my $rs = $users->update(uid => $user->{uid},
newpasswd => "",
newpasswd_ts => {function => "NULL"});
- if (!$rs) {
+ if (!defined $rs) {
$self->app->log->error("Users: newpasswd reset error! uid: $user->{uid}");
+ $self->last_error($users->last_error);
+ return;
}
- return $rs;
+ return 1;
+}
+
+sub update_password_by_token {
+ my ($self, $nickname, $token, $password) = @_;
+
+ # check nickname and token pair
+ my $the_user = $self->activation($nickname, $token);
+ return if !$the_user;
+
+ return $self->_update_password($the_user, $password);
+}
+
+sub update_password {
+ my ($self, $user, $old_password, $new_password) = @_;
+ return;
+}
+
+sub _update_password {
+ my ($self, $the_user, $password) = @_;
+ my $users = $self->app->model('users');
+
+ my @params = (uid => $the_user->{uid},
+ passwd => $password );
+
+ if ($the_user->{seclev} < 1) {
+ push @params, seclev => 1;
+ }
+
+ if ($the_user->{newpasswd}) {
+ push @params, newpasswd => "";
+ push @params, newpasswd_ts => { function => "NULL" };
+ }
+
+ my $rs = $users->update(@params);
+
+ if (!defined $rs) {
+ $self->last_error($users->last_error);
+ return;
+ }
+ return 1;
}
+
sub activation {
my ($self, $nickname, $token) = @_;
return if (!$nickname || !$token);
# check if token is correct
if (!$the_user
- || $users->passwords->compare_password($token, $the_user->{newpasswd})
+ || !$users->passwords->compare_password($token, $the_user->{newpasswd})
|| !$the_user->{newpasswd_ts}) {
- return { error => "INVALID_TOKEN" };
+ $self->last_error("INVALID_TOKEN");
+ return;
}
# check if token is expired
my $expire_dt = eval { DateTime::Format::MySQL->parse_datetime($the_user->{newpasswd_ts}) };
if (!$expire_dt) {
$self->app->log->error("Users: invalid newpasswd_ts ($the_user->{newpasswd_ts}). uid: $the_user->{uid}");
- return { error => "INVALID_TOKEN" };
+ $self->last_error("INVALID_TOKEN");
+ return;
}
$expire_dt->add( seconds => $expiration_limit);
if ($expire_dt->epoch() < time()) {
- return { error => "TOKEN_EXPIRED" };
+ $self->last_error("TOKEN_EXPIRED");
+ return;
}
# ok
- return { error => 0 };
+ return $the_user;
}
sub create_new_user {
# check $nickname and $email
my ($id_error, $email_error) = $self->validate_new_user($nickname, $email);
if ($id_error || $email_error) {
- return (0, { id_error => $id_error,
- email_error => $email_error });
+ $self->last_error({ id_error => $id_error,
+ email_error => $email_error });
+ return;
}
my $uid = $users->create($nickname, $email, "", { seclev => 0 });
if (!$uid) {
# error occured
- return (0, { id_error => $id_error,
- email_error => $email_error,
- system_error => $users->last_error });
+ $self->last_error({ id_error => $id_error,
+ email_error => $email_error,
+ system_error => $users->last_error });
+ return;
}
# check options
}
}
- return ($id_error, $email_error);
+ if ($id_error || $email_error) {
+ $self->last_error({id_error => $id_error, email_error => $email_error});
+ return;
+ }
+
+ return 1;
}
1;