--- loncom/interface/resetpw.pm 2008/01/25 16:46:50 1.8
+++ loncom/interface/resetpw.pm 2009/10/09 17:39:35 1.11.4.1
@@ -1,6 +1,8 @@
# The LearningOnline Network
# Allow access to password changing via a token sent to user's e-mail.
#
+# $Id: resetpw.pm,v 1.11.4.1 2009/10/09 17:39:35 raeburn Exp $
+#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
@@ -24,6 +26,28 @@
# http://www.lon-capa.org/
#
#
+
+=pod
+
+=head1 NAME
+
+Apache::resetpw: reset user password.
+
+=head1 SYNOPSIS
+
+Handles resetting of forgotten passwords.
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 OVERVIEW
+
+A user with an e-mail address associated with his/her LON-CAPA username
+can reset a forgotten password, using a link sent to the e-mail address
+if the authentication type for the account is "internal".
+
+=cut
+
package Apache::resetpw;
use strict;
@@ -41,15 +65,10 @@ sub handler {
if ($r->header_only) {
return OK;
}
- my $start_page =
- &Apache::loncommon::start_page('Reset password','',
- {
- 'no_inline_link' => 1,});
- $r->print($start_page);
my $contact_name = &mt('LON-CAPA helpdesk');
my $contact_email = $r->dir_config('lonSupportEMail');
my $server = $r->dir_config('lonHostID');
- my $defdom = $r->dir_config('lonDefDomain');
+ my $defdom = &Apache::lonnet::default_login_domain();
&Apache::lonacc::get_posted_cgi($r);
&Apache::lonlocal::get_language_handle($r);
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
@@ -58,7 +77,12 @@ sub handler {
my $uname = &unescape($env{'form.uname'});
my $udom = $env{'form.udom'};
my $token = $env{'form.token'};
- $r->print(&mt(''.&mt('Reset forgotten LON-CAPA password').'
'));
+ my $start_page =
+ &Apache::loncommon::start_page('Reset password','',
+ {
+ 'no_inline_link' => 1,});
+ $r->print($start_page);
+ $r->print(''.&mt('Reset forgotten LON-CAPA password').'
');
my $output;
if ($token) {
$output = &reset_passwd($r,$token,$contact_name,$contact_email);
@@ -150,8 +174,7 @@ sub get_uname {
sub send_token {
my ($uname,$udom,$email,$server,$domdesc,$contact_name,
$contact_email) = @_;
- my $msg = &mt('Thank you for your request to reset the password for your
- LON-CAPA account.').'
';
+ my $msg = &mt('Thank you for your request to reset the password for your LON-CAPA account.').'
';
my $now = time;
my $temppasswd = &create_passwd();
@@ -165,7 +188,7 @@ sub send_token {
my $token = &Apache::lonnet::tmpput(\%info,$server,'resetpw');
if ($token !~ /^error/ && $token ne 'no_such_host') {
my $esc_token = &escape($token);
- my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ".
+ my $mailmsg = "A request was submitted on ".&Apache::lonlocal::locallocaltime(time)." for a reset of the ".
"password for your LON-CAPA account.".
"To complete this process please open a web browser and enter the following ".
"URL in the address/location box: ".&Apache::lonnet::absolute_url()."/adm/resetpw?token=$esc_token";
@@ -242,14 +265,18 @@ sub reset_passwd {
($data{'domain'} ne '') &&
($data{'email'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) &&
($data{'temppasswd'} =~/^\w+$/)) {
- my $reqtime = localtime($data{'time'});
+ my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'});
if ($now - $data{'time'} < 7200) {
if ($env{'form.action'} eq 'verify_and_change_pass') {
+ unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) {
+ $msg = &generic_failure_msg($contact_name,$contact_email);
+ return $msg;
+ }
my $change_failed =
&Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
if (!$change_failed) {
my $delete = &Apache::lonnet::tmpdel($token);
- my $now = localtime(time);
+ my $now = &Apache::lonlocal::locallocaltime(time);
my $domdesc =
&Apache::lonnet::domain($data{'domain'},'description');
my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
@@ -261,8 +288,24 @@ sub reset_passwd {
$msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'});
}
$msg .= '
'.&mt('Go to the login page.');
+ } elsif ($change_failed eq 'invalid_client') {
+ my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'});
+ if ($homeserver eq 'no_host') {
+ $msg .= &generic_failure_msg($contact_name,$contact_email);
+ } else {
+ my $protocol = $Apache::lonnet::protocol{$homeserver};
+ $protocol = 'http' if ($protocol ne 'https');
+ my $url = $protocol.'://'.&Apache::lonnet::hostname($homeserver).
+ '/adm/resetpw';
+ my ($opentag,$closetag);
+ if ($url) {
+ $opentag = '';
+ $closetag = '';
+ }
+ $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag);
+ }
} else {
- $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.',$contact_name,$contact_email);
+ $msg .= &generic_failure_msg($contact_name,$contact_email);
}
} else {
$r->print(&mt('The token included in an email sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'
');
@@ -278,6 +321,12 @@ sub reset_passwd {
return $msg;
}
+sub generic_failure_msg {
+ my ($contact_name,$contact_email) = @_;
+ return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.',
+ $contact_name,''.$contact_email.'');
+}
+
sub create_passwd {
my $passwd = '';
my @letts = ("a".."z");