You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

135 lines
3.4 KiB

package LDV::User;
use strict;
use warnings;
use utf8;
use Mojo::Base 'Mojolicious::Controller';
# pages
sub login { my ($self) = @_; $self->render(); }
sub register { my ($self) = @_; $self->render(); }
sub profile {
my ($self) = @_;
if (my $uid = $self->session('useruid')) {
my $data = $self->app->ldap->get($uid);
$self->stash(user_data => $data);
$self->render();
return;
}
$self->redirect_to('/user/login');
$self->rendered();
return;
}
sub logout {
my ($self) = @_;
$self->session({useruid => undef});
$self->redirect_to('/user/login');
$self->rendered();
}
sub auth {
my ($self) = @_;
my $user = $self->req->param('username');
my $pass = $self->req->param('password');
eval {
my $delay = $self->app->config->{ldap}->{auth_delay};
sleep $delay if $delay;
($user and $pass)
or die("empty username or password\n");
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
or die("wrong username\n");
$self->app->ldap->auth($user, $pass)
or die("wrong user or password\n");
$self->session({useruid => $user});
$self->redirect_to('/user/profile');
} or do {
$self->flash({result => "Auth failed: $@"});
$self->redirect_to('/user/login');
};
$self->rendered;
return;
}
sub create {
my ($self) = @_;
eval {
my $error;
my $user = $self->req->param('username');
my $pass = $self->req->param('password');
my $mail = $self->req->param('mail');
($user and $pass and $mail)
or die("please fill all fields\n");
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
or die("wrong username\n");
$error = $self->app->ldap->create($user);
die("$error") if $error;
$error = $self->app->ldap->update($user, {mail => $mail});
die("$error") if $error;
if ($self->app->{user}->{confirm_register}) {
my $body = $self->render_partial(template => 'email/reg_success', format => 'txt')
my $email = $self->app->email->create($mail, $self->l("Registration"), $body);
$error = $self->app->email->send($to, $email);
die("$error") if $error;
# TODO: generate and store recover code
} else {
$error = $self->app->ldap->chpass($user, $pass);
die("$error") if $error;
}
$self->flash({result => "Success! Now you may log in."});
$self->redirect_to('/user/profile'); 1;
} or do {
$self->app->log->error($@);
$self->flash({result => "Can't create user: $@"});
$self->redirect_to('/user/register');
};
$self->rendered();
return 1;
}
sub update {
my ($self) = @_;
eval {
my $user = $self->session('useruid')
or die("not logged in\n");
my $pass = $self->req->param('password')
or die("need current password\n");
$self->app->ldap->auth($user, $pass)
or die("wrong password\n");
my %attrs = ();
foreach my $key (qw(displayName mail o mobile)) {
my $value = $self->req->param(lc($key));
$attrs{$key} = $value;
}
my $error = $self->app->ldap->update($user, \%attrs);
die("$error\n") if $error;
if ($self->app->config->{user}->{allow_chpass} and
my $newpass = $self->req->param('newpass')) {
$error = $self->app->ldap->chpass($user, $newpass);
die("$error\n") if $error;
}
$self->redirect_to('/user/profile'); 1;
} or do {
$self->flash({result => "Can't save profile: $@"});
$self->redirect_to('/user/login');
};
$self->rendered();
return;
}
1;