OSDN Git Service
(root)
/
newslash
/
newslash.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
881b1a3
)
Plugin::users: fix update_password()
author
hylom
<hylom@users.sourceforge.jp>
Wed, 7 Nov 2018 10:29:53 +0000
(19:29 +0900)
committer
hylom
<hylom@users.sourceforge.jp>
Wed, 7 Nov 2018 10:30:15 +0000
(19:30 +0900)
src/newslash_web/lib/Newslash/Plugin/Users.pm
patch
|
blob
|
history
src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
patch
|
blob
|
history
src/newslash_web/t/api/user.t
patch
|
blob
|
history
diff --git
a/src/newslash_web/lib/Newslash/Plugin/Users.pm
b/src/newslash_web/lib/Newslash/Plugin/Users.pm
index
fdd1fbe
..
df329be
100644
(file)
--- a/
src/newslash_web/lib/Newslash/Plugin/Users.pm
+++ b/
src/newslash_web/lib/Newslash/Plugin/Users.pm
@@
-105,26
+105,28
@@
sub update_password_by_token {
sub update_password {
my ($self, $user, $old_password, $new_password) = @_;
sub update_password {
my ($self, $user, $old_password, $new_password) = @_;
- if (!$user || $user->{uid}) {
+ if (!$user ||
!
$user->{uid}) {
$self->last_error("INVALID_USER");
return;
}
my $users = $self->app->model('users');
$self->last_error("INVALID_USER");
return;
}
my $users = $self->app->model('users');
- if ($users->passwords->
compare_password($old_password, $user->{passwd})
-
|| $users->password->_compare_password_compat($old_password, $user->{passwd}, $user->{uid}, 0, 1
)) {
- # old password is correct
!
+ if ($users->passwords->
verify_password(uid => $user->{uid},
+
password => $old_password
)) {
+ # old password is correct
.
return $self->_update_password($user, $new_password);
}
return $self->_update_password($user, $new_password);
}
+ # old password is incorrect!
$self->last_error("INCORRECT_PASSWORD");
return;
}
sub _update_password {
my ($self, $user, $password) = @_;
$self->last_error("INCORRECT_PASSWORD");
return;
}
sub _update_password {
my ($self, $user, $password) = @_;
- if (!$user || $user->{uid}) {
+
+ if (!$user || !$user->{uid}) {
$self->last_error("INVALID_USER");
return;
}
$self->last_error("INVALID_USER");
return;
}
diff --git
a/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
b/src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
index
1bda3e7
..
51c18fb
100644
(file)
--- a/
src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
+++ b/
src/newslash_web/lib/Newslash/Web/Controller/API/User.pm
@@
-309,6
+309,7
@@
sub update_password {
my $user = $c->stash('user');
my $users = $c->model('users');
my $user = $c->stash('user');
my $users = $c->model('users');
+
if (!$data->{current_password} || !$data->{new_password}) {
$c->render(json => { error => 1, message => "no_password_given" });
$c->rendered(400);
if (!$data->{current_password} || !$data->{new_password}) {
$c->render(json => { error => 1, message => "no_password_given" });
$c->rendered(400);
@@
-318,7
+319,7
@@
sub update_password {
my $rs = $c->users->update_password($user,
$data->{current_password},
$data->{new_password});
my $rs = $c->users->update_password($user,
$data->{current_password},
$data->{new_password});
- if (
!
$rs) {
+ if ($rs) {
$c->render(json => { uid => $user->{uid} });
return;
}
$c->render(json => { uid => $user->{uid} });
return;
}
diff --git
a/src/newslash_web/t/api/user.t
b/src/newslash_web/t/api/user.t
index
a59dde7
..
76fa2af
100644
(file)
--- a/
src/newslash_web/t/api/user.t
+++ b/
src/newslash_web/t/api/user.t
@@
-111,7
+111,8
@@
subtest 'update email' => sub {
->json_is('/email', $new_address);
diag dumper $t->tx->res->json if !$t->success;
->json_is('/email', $new_address);
diag dumper $t->tx->res->json if !$t->success;
- # チェックコードを書く
+
+ # check if database updated
my $users = $t->app->model('users');
my $params = $users->param->select(uid => $user->{uid});
is($params->{new_email}, $new_address, "insert new address to params table");
my $users = $t->app->model('users');
my $params = $users->param->select(uid => $user->{uid});
is($params->{new_email}, $new_address, "insert new address to params table");
@@
-126,23
+127,32
@@
subtest 'update email' => sub {
ok($delta < 3600, "new_email_ts is updated");
}
ok($delta < 3600, "new_email_ts is updated");
}
+ # check if event emited
+
$test_man->logout;
};
subtest 'update password' => sub {
$test_man->login($user);
$test_man->logout;
};
subtest 'update password' => sub {
$test_man->login($user);
+ my $new_password = "foobarhogehoge";
$t->post_ok('/api/v1/user' => {Accept => '*/*'} => json => { type => "password",
current_password => $default_passwd,
$t->post_ok('/api/v1/user' => {Accept => '*/*'} => json => { type => "password",
current_password => $default_passwd,
- new_password =>
"foobarhogehoge"
})
+ new_password =>
$new_password
})
->status_is(200)
->content_type_like(qr|application/json|)
->json_hasnt('/error')
->json_is('/uid', $user->{uid});
->status_is(200)
->content_type_like(qr|application/json|)
->json_hasnt('/error')
->json_is('/uid', $user->{uid});
+ diag dumper $t->tx->res->json if !$t->success;
+ # check if database updated
+ my $users = $t->app->model('users');
+ my $updated = $users->select(uid => $user->{uid});
+ my $rs = $users->passwords->compare_password($new_password,
+ $updated->{passwd});
+ ok($rs, "password updated");
- # チェックコードを書く
-
+ # check if event emited
$test_man->logout;
};
$test_man->logout;
};