$cnf->{newpasswd_expiration} ||= 60 * 60 * 24; # 60[sec] * 60[min] * 24[hour]
}
+sub change_email {
+ my ($self, $user, $email) = @_;
+
+ if (!$user || $user->{uid}) {
+ $self->last_error("INVALID_USER");
+ return;
+ }
+
+ if (!$email || !Email::Valid->address($email)) {
+ $self->last_error("INVALID_EMAIL");
+ return;
+ }
+
+ # use users_param table to save temporary new email address
+
+ my $users = $self->app->model('users');
+ my $param = $users->param;
+
+ $param->start_transaction;
+ my $rs = $param->insert(uid => $user->{uid},
+ name => "new_email",
+ value => $email);
+
+ if (!$rs) {
+ $self->app->error("Users: update users_param table for change_email failed! uid: $user->{uid}");
+ $self->last_error($param->last_error);
+ $param->rollback;
+ return;
+ }
+
+ $rs = $param->insert(uid => $user->{uid},
+ name => "new_email_ts",
+ value => {function => "NOW()"});
+ if (!$rs) {
+ $self->app->error("Users: update users_param table for change_email failed! uid: $user->{uid}");
+ $self->last_error($param->last_error);
+ $param->rollback;
+ return;
+ }
+ $param->commit;
+
+ $self->app->event_que->emit("user", "change_email", $user->{uid}, $user->{uid}, 10);
+ return 1;
+}
+
sub reset_password {
my ($self, $user) = @_;
- $self->app->event_que->emit("user", "resetpw", $user->{uid}, $user->{uid});
+ if (!$user || $user->{uid}) {
+ $self->last_error("INVALID_USER");
+ return;
+ }
+
+ $self->app->event_que->emit("user", "reset_password", $user->{uid}, $user->{uid}, 10);
return 1;
}
sub cancel_activation {
my ($self, $user) = @_;
+ if (!$user || $user->{uid}) {
+ $self->last_error("INVALID_USER");
+ return;
+ }
+
my $users = $self->app->model('users');
my $rs = $users->update(uid => $user->{uid},
my ($self, $nickname, $token, $password) = @_;
# check nickname and token pair
- my $the_user = $self->activation($nickname, $token);
- return if !$the_user;
+ my $user = $self->activation($nickname, $token);
+ return if !$user;
- return $self->_update_password($the_user, $password);
+ return $self->_update_password($user, $password);
}
sub update_password {
my ($self, $user, $old_password, $new_password) = @_;
+ if (!$user || $user->{uid}) {
+ $self->last_error("INVALID_USER");
+ return;
+ }
+
+ my $users = $self->app->model('users');
+
+ if ($users->passwords->compare_password($old_password, $user->{passwd})
+ || $users->password->_compare_password_compat($old_password, $user->{passwd}, $user->{uid}, 0, 1)) {
+ # old password is correct!
+ return $self->_update_password($user, $new_password);
+ }
+
+ $self->last_error("INCORRECT_PASSWORD");
return;
}
sub _update_password {
- my ($self, $the_user, $password) = @_;
+ my ($self, $user, $password) = @_;
+ if (!$user || $user->{uid}) {
+ $self->last_error("INVALID_USER");
+ return;
+ }
+
my $users = $self->app->model('users');
- my @params = (uid => $the_user->{uid},
+ my @params = (uid => $user->{uid},
passwd => $password );
- if ($the_user->{seclev} < 1) {
+ if ($user->{seclev} < 1) {
push @params, seclev => 1;
}
- if ($the_user->{newpasswd}) {
+ if ($user->{newpasswd}) {
push @params, newpasswd => "";
push @params, newpasswd_ts => { function => "NULL" };
}
$self->last_error($users->last_error);
return;
}
+ $self->app->event_que->emit("user", "update_password", $user->{uid}, $user->{uid}, 10);
return 1;
}
return if (!$nickname || !$token);
my $users = $self->app->model('users');
- my $the_user = $users->select(nickname => $nickname);
+ my $user = $users->select(nickname => $nickname);
# check if token is correct
- if (!$the_user
- || !$users->passwords->compare_password($token, $the_user->{newpasswd})
- || !$the_user->{newpasswd_ts}) {
+ if (!$user
+ || !$users->passwords->compare_password($token, $user->{newpasswd})
+ || !$user->{newpasswd_ts}) {
$self->last_error("INVALID_TOKEN");
return;
}
# check if token is expired
my $expiration_limit = $self->app->config->{Users}->{newpasswd_expiration};
- my $expire_dt = eval { DateTime::Format::MySQL->parse_datetime($the_user->{newpasswd_ts}) };
+ my $expire_dt = eval { DateTime::Format::MySQL->parse_datetime($user->{newpasswd_ts}) };
if (!$expire_dt) {
- $self->app->log->error("Users: invalid newpasswd_ts ($the_user->{newpasswd_ts}). uid: $the_user->{uid}");
+ $self->app->log->error("Users: invalid newpasswd_ts ($user->{newpasswd_ts}). uid: $user->{uid}");
$self->last_error("INVALID_TOKEN");
return;
}
}
# ok
- return $the_user;
+ return $user;
}
sub create_new_user {
}
}
- $self->app->event_que->emit("user", "create", $uid, $uid);
+ $self->app->event_que->emit("user", "create", $uid, $uid, 10);
return $uid;
}