annotate mod_password_reset/mod_password_reset.lua @ 5401:c8d04ac200fc

mod_http_oauth2: Reject loopback URIs as client_uri This really should be a proper website with info, https://localhost is not good enough. Ideally we'd validate that it's got proper DNS and is actually reachable, but triggering HTTP or even DNS lookups seems like it would carry abuse potential that would best to avoid.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:20:55 +0200
parents 75b6e5df65f9
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local adhoc_new = module:require "adhoc".new;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local adhoc_simple_form = require "util.adhoc".new_simple_form;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local new_token = require "util.id".long;
3353
e8d6f602f382 mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents: 3352
diff changeset
4 local new_error_id = require "util.id".short;
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 local jid_prepped_split = require "util.jid".prepped_split;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 local http_formdecode = require "net.http".formdecode;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local usermanager = require "core.usermanager";
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local dataforms_new = require "util.dataforms".new;
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
9 local st = require "util.stanza";
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
10 local apply_template = require"util.interpolation".new("%b{}", st.xml_escape);
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local reset_tokens = module:open_store();
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local max_token_age = module:get_option_number("password_reset_validity", 86400);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15
3549
b059a3fb2a58 Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents: 3355
diff changeset
16 local serve;
4976
75b6e5df65f9 various: Improve error reporting if missing file server module on 0.12
Kim Alvefur <zash@zash.se>
parents: 3551
diff changeset
17 if prosody.process_type == "prosody" then
3549
b059a3fb2a58 Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents: 3355
diff changeset
18 local http_files = require "net.http.files";
b059a3fb2a58 Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents: 3355
diff changeset
19 serve = http_files.serve;
4976
75b6e5df65f9 various: Improve error reporting if missing file server module on 0.12
Kim Alvefur <zash@zash.se>
parents: 3551
diff changeset
20 else
3549
b059a3fb2a58 Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents: 3355
diff changeset
21 serve = module:depends"http_files".serve;
b059a3fb2a58 Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents: 3355
diff changeset
22 end
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23
3355
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
24 module:depends("adhoc");
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
25 module:depends("http");
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
26 local password_policy = module:depends("password_policy");
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
28 local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a");
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
29 local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a");
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 function generate_page(event)
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 local request, response = event.request, event.response;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 local token = request.url.query;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 local reset_info = token and reset_tokens:get(token);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 response.headers.content_type = "text/html; charset=utf-8";
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 module:log("warn", "Expired token: %s", token or "<none>");
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
41 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." })
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
44 return apply_template(form_template, {
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
45 jid = reset_info.user.."@"..module.host;
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
46 token = token;
3355
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
47 min_password_length = password_policy.get_policy().length;
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
48 });
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 function handle_form(event)
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 local request, response = event.request, event.response;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 local form_data = http_formdecode(request.body);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 local password, token = form_data["password"], form_data["token"];
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 local reset_info = reset_tokens:get(token);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 response.headers.content_type = "text/html; charset=utf-8";
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
59
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
61 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." })
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63
3355
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
64 local policy_ok, policy_err = password_policy.check_password(password);
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
65 if not policy_ok then
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
66 return apply_template(form_template, {
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
67 classes = "alert-danger", message = "Unsuitable password: "..policy_err;
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
68 jid = reset_info.user.."@"..module.host;
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
69 token = token;
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
70 min_password_length = password_policy.get_policy().length;
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
71 })
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
72 end
3bc68057f232 mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents: 3353
diff changeset
73
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 local ok, err = usermanager.set_password(reset_info.user, password, module.host);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 if ok then
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 reset_tokens:set(token, nil);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
79 return apply_template(result_template, { classes = "alert-success",
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 message = "Your password has been updated! Happy chatting :)" })
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 else
3353
e8d6f602f382 mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents: 3352
diff changeset
82 local error_id = new_error_id();
e8d6f602f382 mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents: 3352
diff changeset
83 module:log("warn", "Resetting password for %s failed: %s [%s]", reset_info.user, err, error_id);
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
84 return apply_template(result_template, {
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
85 classes = "alert-danger";
3353
e8d6f602f382 mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents: 3352
diff changeset
86 message = "An unknown error has occurred. Please contact your administrator and quote error id '"..error_id.."'";
3352
f7668aee968a mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents: 3344
diff changeset
87 })
3344
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 module:provides("http", {
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 route = {
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 ["GET /bootstrap.min.css"] = serve(module:get_directory() .. "/password_reset/bootstrap.min.css");
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 ["GET /reset"] = generate_page;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 ["POST /reset"] = handle_form;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96 };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 });
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
98
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 -- Changing a user's password
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
100 local reset_password_layout = dataforms_new{
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
101 title = "Generate password reset link";
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
102 instructions = "Please enter the details of the user who needs a reset link.";
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
103
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
104 { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/adhoc/mod_password_reset" };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
105 { name = "accountjid", type = "jid-single", required = true, label = "JID" };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
106 };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
107
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
108 local reset_command_handler = adhoc_simple_form(reset_password_layout, function (data, errors)
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
109 if errors then
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
110 local errmsg = {};
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
111 for name, text in pairs(errors) do
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
112 errmsg[#errmsg + 1] = name .. ": " .. text;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
113 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
114 return { status = "completed", error = { message = table.concat(errmsg, "\n") } };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
115 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
116
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
117 local jid = data.accountjid;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
118 local user, host = jid_prepped_split(jid);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
119
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
120 if host ~= module.host then
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
121 return {
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
122 status = "completed";
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
123 error = { message = "You may only generate password reset links for users on "..module.host.."." };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124 };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
125 end
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127 local token = new_token();
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 reset_tokens:set(token, {
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129 generated_at = os.time();
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 user = user;
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131 });
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133 return { info = module:http_url() .. "/reset?" .. token, status = "completed" };
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 end);
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 local adhoc_reset = adhoc_new(
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137 "Generate password reset link",
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138 "password_reset",
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
139 reset_command_handler,
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
140 "admin"
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
141 );
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
142
0ce475235ae1 mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
143 module:add_item("adhoc", adhoc_reset);