aboutsummaryrefslogtreecommitdiffstats
path: root/lib/CatDap/Controller
diff options
context:
space:
mode:
Diffstat (limited to 'lib/CatDap/Controller')
-rw-r--r--lib/CatDap/Controller/forgot_password.pm30
1 files changed, 20 insertions, 10 deletions
diff --git a/lib/CatDap/Controller/forgot_password.pm b/lib/CatDap/Controller/forgot_password.pm
index 47d81b4..cda7802 100644
--- a/lib/CatDap/Controller/forgot_password.pm
+++ b/lib/CatDap/Controller/forgot_password.pm
@@ -57,25 +57,35 @@ sub check : Local {
$c->log->debug("Searching for email $email with filter $emailfilter");
my $mesg = $c->model('Proxy')->search($emailfilter);
- $c->log->info(printf("Search failed: %s"),$mesg->error) if ($mesg->code);
+ if ($mesg->code) {
+ $c->log->info(printf("Search failed: %s"),$mesg->error);
+ push @errors, $c->loc('Error while searching for account: ') . $mesg->error;
+ }
my @entries = $mesg->entries;
if (@entries != 1) {
push @errors,$c->loc(
'This email address is not bound to an account'
);
}
+ my $checkfilter = '(&' . $c->config->{'forgot_password'}{'allow_filter'} .
+ $emailfilter . ')';
+ $c->log->info(sprintf("Checking if user passes allow_filter $checkfilter"));
+ $mesg = $c->model('Proxy')->search($checkfilter);
+ if ($mesg->code) {
+ $c->log->info(printf("Search failed: %s"),$mesg->error);
+ push @errors, $c->loc('Error while searching for account: ') . $mesg->error;
- if (@errors) {
- $c->stash(errors => \@errors);
- $c->stash(template => 'forgot_password/index.tt');
- return;
+ }
+ my @checkentries = $mesg->entries;
+ if (@entries == 1 and @checkentries != 1) {
+ push @errors,$c->loc(
+ 'Privileged accounts may not recover passwords via this mechanism'
+ );
}
- if ($mesg->code) {
- push @errors,$mesg->error;
- $c->log->info( sprintf("finding email $email failed: %s", $mesg->error) );
+ if (@errors) {
$c->stash(errors => \@errors);
- $c->stash(template => 'register/index.tt');
+ $c->stash(template => 'forgot_password/index.tt');
return;
}
@@ -89,7 +99,7 @@ sub check : Local {
'template' => 'forgot_password.tt',
},
url => $c->uri_for('/forgot_password/confirm') . "?secret=$secret",
- cn => @entries[0]->cn,
+ cn => $entries[0]->cn,
);
$c->log->info("Sending forgot password mail to email address $email");