You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
135 lines
3.4 KiB
135 lines
3.4 KiB
package LDV::User; |
|
|
|
use strict; |
|
use warnings; |
|
use utf8; |
|
|
|
use Mojo::Base 'Mojolicious::Controller'; |
|
|
|
# pages |
|
sub login { my ($self) = @_; $self->render(); } |
|
sub register { my ($self) = @_; $self->render(); } |
|
|
|
sub profile { |
|
my ($self) = @_; |
|
|
|
if (my $uid = $self->session('useruid')) { |
|
my $data = $self->app->ldap->get($uid); |
|
$self->stash(user_data => $data); |
|
$self->render(); |
|
return; |
|
} |
|
|
|
$self->redirect_to('/user/login'); |
|
$self->rendered(); |
|
return; |
|
} |
|
|
|
sub logout { |
|
my ($self) = @_; |
|
|
|
$self->session({useruid => undef}); |
|
$self->redirect_to('/user/login'); |
|
$self->rendered(); |
|
} |
|
|
|
sub auth { |
|
my ($self) = @_; |
|
my $user = $self->req->param('username'); |
|
my $pass = $self->req->param('password'); |
|
|
|
eval { |
|
my $delay = $self->app->config->{ldap}->{auth_delay}; |
|
sleep $delay if $delay; |
|
($user and $pass) |
|
or die("empty username or password\n"); |
|
($user =~ m|^([a-z0-9_-]){3,64}$|oia) |
|
or die("wrong username\n"); |
|
$self->app->ldap->auth($user, $pass) |
|
or die("wrong user or password\n"); |
|
$self->session({useruid => $user}); |
|
$self->redirect_to('/user/profile'); |
|
} or do { |
|
$self->flash({result => "Auth failed: $@"}); |
|
$self->redirect_to('/user/login'); |
|
}; |
|
|
|
$self->rendered; |
|
return; |
|
} |
|
|
|
sub create { |
|
my ($self) = @_; |
|
|
|
eval { |
|
my $error; |
|
my $user = $self->req->param('username'); |
|
my $pass = $self->req->param('password'); |
|
my $mail = $self->req->param('mail'); |
|
($user and $pass and $mail) |
|
or die("please fill all fields\n"); |
|
($user =~ m|^([a-z0-9_-]){3,64}$|oia) |
|
or die("wrong username\n"); |
|
|
|
$error = $self->app->ldap->create($user); |
|
die("$error") if $error; |
|
$error = $self->app->ldap->update($user, {mail => $mail}); |
|
die("$error") if $error; |
|
|
|
if ($self->app->{user}->{confirm_register}) { |
|
my $body = $self->render_partial(template => 'email/reg_success', format => 'txt') |
|
my $email = $self->app->email->create($mail, $self->l("Registration"), $body); |
|
$error = $self->app->email->send($to, $email); |
|
die("$error") if $error; |
|
# TODO: generate and store recover code |
|
} else { |
|
$error = $self->app->ldap->chpass($user, $pass); |
|
die("$error") if $error; |
|
} |
|
|
|
$self->flash({result => "Success! Now you may log in."}); |
|
$self->redirect_to('/user/profile'); 1; |
|
} or do { |
|
$self->app->log->error($@); |
|
$self->flash({result => "Can't create user: $@"}); |
|
$self->redirect_to('/user/register'); |
|
}; |
|
|
|
$self->rendered(); |
|
return 1; |
|
} |
|
|
|
sub update { |
|
my ($self) = @_; |
|
|
|
eval { |
|
my $user = $self->session('useruid') |
|
or die("not logged in\n"); |
|
my $pass = $self->req->param('password') |
|
or die("need current password\n"); |
|
$self->app->ldap->auth($user, $pass) |
|
or die("wrong password\n"); |
|
|
|
my %attrs = (); |
|
foreach my $key (qw(displayName mail o mobile)) { |
|
my $value = $self->req->param(lc($key)); |
|
$attrs{$key} = $value; |
|
} |
|
my $error = $self->app->ldap->update($user, \%attrs); |
|
die("$error\n") if $error; |
|
if ($self->app->config->{user}->{allow_chpass} and |
|
my $newpass = $self->req->param('newpass')) { |
|
$error = $self->app->ldap->chpass($user, $newpass); |
|
die("$error\n") if $error; |
|
} |
|
$self->redirect_to('/user/profile'); 1; |
|
} or do { |
|
$self->flash({result => "Can't save profile: $@"}); |
|
$self->redirect_to('/user/login'); |
|
}; |
|
|
|
$self->rendered(); |
|
return; |
|
} |
|
|
|
1;
|
|
|