my $the_user = $users->select(nickname => $nickname);
# check if token is correct
- if (!$the_user || $token ne $the_user->{newpasswd}) {
+ if (!$the_user || !$token) {
$c->render(activation_succeed => 0, error => "INVALID_TOKEN");
$c->res->code(400);
return;
return;
}
- # check if token is expired
- my $expiration_limit = $c->config->{Users}->{newpasswd_expiration};
- if (!$the_user->{newpasswd_ts}) {
- $c->render(activation_succeed => 0, error => "INVALID_TOKEN");
- $c->res->code(400);
- return;
- }
- my $expire_dt = eval { DateTime::Format::MySQL->parse_datetime($the_user->{newpasswd_ts}) };
- if (!$expire_dt) {
- $c->log->error("Activation: invalid newpasswd_ts ($the_user->{newpasswd_ts}). uid: $the_user->{uid}");
- $c->render(activation_succeed => 0, error => "INVALID_TOKEN");
- $c->res->code(400);
+ # check if token is valid
+ my $rs = $users->activation($nickname, $token);
+ if (!$rs) {
+ $c->res->code(500);
return;
}
- $expire_dt->add( seconds => $expiration_limit);
- if ($expire_dt->epoch() < time()) {
- $c->render(activation_succeed => 0, error => "TOKEN_EXPIRED");
+ if ($rs->{error}) {
+ $c->render(activation_succeed => 0, error => $rs->{error});
$c->res->code(400);
return;
}