Unverified Commit e719dc46 authored by IKEDA Soji's avatar IKEDA Soji Committed by GitHub
Browse files

Merge pull request #1082 from ikedas/issue-1076 by ikedas

Add confirmation to requestpasswd action to prevent spamming
parents 36a6f9bd e8a22b94
......@@ -327,6 +327,20 @@
[%|loc(template_name)%]Do you really want to remove %1?[%END%]
</strong>
</p>
[%~ ELSIF confirm_action == 'requestpasswd' ~%]
<h2>
<i class="fa fa-check-circle"></i>
[% IF reason == 'firstpasswd' %]
[%|loc%]Request first password[%END%]
[% ELSE %]
[%|loc%]Request new password[%END%]
[% END %]
</h2>
<p>
<strong>
[%|loc%]Do you really want to request password?[%END%]
</strong>
</p>
[%~ ELSIF confirm_action == 'rt_delete' ~%]
<h2>
<i class="fa fa-check-circle"></i>
......@@ -512,6 +526,9 @@
<input type="hidden" name="scope" value="[% scope %]" />
<input type="hidden" name="template_name" value="[% template_name %]" />
<input type="hidden" name="tpl_lang" value="[% tpl_lang %]" />
[%~ ELSIF confirm_action == 'requestpasswd' ~%]
<input type="hidden" name="email" value="[% email %]" />
<input type="hidden" name="reason" value="[% reason %]" />
[%~ ELSIF confirm_action == 'rt_delete' ~%]
<input type="hidden" name="message_template" value="[% message_template %]" />
[%~ ELSIF confirm_action == 'signoff' ~%]
......
......@@ -31,7 +31,7 @@
[%|loc%]You will receive an email that will allow you to choose your password.[%END%]
</p>
[% ELSE %]
[% IF requestpasswd_context == 'firstpasswd' %]
[% IF reason == 'firstpasswd' %]
<p>
[%|loc%]Please enter your email address to begin the registration process.[%END%]
</p>
......@@ -47,6 +47,7 @@
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
<input type="hidden" name="action" value="requestpasswd" />
<input type="hidden" name="reason" value="[% reason %]" />
<div class="row">
<div class="columns">
......@@ -57,7 +58,7 @@
<div class="row">
<div class="columns">
<input class="MainMenuLinks" type="submit" name="action_requestpasswd"
[% IF requestpasswd_context == 'firstpasswd' %]
[% IF reason == 'firstpasswd' %]
value="[%|loc%]Request first password[%END%]" />
[% ELSE %]
value="[%|loc%]Request new password[%END%]" />
......
......@@ -4052,7 +4052,7 @@ sub sendssopasswd {
 
sub do_firstpasswd {
wwslog('info', '(%s)', $in{'email'});
$param->{'requestpasswd_context'} = 'firstpasswd';
$param->{'reason'} = 'firstpasswd';
return 'renewpasswd';
}
## send a ticket for choosing a new password
......@@ -4103,9 +4103,21 @@ sub do_renewpasswd {
####################################################
sub do_requestpasswd {
wwslog('info', '(%s)', $in{'email'});
my ($passwd, $user);
my $email = $in{'email'};
my $reason = $in{'reason'};
 
$param->{'account_creation'} = 1;
$param->{'email'} = $email;
$param->{'reason'} = $reason;
# Action confirmed?
my $next_action = $session->confirm_action(
$in{'action'}, $in{'response_action'},
arg => join(',', $email, $reason),
previous_action => ($in{'previous_action'} || ($reason ? 'firstpasswd' : 'renewpasswd'))
);
return $next_action unless $next_action eq '1';
 
my $url_redirect;
if ($url_redirect = is_ldap_user($in{'email'})) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment