1 package Newslash::Web::Controller::Login;
2 use Mojo::Base 'Mojolicious::Controller';
3 use Mojo::Util qw(b64_encode dumper);
4 use Mojo::JSON qw(to_json);
6 use DateTime::Format::MySQL;
11 my $nickname = $c->param('nickname') || '';
12 my $passwd = $c->param('passwd') || '';
13 my $users = $c->model('users');
14 my $rpath = $c->param('rpath') || '/';
16 # rpath must be absolute path.
17 if ($rpath !~ m/^\//) {
21 if (length($nickname) == 0) {
22 $c->render(msg => 'SRAD login', rpath => $rpath);
26 # TODO: if user already logged-in, force logout?
27 my $user = $users->authentification($nickname, $passwd);
29 if (!$c->user_auth->do_login($user, $c)) {
33 $c->redirect_to($rpath);
34 $c->event_que->emit("login", "login", $user->{uid});
38 $c->render(msg => 'Wrong username or password.', rpath => $rpath, nickname => $nickname);
43 my $session = $c->session('session');
44 my $user = $c->stash('user');
45 $c->user_auth->clear_session($user, $session->{token});
47 my $rpath = $c->param('rpath') || '/';
49 #TODO: $c->model('users')->expire_token($session->{token});
50 $c->session(expires => 1);
51 $c->event_que->emit("login", "logout", $c->stash('user')->{uid});
52 $c->redirect_to($rpath);
57 my $users = $c->model('users');
58 my $nickname = $c->param("nickname");
59 my $token = $c->param("token");
60 my $cancel = $c->param("cancel");
62 my $the_user = $users->select(nickname => $nickname);
64 # check if token is correct
65 if (!$the_user || $token ne $the_user->{newpasswd}) {
66 $c->render(activation_succeed => 0, error => "INVALID_TOKEN");
73 $c->users->cancel_activation($the_user);
74 $c->render(activation_succeed => 0, error => "CANCEL_ACTIVATION");
78 # check if token is expired
79 my $expiration_limit = $c->config->{Users}->{newpasswd_expiration};
80 if (!$the_user->{newpasswd_ts}) {
81 $c->render(activation_succeed => 0, error => "INVALID_TOKEN");
85 my $expire_dt = eval { DateTime::Format::MySQL->parse_datetime($the_user->{newpasswd_ts}) };
87 $c->log->error("Activation: invalid newpasswd_ts ($the_user->{newpasswd_ts}). uid: $the_user->{uid}");
88 $c->render(activation_succeed => 0, error => "INVALID_TOKEN");
92 $expire_dt->add( seconds => $expiration_limit);
93 if ($expire_dt->epoch() < time()) {
94 $c->render(activation_succeed => 0, error => "TOKEN_EXPIRED");
100 $c->render(nickname => $nickname, activation_succeed => 1, error => 0);
107 if ($c->req->method eq "GET") {
112 if ($c->req->method eq "POST") {
113 my $users = $c->model('users');
114 my $email = $c->param("email");
116 if (!$email || !Email::Valid->address($email)) {
117 $c->render(result => "INVALID_EMAIL", email => $email);
122 my $the_user = $users->select(realemail => $email);
124 $c->render(result => "NOT_FOUND", email => $email);
130 my $rs = $c->users->reset_password($the_user);
132 $c->render(result => "ERROR");
136 $c->render(result => "DONE", email => $email);
143 my $user = $c->stash('user');
145 if ($user->{is_login}) {
147 $c->redirect_to("/my/");
151 if ($c->req->method eq "GET") {
156 if ($c->req->method ne "POST") {
162 for my $k (qw(unickname email email2 allow_newsletter allow_headline)) {
163 $prefs->{$k} = $c->param($k);
167 if (!$prefs->{nickname}) {
169 $prefs->{id_error} = "BLANK_ID";
172 if (!$prefs->{email}) {
174 $prefs->{mail_error} = "BLANK_MAIL";
179 if ($prefs->{email} ne $prefs->{email2}) {
181 $prefs->{mail_error} = "MAIL_NOT_MATCH";
185 $c->render(prefs => $prefs);
191 #my $result = $c->model('users')->create_user($c->param('nickname'), $c->param('email'), {});
192 # TODO: set newsletter and headline settings
194 # die "database error!";
196 # if ($result->{error}) {
197 # $c->render(error => 1);
199 # $c->render("login/register_done", uid => $result->{uid}, password => $result->{password});