Commit fbee56e5 authored by Roberto P. Rubio's avatar Roberto P. Rubio
Browse files

Change password

parent 1cd459f3
......@@ -498,6 +498,24 @@ sub id {
return $id;
}
=head2 password_will_be_changed
Returns true if user password will be changed
$user->password_will_be_changed();
=cut
sub password_will_be_changed {
my $self = shift;
_init_connector();
my $sth = $$CON->dbh->prepare("SELECT change_password FROM users WHERE name=?");
$sth->execute($self->name);
return $sth->fetchrow();
}
=head2 change_password
Changes the password of an User
......
......@@ -22,6 +22,7 @@
.service("listMess", gtListMess)
.controller("SupportForm", suppFormCtrl)
.controller("AddUserForm",addUserFormCrtl)
.controller("ChangePasswordForm",changePasswordFormCrtl)
// .controller("machines", machinesCrtl)
// .controller("messages", messagesCrtl)
.controller("users", usersCrtl)
......@@ -74,6 +75,11 @@
function addUserFormCrtl($scope, $http, request){
};
function changePasswordFormCrtl($scope, $http, request){
};
function swNewMach() {
......
......@@ -151,6 +151,7 @@ hook before_routes => sub {
,url => undef
,_logged_in => undef
,_anonymous => undef
,forcing_change_password => undef
,_user => undef
,footer=> $CONFIG_FRONT->{footer}
,monitoring => 0
......@@ -180,6 +181,10 @@ hook before_routes => sub {
return if $url =~ m{^/anonymous};
if ((defined $USER) && (_logged_in($c)) && ($USER->password_will_be_changed())) {
return change_password($c, 1);
}
if (($url =~ m{^/machine/(clone|display|info|view)/}
|| $url =~ m{^/(list_bases_anonymous|request/)}i
|| $url =~ m{^/ws/subscribe}
......@@ -1094,6 +1099,11 @@ any '/admin/user/(:id).(:type)' => sub {
return $c->render(template => 'main/manage_user');
};
any '/user/change_password' => sub {
my $c = shift;
return change_password($c);
};
get '/list_ldap_attributes/(#cn)' => sub {
my $c = shift;
......@@ -2276,6 +2286,36 @@ sub register {
$c->render(template => 'bootstrap/new_user');
}
sub change_password {
my $c = shift;
my ($forcing_change_password) = @_;
return $c->render(text => "User is anonymous")
if (! _logged_in($c));
return $c->render(text => "User is temporary")
if $USER->is_temporary;
my $old_password = $c->param('old_password');
if ($old_password) {
return $c->render(template => 'bootstrap/change_password', error => [ "Old password do not match!" ]) if (! $USER->compare_password($old_password));
my $new_password = $c->param('new_password');
return $c->render(template => 'bootstrap/change_password', error => [ "New password length is less than 6!" ]) if (length($new_password) < 6);
my $repeated_new_password = $c->param('repeated_new_password');
return $c->render(template => 'bootstrap/change_password', error => [ "New password and their repeat do not match!" ]) if ($new_password ne $repeated_new_password);
$USER->change_password($c->param('new_password'), 0);
$c->redirect_to('/');
}
$c->render(template => 'bootstrap/change_password', forcing_change_password => $forcing_change_password);
}
sub manage_machine {
my $c = shift;
my ($domain) = _search_requested_machine($c);
......
<!DOCTYPE html>
<html ng-app="ravada.app">
%= include 'bootstrap/header'
<body id="page-top" data-spy="scroll" data-target=".navbar-fixed-top" role="document">
<div id="wrapper">
%= include 'bootstrap/navigation'
<div id="page-wrapper">
<!--CHANGE PASSWORD-->
<div ng-controller="ChangePasswordForm">
<div class="page-title">
<div class="card">
<div class="card-header">
<h2><%=l 'Change password' %>
</h2>
</div>
%= include '/ng-templates/change_password'
</div>
</div>
</div>
</div>
</div>
%= include 'bootstrap/scripts'
</body>
</html>
......@@ -13,6 +13,7 @@ navbar-dark bg-dark fixed-top navbar-expand-lg navbar-inverse">
<div class="collapse navbar-collapse justify-content-end" id="navbarNavDropdown">
<!-- Top Menu Items -->
<ul class="navbar-nav">
% if (! $forcing_change_password) {
% if ($_logged_in) {
% if ( !$_anonymous ) {
<li class="nav-item active">
......@@ -60,6 +61,7 @@ navbar-dark bg-dark fixed-top navbar-expand-lg navbar-inverse">
</div>
</li>
% }
% }
% }
</ul>
</div>
......
