Diff for /loncom/interface/resetpw.pm between versions 1.18 and 1.36

version 1.18, 2009/09/30 21:47:07 version 1.36, 2013/08/17 00:34:29
Line 26 Line 26
 # http://www.lon-capa.org/  # http://www.lon-capa.org/
 #  #
 #  #
   
   =pod
   
   =head1 NAME
   
   Apache::resetpw: reset user password.
   
   =head1 SYNOPSIS
   
   Handles resetting of forgotten passwords.
   
   This is part of the LearningOnline Network with CAPA project
   described at http://www.lon-capa.org.
    
   =head1 OVERVIEW
   
   A user with an e-mail address associated with his/her LON-CAPA username
   can reset a forgotten password, using a link sent to the e-mail address
   if the authentication type for the account is "internal".
   
   =cut
   
 package Apache::resetpw;  package Apache::resetpw;
   
 use strict;  use strict;
Line 44  sub handler { Line 66  sub handler {
         return OK;          return OK;
     }      }
     my $contact_name = &mt('LON-CAPA helpdesk');      my $contact_name = &mt('LON-CAPA helpdesk');
     my $contact_email =  $r->dir_config('lonSupportEMail');      my $origmail =  $r->dir_config('lonSupportEMail');
     my $server = $r->dir_config('lonHostID');      my $server = $r->dir_config('lonHostID');
     my $defdom = $r->dir_config('lonDefDomain');      my $defdom = &Apache::lonnet::default_login_domain();
       my $contacts =
           &Apache::loncommon::build_recipient_list(undef,'helpdeskmail',
                                                    $defdom,$origmail);
       my ($contact_email) = split(',',$contacts);
       my $handle = &Apache::lonnet::check_for_valid_session($r);
       my $lonidsdir=$r->dir_config('lonIDsDir');
       if ($handle ne '') {
           if ($handle=~/^publicuser\_/) {
               unlink($r->dir_config('lonIDsDir')."/$handle.id");
           } else {
               &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
           }
       }
     &Apache::lonacc::get_posted_cgi($r);      &Apache::lonacc::get_posted_cgi($r);
     &Apache::lonlocal::get_language_handle($r);      &Apache::lonlocal::get_language_handle($r);
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);      &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
Line 55  sub handler { Line 90  sub handler {
     my $uname = &unescape($env{'form.uname'});      my $uname = &unescape($env{'form.uname'});
     my $udom = $env{'form.udom'};      my $udom = $env{'form.udom'};
     my $token = $env{'form.token'};      my $token = $env{'form.token'};
     my $start_page =      my $brcrum = [];
         &Apache::loncommon::start_page('Reset password','',      if ($token) {
                                            {          push (@{$brcrum},
                                              'no_inline_link'   => 1,});              {href => '/adm/resetpw',
     $r->print($start_page);               text => 'Update Password'});
     $r->print('<h3>'.&mt('Reset forgotten LON-CAPA password').'</h3>');      } else {
           push (@{$brcrum},
               {href => '/adm/resetpw',
                text => 'Account Information'});
           if ($uname && $udom) {
               push (@{$brcrum},
                   {href => '/adm/resetpw',
                    text => 'Result'});
           }
       }
       my $args = {bread_crumbs => $brcrum};
       $r->print(&Apache::loncommon::start_page('Reset password','',$args));
       $r->print('<h2>'.&mt('Reset forgotten LON-CAPA password').'</h2>');
     my $output;      my $output;
     if ($token) {      if ($token) {
         $output = &reset_passwd($r,$token,$contact_name,$contact_email);          $output = &reset_passwd($r,$token,$contact_name,$contact_email);
Line 126  sub handler { Line 173  sub handler {
 sub get_uname {  sub get_uname {
     my ($defdom) = @_;      my ($defdom) = @_;
     my %lt = &Apache::lonlocal::texthash(      my %lt = &Apache::lonlocal::texthash(
                                          unam => 'username',                                           unam => 'LON-CAPA username',
                                          udom => 'domain',                                           udom => 'LON-CAPA domain',
                                          uemail => 'E-mail address in LON-CAPA',                                           uemail => 'E-mail address in LON-CAPA',
                                          proc => 'Proceed');                                           proc => 'Proceed');
   
     my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password.  However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');      my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.');
     $msg .= '<br /><br />'.&mt('Three conditions must be met:')      $msg .= '<br /><br />'.&mt('Three conditions must be met:')
            .'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'             .'<ul><li>'.&mt('An e-mail address must have previously been associated with your LON-CAPA username.').'</li>'
            .'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'             .'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'
            .'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')             .'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')
            .'</ul>';             .'</ul>';
     $msg .= qq|      $msg .= '<form name="forgotpw" method="post" action="/adm/resetpw">'.
 <form name="forgotpw" method="post">              &Apache::lonhtmlcommon::start_pick_box(). 
 <table>              &Apache::lonhtmlcommon::row_title($lt{'unam'}).
 <tr><td>              '<input type="text" name="uname" size="20" />'.
 <tr><td align="left">LON-CAPA $lt{'unam'}:                      </td>              &Apache::lonhtmlcommon::row_closure(1).
     <td><input type="text" name="uname" size="15" /></td></tr>              &Apache::lonhtmlcommon::row_title($lt{'udom'}).
 <tr><td align="left">LON-CAPA $lt{'udom'}:                      </td>              &Apache::loncommon::select_dom_form($defdom,'udom').
     <td>|;              &Apache::lonhtmlcommon::row_closure(1).
     $msg .= &Apache::loncommon::select_dom_form($defdom,'udom');              &Apache::lonhtmlcommon::row_title($lt{'uemail'}).
     $msg .= qq|</td></tr>              '<input type="text" name="useremail" size="30" />'.
 <tr><td align="left">$lt{'uemail'}:                             </td>              &Apache::lonhtmlcommon::end_pick_box().
     <td><input type="text" name="useremail" size="30" /></td></tr>              '<br /><br /><input type="submit" name="resetter" value="'.$lt{'proc'}.'" /></form>';
 <tr><td colspan="2" align="left"><br />  
     <input type="submit" value="$lt{'proc'}" /></td></tr>  
 </table>  
 </form>  
 |;  
     return $msg;      return $msg;
 }  }
   
 sub send_token {  sub send_token {
     my ($uname,$udom,$email,$server,$domdesc,$contact_name,      my ($uname,$udom,$email,$server,$domdesc,$contact_name,
         $contact_email) = @_;          $contact_email) = @_;
     my $msg = &mt('Thank you for your request to reset the password for your LON-CAPA account.').'<br /><br />';      my $msg =
           '<p class="LC_info">'
          .&mt('Thank you for your request to reset the password for your LON-CAPA account.')
          .'</p>';
   
     my $now = time;      my $now = time;
     my $temppasswd = &create_passwd();      my $temppasswd = &create_passwd();
Line 176  sub send_token { Line 221  sub send_token {
         my $esc_token = &escape($token);          my $esc_token = &escape($token);
         my $showtime = &Apache::lonlocal::locallocaltime(time);          my $showtime = &Apache::lonlocal::locallocaltime(time);
         my $reseturl = &Apache::lonnet::absolute_url().'/adm/resetpw?token='.$esc_token;          my $reseturl = &Apache::lonnet::absolute_url().'/adm/resetpw?token='.$esc_token;
         my $mailmsg = &mt('A request was submitted on [_1] for reset of the password for your LON-CAPA account.',$showtime).' '.&mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]',$reseturl);          my $mailmsg = &mt('A request was submitted on [_1] for reset of the password for your LON-CAPA account.',$showtime)." \n".&mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]',"\n\n".$reseturl);
         my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,          my $result = &send_mail($domdesc,$email,$mailmsg,$contact_name,
                                 $contact_email);                                  $contact_email);
         if ($result eq 'ok') {          if ($result eq 'ok') {
             $msg .= &mt("An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.<br /><br />The link included in the message will be valid for the next <b>two</b> hours.");              $msg .=
                   &mt('An e-mail sent to the e-mail address associated with your LON-CAPA account includes the web address for the link you should use to complete the reset process.')
                  .'<br /><br />'
                  .&mt('The link included in the message will be valid for the next [_1]two[_2] hours.','<b>','</b>');
         } else {          } else {
             $msg .= &mt("An error occurred when sending a message to the e-mail address associated with your LON-CAPA account. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);              $msg .=
                   '<p class="LC_error">'
                  .&mt('An error occurred when sending a message to the e-mail address'
                      .' associated with your LON-CAPA account.')
                  .'</p>'
                  .&display_actions($contact_email,$domdesc);
         }          }
     } else {      } else {
         $msg .= &mt("An error occurred creating a token required for the password reset process. Please contact the [_1] ([_2]) for assistance.",$contact_name,$contact_email);          $msg .=
               '<p class="LC_error">'
              .&mt('An error occurred creating a token required for the'
                  .' password reset process.')
              .'</p>'
              .&display_actions($contact_email,$domdesc);
     }      }
     return $msg;      return $msg;
 }  }
Line 196  sub send_mail { Line 254  sub send_mail {
     my $requestmail = "To: $email\n".      my $requestmail = "To: $email\n".
                       "From: $contact_name <$contact_email>\n".                        "From: $contact_name <$contact_email>\n".
                       "Subject: ".&mt('Your LON-CAPA account')."\n".                        "Subject: ".&mt('Your LON-CAPA account')."\n".
                         "Content-type: text/plain\;charset=UTF-8\n".
                       "\n\n".$mailmsg."\n\n".                        "\n\n".$mailmsg."\n\n".
                       &mt('[_1] LON-CAPA support team',$domdesc)."\n".                        &mt('[_1] LON-CAPA support team',$domdesc)."\n".
                       "$contact_email\n";                        "$contact_email\n";
Line 213  sub invalid_state { Line 272  sub invalid_state {
     my ($error,$domdesc,$contact_name,$contact_email) = @_;      my ($error,$domdesc,$contact_name,$contact_email) = @_;
     my $msg;      my $msg;
     if ($error eq 'invalid') {      if ($error eq 'invalid') {
         $msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc)          $msg =
               .' '.&mt('Please [_1]go back[_2] and try again.','<a href="javascript:history.go(-1)"><u>','</u></a>');              '<p class="LC_warning">'
               .&mt('The username you provided was not verified as a valid username'
                   .' in the LON-CAPA system for the [_1] domain.','<i>'.$domdesc.'</i>')
                 .'</p>';
           $msg .= &display_actions($contact_email,$domdesc);
     } else {      } else {
         if ($error eq 'baduseremail') {          if ($error eq 'baduseremail') {
             $msg = &mt('The e-mail address you provided does not appear to be a valid address.');              $msg = &mt('The e-mail address you provided does not appear to be a valid address.');
Line 225  sub invalid_state { Line 288  sub invalid_state {
         } elsif ($error eq 'authentication') {          } elsif ($error eq 'authentication') {
             $msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');              $msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');
         }          }
         if ($contact_email ne '') {          $msg = '<p class="LC_warning">'.$msg.'</p>'
             my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');                .&display_actions($contact_email,$domdesc);
             $msg .= '<br /> '.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.'  
                                  ,'<a href="/adm/helpdesk?origurl='.$escuri.'">','</a>',$domdesc);  
         } else {  
             $msg .= '<br /> '.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc);  
         }  
     }      }
     return $msg;      return $msg;
 }  }
Line 254  sub reset_passwd { Line 312  sub reset_passwd {
         my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});          my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});
         if ($now - $data{'time'} < 7200) {          if ($now - $data{'time'} < 7200) {
             if ($env{'form.action'} eq 'verify_and_change_pass') {              if ($env{'form.action'} eq 'verify_and_change_pass') {
                   unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) {
                       $msg = &generic_failure_msg($contact_name,$contact_email);
                       return $msg;
                   }
                 my $change_failed =                   my $change_failed = 
     &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);      &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
                 if (!$change_failed) {                  if (!$change_failed) {
Line 264  sub reset_passwd { Line 326  sub reset_passwd {
                     my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3].  If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";                      my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3].  If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
                     my $result = &send_mail($domdesc,$data{'email'},$mailmsg,                      my $result = &send_mail($domdesc,$data{'email'},$mailmsg,
                                             $contact_name,$contact_email);                                              $contact_name,$contact_email);
                       my $confirm_msg;
                     if ($result eq 'ok') {                      if ($result eq 'ok') {
                         $msg .= &mt('An e-mail confirming setting of the password for your LON-CAPA account has been sent to [_1].',$data{'email'});                          $confirm_msg =
                               &Apache::lonhtmlcommon::confirm_success(
                                   &mt('An e-mail confirming setting of the password'
                                      .' for your LON-CAPA account has been sent to [_1].'
                                       ,'<span class="LC_filename">'.$data{'email'}.'</span>'));
                     } else {                      } else {
                         $msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'});                          $confirm_msg =
                               &Apache::lonhtmlcommon::confirm_success(
                                   &mt('An error occurred when sending e-mail to [_1]'
                                      .' confirming setting of your new password.'
                                       ,'<span class="LC_filename">'.$data{'email'}.'</span>'),1);
                       }
                       $msg .=
                           &Apache::loncommon::confirmwrapper($confirm_msg)
                          .&Apache::lonhtmlcommon::actionbox([
                               '<a href="/adm/login">'.&mt('Go to the login page').'</a>']);
                   } elsif ($change_failed eq 'invalid_client') {
                       my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'});
                       if ($homeserver eq 'no_host') {
                           $msg .= &generic_failure_msg($contact_name,$contact_email);
                       } else {
                           my $protocol = $Apache::lonnet::protocol{$homeserver};
                           $protocol = 'http' if ($protocol ne 'https');
                           my $url = $protocol.'://'.&Apache::lonnet::hostname($homeserver).
                                     '/adm/resetpw';
                           my ($opentag,$closetag);
                           if ($url) {
                              $opentag = '<a href="'.$url.'">';
                              $closetag = '</a>';
                           }
                           $msg .=
                               '<p class="LC_warning">'
                              .&mt('A problem occurred when attempting to reset'
                                  .' the password for your account.'
                                  .' Please try again from your [_1]home server[_2].'
                                   ,$opentag,$closetag)
                              .'</p>';
                     }                      }
                     $msg .= '<br /><br />'  
                            .'<a href="/adm/login">'.&mt('Go to the login page').'</a>.';  
                 } else {                  } else {
                     $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.'                      $msg .= &generic_failure_msg($contact_name,$contact_email);
                                ,$contact_name  
                                ,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>');  
                 }                  }
             } else {              } else {
                 $r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />');                  $r->print(&mt('The token included in an e-mail sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'<br /><br />');
Line 282  sub reset_passwd { Line 375  sub reset_passwd {
                 &Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token);                  &Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token);
             }              }
         } else {          } else {
             $msg = &mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.'              $msg =
                       ,'<a href="/adm/resetpw">','</a>');                  '<p class="LC_warning">'
                  .&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.'
                       ,'<a href="/adm/resetpw">','</a>')
                  .'</p>';
         }          }
     } else {      } else {
         $msg .= &mt('Sorry, the URL generated when you requested reset of your password contained incomplete information. Please submit a [_1]new request[_2] for a password reset, and use the new URL that will be sent to your e-mail account to complete the process.'          $msg .=
                    ,'<a href="/adm/resetpw">','</a>');              '<p class="LC_warning">'
              .&mt('Sorry, the URL generated when you requested reset of your password contained incomplete information. Please submit a [_1]new request[_2] for a password reset, and use the new URL that will be sent to your e-mail account to complete the process.'
                   ,'<a href="/adm/resetpw">','</a>')
              .'</p>';
     }      }
     return $msg;      return $msg;
 }  }
   
   sub generic_failure_msg {
       my ($contact_name,$contact_email) = @_;
       return
           '<p class="LC_error">'
          .&mt('A problem occurred when attempting to reset the password for your account.')
          .'<br />'
          .&mt('Please contact the [_1] ([_2]) for assistance.',
                 $contact_name,'<a href="mailto:'.$contact_email.'">'.$contact_email.'</a>')
          .'</p>';
   }
   
 sub create_passwd {  sub create_passwd {
     my $passwd = '';      my $passwd = '';
     my @letts = ("a".."z");      my @letts = ("a".."z");
Line 312  sub create_passwd { Line 422  sub create_passwd {
     return ($passwd);      return ($passwd);
 }  }
   
   sub display_actions {
       my ($contact_email, $domdesc) = @_;
       my @msg = (&mt('[_1]Go back[_2] and try again',
                      '<a href="javascript:history.go(-1)">','</a>'));
       my $msg2 = '';
       if ($contact_email ne '') {
           my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');
           push(@msg, &mt('Contact the [_1]LON-CAPA helpdesk[_2] for the institution: [_3]',
                          '<a href="/adm/helpdesk?origurl='.$escuri.'">',
                          '</a>','<i>'.$domdesc.'</i>'));
       } else {
           $msg2 =
               '<p>'
              .&mt('You may wish to send an e-mail to the'
              .' server administrator: [_1] for the [_2] domain.',
                   '<i>'.$Apache::lonnet::perlvar{'AdmEMail'}.'</i>',
                   '<i>'.$domdesc.'</i>')
              .'</p>';
       }
   
       return &Apache::lonhtmlcommon::actionbox(\@msg).$msg2;
   
   }
   
 1;  1;

Removed from v.1.18  
changed lines
  Added in v.1.36


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>