindescription{$data{'domain'}}; |
&Apache::lonnet::domain($data{'domain'},'description'); |
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
my $result = &send_mail($domdesc,$data{'email'},$mailmsg, |
$contact_name,$contact_email); |
$contact_name,$contact_email); |
Line 234 sub reset_passwd {
|
Line 260 sub reset_passwd {
|
} else { |
} else { |
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'}); |
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'}); |
} |
} |
$msg .= '<br /<br />'.&mt('<a href="/adm/login">Go to the login page</a>.'); |
$msg .= '<br /><br />'.&mt('<a href="/adm/login">Go to the login page</a>.'); |
} else { |
} else { |
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - (<a href="mailto:[_2]">[_2]</a>) for assistance.',$contact_name,$contact_email); |
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - (<a href="mailto:[_2]">[_2]</a>) for assistance.',$contact_name,$contact_email); |
} |
} |