version 1.17, 2009/04/29 16:57:29
|
version 1.23, 2010/02/19 15:41:40
|
Line 26
|
Line 26
|
# http://www.lon-capa.org/ |
# http://www.lon-capa.org/ |
# |
# |
# |
# |
|
|
|
=pod |
|
|
|
=head1 NAME |
|
|
|
Apache::resetpw: reset user password. |
|
|
|
=head1 SYNOPSIS |
|
|
|
Handles resetting of forgotten passwords. |
|
|
|
This is part of the LearningOnline Network with CAPA project |
|
described at http://www.lon-capa.org. |
|
|
|
=head1 OVERVIEW |
|
|
|
A user with an e-mail address associated with his/her LON-CAPA username |
|
can reset a forgotten password, using a link sent to the e-mail address |
|
if the authentication type for the account is "internal". |
|
|
|
=cut |
|
|
package Apache::resetpw; |
package Apache::resetpw; |
|
|
use strict; |
use strict; |
Line 46 sub handler {
|
Line 68 sub handler {
|
my $contact_name = &mt('LON-CAPA helpdesk'); |
my $contact_name = &mt('LON-CAPA helpdesk'); |
my $contact_email = $r->dir_config('lonSupportEMail'); |
my $contact_email = $r->dir_config('lonSupportEMail'); |
my $server = $r->dir_config('lonHostID'); |
my $server = $r->dir_config('lonHostID'); |
my $defdom = $r->dir_config('lonDefDomain'); |
my $defdom = &Apache::lonnet::default_login_domain(); |
&Apache::lonacc::get_posted_cgi($r); |
&Apache::lonacc::get_posted_cgi($r); |
&Apache::lonlocal::get_language_handle($r); |
&Apache::lonlocal::get_language_handle($r); |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']); |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']); |
Line 76 sub handler {
|
Line 98 sub handler {
|
my %userinfo = |
my %userinfo = |
&Apache::lonnet::get('environment',\@emailtypes, |
&Apache::lonnet::get('environment',\@emailtypes, |
$udom,$uname); |
$udom,$uname); |
my $email = ''; |
my @allemails; |
my $emailtarget; |
|
foreach my $type (@emailtypes) { |
foreach my $type (@emailtypes) { |
$email = $userinfo{$type}; |
my $email = $userinfo{$type}; |
if ($email =~ /[^\@]+\@[^\@]+/) { |
my @items; |
$emailtarget = $type; |
if ($email =~ /,/) { |
last; |
@items = split(',',$userinfo{$type}); |
|
} else { |
|
@items = ($email); |
|
} |
|
foreach my $item (@items) { |
|
if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { |
|
unless(grep(/^\Q$item\E$/,@allemails)) { |
|
push(@allemails,$item); |
|
} |
|
} |
} |
} |
} |
} |
if ($email =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) { |
if (@allemails > 0) { |
if ($useremail eq $email) { |
if (grep(/^\Q$useremail\E$/,@allemails)) { |
$output = &send_token($uname,$udom,$email,$server, |
$output = &send_token($uname,$udom,$useremail,$server, |
$domdesc,$contact_name, |
$domdesc,$contact_name, |
$contact_email); |
$contact_email); |
} else { |
} else { |
Line 123 sub get_uname {
|
Line 153 sub get_uname {
|
uemail => 'E-mail address in LON-CAPA', |
uemail => 'E-mail address in LON-CAPA', |
proc => 'Proceed'); |
proc => 'Proceed'); |
|
|
my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); |
my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); |
$msg .= '<br /><br />'.&mt('Three conditions must be met:') |
$msg .= '<br /><br />'.&mt('Three conditions must be met:') |
.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>' |
.'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>' |
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>' |
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>' |
Line 246 sub reset_passwd {
|
Line 276 sub reset_passwd {
|
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); |
my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); |
if ($now - $data{'time'} < 7200) { |
if ($now - $data{'time'} < 7200) { |
if ($env{'form.action'} eq 'verify_and_change_pass') { |
if ($env{'form.action'} eq 'verify_and_change_pass') { |
|
unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) { |
|
$msg = &generic_failure_msg($contact_name,$contact_email); |
|
return $msg; |
|
} |
my $change_failed = |
my $change_failed = |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); |
if (!$change_failed) { |
if (!$change_failed) { |
Line 263 sub reset_passwd {
|
Line 297 sub reset_passwd {
|
} |
} |
$msg .= '<br /><br />' |
$msg .= '<br /><br />' |
.'<a href="/adm/login">'.&mt('Go to the login page').'</a>.'; |
.'<a href="/adm/login">'.&mt('Go to the login page').'</a>.'; |
|
} elsif ($change_failed eq 'invalid_client') { |
|
my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'}); |
|
if ($homeserver eq 'no_host') { |
|
$msg .= &generic_failure_msg($contact_name,$contact_email); |
|
} else { |
|
my $protocol = $Apache::lonnet::protocol{$homeserver}; |
|
$protocol = 'http' if ($protocol ne 'https'); |
|
my $url = $protocol.'://'.&Apache::lonnet::hostname($homeserver). |
|
'/adm/resetpw'; |
|
my ($opentag,$closetag); |
|
if ($url) { |
|
$opentag = '<a href="'.$url.'">'; |
|
$closetag = '</a>'; |
|
} |
|
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag); |
|
} |
} else { |
} else { |
$msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.' |
$msg .= &generic_failure_msg($contact_name,$contact_email); |
,$contact_name |
|
,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>'); |
|
} |
} |
} else { |
} else { |
$r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />'); |
$r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />'); |
Line 284 sub reset_passwd {
|
Line 332 sub reset_passwd {
|
return $msg; |
return $msg; |
} |
} |
|
|
|
sub generic_failure_msg { |
|
my ($contact_name,$contact_email) = @_; |
|
return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.', |
|
$contact_name,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>'); |
|
} |
|
|
sub create_passwd { |
sub create_passwd { |
my $passwd = ''; |
my $passwd = ''; |
my @letts = ("a".."z"); |
my @letts = ("a".."z"); |