MIGDYN/irclogger_web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Frontend: Add password changing support

Browse Source
This commit is contained in:
mrkubax10 2023-09-10 18:57:44 +02:00
parent 920376995e
commit d2204b171c
2 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
frontend_routes.pm
View File

@ -208,6 +208,50 @@ sub handlePath {
frontend::sendTemplate("templates/panel.html", $aClient, {"username"=>$session->{"username"}, "manageChannelAccess"=>$manageChannelAccess, "manageServers"=>$manageServers, "manageChannels"=>$manageChannels, "addUser"=>$addUser}); frontend::sendTemplate("templates/panel.html", $aClient, {"username"=>$session->{"username"}, "manageChannelAccess"=>$manageChannelAccess, "manageServers"=>$manageServers, "manageChannels"=>$manageChannels, "addUser"=>$addUser});
return 1; return 1;
} }
when("/change_password_action") {
if(!defined($aRequest->{"cookies"}{"session"}) || !frontend_session::isValidSession($aRequest->{"cookies"}{"session"})) {
frontend::redirect($aClient, "/");
return 1;
}
if(defined($aRequest->{"headers"}{"Content-Type"}) && $aRequest->{"headers"}{"Content-Type"} ne "application/x-www-form-urlencoded") {
frontend::sendBadRequest($aClient, "Unsupported form Content-Type (application/x-www-form-urlencoded required)");
return 1;
}
if(!defined($aRequest->{"content"})) {
frontend::sendBadRequest($aClient, "Request content required");
return 1;
}
my $session = $frontend_session::sessions{$aRequest->{"cookies"}{"session"}};
my %parameters = frontend::parsePathParameters($aRequest->{"content"});
if(!defined($parameters{"currentPassword"})) {
frontend::sendBadRequest($aClient, "Current password parameter required");
return 1;
}
if(!defined($parameters{"newPassword"})) {
frontend::sendBadRequest($aClient, "New password parameter required");
return 1;
}
my $query = $aConnection->prepare(qq(select password from users where name=?;));
$query->execute($session->{"username"});
my @row = $query->fetchrow_array();
my $password = $row[0];
if($parameters{"currentPassword"} ne $password) {
frontend::sendBadRequest($aClient, "Wrong password");
return 1;
}
if($parameters{"newPassword"} eq $password) {
frontend::sendBadRequest($aClient, "New password and current password match");
return 1;
}
$query = $aConnection->prepare(qq(update users set password=? where name=?;));
$query->execute($parameters{"newPassword"}, $session->{"username"});
frontend::redirect($aClient, "/password_changed.html");
return 1;
}
when("/view_logs") { when("/view_logs") {
my $channelID = $aRequest->{"path"}{"parameters"}{"channel"}; my $channelID = $aRequest->{"path"}{"parameters"}{"channel"};
if(!defined($channelID)) { if(!defined($channelID)) {

10
static/password_changed.html Normal file
View File

@ -0,0 +1,10 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Password changed</title>
</head>
<body>
<p>Password successfully changed</p>
<a href="/panel">Return to user panel</a>
</body>
</html>