......@@ -22,7 +22,7 @@
<a class="nav-link" href="#grants" role="tab" data-toggle="tab" aria-controls="grants" aria-selected="true">Grants</a>
</li>
% }
% if (( $_user->is_admin ) && (! $_user->is_external)) {
% if (( $_user->is_admin ) && (! $user->is_external)) {
<li class="nav-item">
<a class="nav-link" href="#password" role="tab" data-toggle="tab" aria-controls="password" aria-selected="true">Password</a>
</li>
......@@ -39,7 +39,7 @@
%= include '/main/manage_user_grants'
</div>
% }
% if (( $_user->is_admin ) && (! $_user->is_external)) {
% if (( $_user->is_admin ) && (! $user->is_external)) {
<div class="tab-pane fade" id="password" role="tabpanel" aria-labelledby="password-tab">
%= include '/main/manage_user_password'
</div>
......
<div class="card-body">
<form name="form" role="form" method="post" action="/user/change_password" novalidate>
<div class="from-group">
<label for="old_password"><%=l 'Old Password' %></label>
<input class="form-control" ng-model="old_password" ng-model-onblur placeholder="<%=l 'Enter Old Password' %>" type="password" ng-minlength="6" name="old_password" id="old_password" required="true" ng-pattern="/^[a-zA-Z0-9]*$/"><br/>
</div>
<div class="from-group">
<label for="new_password"><%=l 'New Password' %></label>
<input class="form-control" ng-model="new_password" ng-model-onblur placeholder="<%=l 'Enter New Password' %>" type="password" ng-minlength="6" name="new_password" id="new_password" required="true" ng-pattern="/^[a-zA-Z0-9]*$/"><br/>
</div>
<div class="from-group">
<label for="repeated_new_password"><%=l 'Repeat New Password' %></label>
<input class="form-control" ng-model="repeated_new_password" ng-model-onblur placeholder="<%=l 'Re-Enter New Password' %>" type="password" ng-minlength="6" name="repeated_new_password" id="repeated_new_password" required="true" ng-pattern="/^[a-zA-Z0-9]*$/"><br/>
</div>
<div ng-show="form.$submitted || (form.old_password.$touched && form.old_password.$dirty)">
<div ng-show="form.old_password.$error.required" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'Old Password is required' %>.
</div>
<div ng-show="form.old_password.$error.minlength" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'Old Password must be at least 6 characters' %>.
</div>
<div ng-show="form.old_password.$error.pattern" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'Old Password can only contain words and numbers' %>.
</div>
<div ng-show="form.new_password.$error.required" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'New Password is required' %>.
</div>
<div ng-show="form.new_password.$error.minlength" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'New Password must be at least 6 characters' %>.
</div>
<div ng-show="form.new_password.$error.pattern" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'New Password can only contain words and numbers' %>.
</div>
<div ng-show="old_password === new_password" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'Old and New Passwords match!' %>.
</div>
<div ng-show="form.repeated_new_password.$error.required" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'Repeated New Password is required' %>.
</div>
<div ng-show="new_password != repeated_new_password" class="alert alert-warning">
<strong><%=l 'Oops!' %></strong>&nbsp;<%=l 'Password and their confirmation do not match!' %>.
</div>
</div>
<button type="submit" ng-disabled="form.$invalid || old_password === new_password || new_password != repeated_new_password" id="submitbutton" class="btn btn-primary"><%=l 'Submit' %></button>
% if (scalar @$error) {
% for my $i (@$error) {
<div class="alert alert-danger">
<%= $i %>
</div>
% }
% }
</form>
</div>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment