Frontend: Add password changing support
This commit is contained in:
parent
920376995e
commit
d2204b171c
@ -208,6 +208,50 @@ sub handlePath {
|
||||
frontend::sendTemplate("templates/panel.html", $aClient, {"username"=>$session->{"username"}, "manageChannelAccess"=>$manageChannelAccess, "manageServers"=>$manageServers, "manageChannels"=>$manageChannels, "addUser"=>$addUser});
|
||||
return 1;
|
||||
}
|
||||
when("/change_password_action") {
|
||||
if(!defined($aRequest->{"cookies"}{"session"}) || !frontend_session::isValidSession($aRequest->{"cookies"}{"session"})) {
|
||||
frontend::redirect($aClient, "/");
|
||||
return 1;
|
||||
}
|
||||
if(defined($aRequest->{"headers"}{"Content-Type"}) && $aRequest->{"headers"}{"Content-Type"} ne "application/x-www-form-urlencoded") {
|
||||
frontend::sendBadRequest($aClient, "Unsupported form Content-Type (application/x-www-form-urlencoded required)");
|
||||
return 1;
|
||||
}
|
||||
if(!defined($aRequest->{"content"})) {
|
||||
frontend::sendBadRequest($aClient, "Request content required");
|
||||
return 1;
|
||||
}
|
||||
my $session = $frontend_session::sessions{$aRequest->{"cookies"}{"session"}};
|
||||
|
||||
my %parameters = frontend::parsePathParameters($aRequest->{"content"});
|
||||
if(!defined($parameters{"currentPassword"})) {
|
||||
frontend::sendBadRequest($aClient, "Current password parameter required");
|
||||
return 1;
|
||||
}
|
||||
if(!defined($parameters{"newPassword"})) {
|
||||
frontend::sendBadRequest($aClient, "New password parameter required");
|
||||
return 1;
|
||||
}
|
||||
|
||||
my $query = $aConnection->prepare(qq(select password from users where name=?;));
|
||||
$query->execute($session->{"username"});
|
||||
my @row = $query->fetchrow_array();
|
||||
my $password = $row[0];
|
||||
if($parameters{"currentPassword"} ne $password) {
|
||||
frontend::sendBadRequest($aClient, "Wrong password");
|
||||
return 1;
|
||||
}
|
||||
if($parameters{"newPassword"} eq $password) {
|
||||
frontend::sendBadRequest($aClient, "New password and current password match");
|
||||
return 1;
|
||||
}
|
||||
|
||||
$query = $aConnection->prepare(qq(update users set password=? where name=?;));
|
||||
$query->execute($parameters{"newPassword"}, $session->{"username"});
|
||||
frontend::redirect($aClient, "/password_changed.html");
|
||||
|
||||
return 1;
|
||||
}
|
||||
when("/view_logs") {
|
||||
my $channelID = $aRequest->{"path"}{"parameters"}{"channel"};
|
||||
if(!defined($channelID)) {
|
||||
|
||||
10
static/password_changed.html
Normal file
10
static/password_changed.html
Normal file
@ -0,0 +1,10 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Password changed</title>
|
||||
</head>
|
||||
<body>
|
||||
<p>Password successfully changed</p>
|
||||
<a href="/panel">Return to user panel</a>
|
||||
</body>
|
||||
</html>
|
||||
Loading…
Reference in New Issue
Block a user