Mercurial > prosody-modules
annotate mod_password_reset/mod_password_reset.lua @ 5243:d5dc8edb2695
mod_http_oauth2: Use more compact IDs
UUIDs are nice but so verbose!
The reduction in entropy for the nonce should be fine since the
timestamp is also counts towards this, and it changes every second
(modulo clock shenanigans), so the chances of someone managing to get
the same client_secret by registering with the same information at the
same time as another entity should be negligible.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 11 Mar 2023 22:46:27 +0100 |
parents | 75b6e5df65f9 |
children |
rev | line source |
---|---|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local adhoc_new = module:require "adhoc".new; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local adhoc_simple_form = require "util.adhoc".new_simple_form; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local new_token = require "util.id".long; |
3353
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
4 local new_error_id = require "util.id".short; |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local jid_prepped_split = require "util.jid".prepped_split; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local http_formdecode = require "net.http".formdecode; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 local usermanager = require "core.usermanager"; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local dataforms_new = require "util.dataforms".new; |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
9 local st = require "util.stanza"; |
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
10 local apply_template = require"util.interpolation".new("%b{}", st.xml_escape); |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 local reset_tokens = module:open_store(); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 local max_token_age = module:get_option_number("password_reset_validity", 86400); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
3549
b059a3fb2a58
Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents:
3355
diff
changeset
|
16 local serve; |
4976
75b6e5df65f9
various: Improve error reporting if missing file server module on 0.12
Kim Alvefur <zash@zash.se>
parents:
3551
diff
changeset
|
17 if prosody.process_type == "prosody" then |
3549
b059a3fb2a58
Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents:
3355
diff
changeset
|
18 local http_files = require "net.http.files"; |
b059a3fb2a58
Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents:
3355
diff
changeset
|
19 serve = http_files.serve; |
4976
75b6e5df65f9
various: Improve error reporting if missing file server module on 0.12
Kim Alvefur <zash@zash.se>
parents:
3551
diff
changeset
|
20 else |
3549
b059a3fb2a58
Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents:
3355
diff
changeset
|
21 serve = module:depends"http_files".serve; |
b059a3fb2a58
Update modules using mod_http_files to serve files for change in Prosody trunk
Kim Alvefur <zash@zash.se>
parents:
3355
diff
changeset
|
22 end |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
3355
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
24 module:depends("adhoc"); |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
25 module:depends("http"); |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
26 local password_policy = module:depends("password_policy"); |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
28 local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a"); |
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
29 local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a"); |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 function generate_page(event) |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 local request, response = event.request, event.response; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 local token = request.url.query; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 local reset_info = token and reset_tokens:get(token); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 response.headers.content_type = "text/html; charset=utf-8"; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 module:log("warn", "Expired token: %s", token or "<none>"); |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
41 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
44 return apply_template(form_template, { |
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
45 jid = reset_info.user.."@"..module.host; |
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
46 token = token; |
3355
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
47 min_password_length = password_policy.get_policy().length; |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
48 }); |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 function handle_form(event) |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 local request, response = event.request, event.response; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 local form_data = http_formdecode(request.body); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 local password, token = form_data["password"], form_data["token"]; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 local reset_info = reset_tokens:get(token); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 response.headers.content_type = "text/html; charset=utf-8"; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
61 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 |
3355
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
64 local policy_ok, policy_err = password_policy.check_password(password); |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
65 if not policy_ok then |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
66 return apply_template(form_template, { |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
67 classes = "alert-danger", message = "Unsuitable password: "..policy_err; |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
68 jid = reset_info.user.."@"..module.host; |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
69 token = token; |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
70 min_password_length = password_policy.get_policy().length; |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
71 }) |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
72 end |
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
73 |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 local ok, err = usermanager.set_password(reset_info.user, password, module.host); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 if ok then |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
77 reset_tokens:set(token, nil); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
79 return apply_template(result_template, { classes = "alert-success", |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 message = "Your password has been updated! Happy chatting :)" }) |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 else |
3353
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
82 local error_id = new_error_id(); |
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
83 module:log("warn", "Resetting password for %s failed: %s [%s]", reset_info.user, err, error_id); |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
84 return apply_template(result_template, { |
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
85 classes = "alert-danger"; |
3353
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
86 message = "An unknown error has occurred. Please contact your administrator and quote error id '"..error_id.."'"; |
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
87 }) |
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 module:provides("http", { |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 route = { |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 ["GET /bootstrap.min.css"] = serve(module:get_directory() .. "/password_reset/bootstrap.min.css"); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 ["GET /reset"] = generate_page; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 ["POST /reset"] = handle_form; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 }); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 -- Changing a user's password |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 local reset_password_layout = dataforms_new{ |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 title = "Generate password reset link"; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 instructions = "Please enter the details of the user who needs a reset link."; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/adhoc/mod_password_reset" }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 { name = "accountjid", type = "jid-single", required = true, label = "JID" }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
107 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
108 local reset_command_handler = adhoc_simple_form(reset_password_layout, function (data, errors) |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
109 if errors then |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
110 local errmsg = {}; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
111 for name, text in pairs(errors) do |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
112 errmsg[#errmsg + 1] = name .. ": " .. text; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 return { status = "completed", error = { message = table.concat(errmsg, "\n") } }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
115 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 local jid = data.accountjid; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 local user, host = jid_prepped_split(jid); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 if host ~= module.host then |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 return { |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 status = "completed"; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
123 error = { message = "You may only generate password reset links for users on "..module.host.."." }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
124 }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
125 end |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
126 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
127 local token = new_token(); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
128 reset_tokens:set(token, { |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 generated_at = os.time(); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
130 user = user; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 }); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
132 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
133 return { info = module:http_url() .. "/reset?" .. token, status = "completed" }; |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
134 end); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
135 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 local adhoc_reset = adhoc_new( |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
137 "Generate password reset link", |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
138 "password_reset", |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
139 reset_command_handler, |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
140 "admin" |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
141 ); |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
142 |
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
143 module:add_item("adhoc", adhoc_reset); |