--- loncom/interface/resetpw.pm 2007/09/10 17:18:09 1.7 +++ loncom/interface/resetpw.pm 2009/10/09 17:39:35 1.11.4.1 @@ -1,6 +1,8 @@ # The LearningOnline Network # Allow access to password changing via a token sent to user's e-mail. # +# $Id: resetpw.pm,v 1.11.4.1 2009/10/09 17:39:35 raeburn Exp $ +# # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). @@ -24,6 +26,28 @@ # http://www.lon-capa.org/ # # + +=pod + +=head1 NAME + +Apache::resetpw: reset user password. + +=head1 SYNOPSIS + +Handles resetting of forgotten passwords. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 OVERVIEW + +A user with an e-mail address associated with his/her LON-CAPA username +can reset a forgotten password, using a link sent to the e-mail address +if the authentication type for the account is "internal". + +=cut + package Apache::resetpw; use strict; @@ -41,15 +65,10 @@ sub handler { if ($r->header_only) { return OK; } - my $start_page = - &Apache::loncommon::start_page('Reset password','', - { - 'no_inline_link' => 1,}); - $r->print($start_page); my $contact_name = &mt('LON-CAPA helpdesk'); my $contact_email = $r->dir_config('lonSupportEMail'); my $server = $r->dir_config('lonHostID'); - my $defdom = $r->dir_config('lonDefDomain'); + my $defdom = &Apache::lonnet::default_login_domain(); &Apache::lonacc::get_posted_cgi($r); &Apache::lonlocal::get_language_handle($r); &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']); @@ -58,7 +77,12 @@ sub handler { my $uname = &unescape($env{'form.uname'}); my $udom = $env{'form.udom'}; my $token = $env{'form.token'}; - $r->print(&mt('

Reset forgotten LON-CAPA password

')); + my $start_page = + &Apache::loncommon::start_page('Reset password','', + { + 'no_inline_link' => 1,}); + $r->print($start_page); + $r->print('

'.&mt('Reset forgotten LON-CAPA password').'

'); my $output; if ($token) { $output = &reset_passwd($r,$token,$contact_name,$contact_email); @@ -122,7 +146,11 @@ sub get_uname { proc => 'Proceed'); my $msg = &mt('If you use the same account for other campus services besides LON-CAPA, (e.g., e-mail, course registration, etc.), a separate centrally managed mechanism likely exists to reset a password. However, if your account is used for just LON-CAPA access you will probably be able to reset a password from this page.'); - $msg .= '

'.&mt('Three conditions must be met:'); + $msg .= '

'.&mt('Three conditions must be met:') + .''; $msg .= qq|
@@ -146,8 +174,7 @@ sub get_uname { sub send_token { my ($uname,$udom,$email,$server,$domdesc,$contact_name, $contact_email) = @_; - my $msg = &mt('Thank you for your request to reset the password for your - LON-CAPA account.').'

'; + my $msg = &mt('Thank you for your request to reset the password for your LON-CAPA account.').'

'; my $now = time; my $temppasswd = &create_passwd(); @@ -161,7 +188,7 @@ sub send_token { my $token = &Apache::lonnet::tmpput(\%info,$server,'resetpw'); if ($token !~ /^error/ && $token ne 'no_such_host') { my $esc_token = &escape($token); - my $mailmsg = "A request was submitted on ".localtime(time)." for a reset of the ". + my $mailmsg = "A request was submitted on ".&Apache::lonlocal::locallocaltime(time)." for a reset of the ". "password for your LON-CAPA account.". "To complete this process please open a web browser and enter the following ". "URL in the address/location box: ".&Apache::lonnet::absolute_url()."/adm/resetpw?token=$esc_token"; @@ -201,7 +228,8 @@ sub invalid_state { my ($error,$domdesc,$contact_name,$contact_email) = @_; my $msg; if ($error eq 'invalid') { - $msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc).&mt(' Please go back and try again.'); + $msg = &mt('The username you provided was not verified as a valid username in the LON-CAPA system for the [_1] domain.',$domdesc) + .' '.&mt('Please [_1]go back[_2] and try again.','',''); } else { if ($error eq 'baduseremail') { $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); @@ -214,9 +242,10 @@ sub invalid_state { } if ($contact_email ne '') { my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"'); - $msg .= '
'.&mt(' You may wish to contact the LON-CAPA helpdesk for the [_2] domain.',$escuri,$domdesc); + $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.' + ,'','',$domdesc); } else { - $msg .= '
'.&mt(' You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); + $msg .= '
'.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); } } return $msg; @@ -236,14 +265,18 @@ sub reset_passwd { ($data{'domain'} ne '') && ($data{'email'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) && ($data{'temppasswd'} =~/^\w+$/)) { - my $reqtime = localtime($data{'time'}); + my $reqtime = &Apache::lonlocal::locallocaltime($data{'time'}); if ($now - $data{'time'} < 7200) { if ($env{'form.action'} eq 'verify_and_change_pass') { + unless (($env{'form.uname'} eq $data{'username'}) && ($env{'form.udom'} eq $data{'domain'}) && ($env{'form.email'} eq $data{'email'})) { + $msg = &generic_failure_msg($contact_name,$contact_email); + return $msg; + } my $change_failed = &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token); if (!$change_failed) { my $delete = &Apache::lonnet::tmpdel($token); - my $now = localtime(time); + my $now = &Apache::lonlocal::locallocaltime(time); my $domdesc = &Apache::lonnet::domain($data{'domain'},'description'); my $mailmsg = &mt('The password for your LON-CAPA account in the [_1] domain was changed [_2] from IP address: [_3]. If you did not perform this change or authorize it, please contact the [_4] ([_5]).',$domdesc,$now,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; @@ -255,8 +288,24 @@ sub reset_passwd { $msg .= &mt('An error occurred when sending e-mail to [_1] confirming setting of your new password.',$data{'email'}); } $msg .= '

'.&mt('Go to the login page.'); + } elsif ($change_failed eq 'invalid_client') { + my $homeserver = &Apache::lonnet::homeserver($data{'username'},$data{'domain'}); + if ($homeserver eq 'no_host') { + $msg .= &generic_failure_msg($contact_name,$contact_email); + } else { + my $protocol = $Apache::lonnet::protocol{$homeserver}; + $protocol = 'http' if ($protocol ne 'https'); + my $url = $protocol.'://'.&Apache::lonnet::hostname($homeserver). + '/adm/resetpw'; + my ($opentag,$closetag); + if ($url) { + $opentag = ''; + $closetag = ''; + } + $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please try again from your [_1]home server[_2].',$opentag,$closetag); + } } else { - $msg .= &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.',$contact_name,$contact_email); + $msg .= &generic_failure_msg($contact_name,$contact_email); } } else { $r->print(&mt('The token included in an email sent to you [_1] has been verified, so you may now proceed to reset the password for your LON-CAPA account.',$reqtime).'

'); @@ -272,6 +321,12 @@ sub reset_passwd { return $msg; } +sub generic_failure_msg { + my ($contact_name,$contact_email) = @_; + return &mt('A problem occurred when attempting to reset the password for your account. Please contact the [_1] - ([_2]) for assistance.', + $contact_name,''.$contact_email.''); +} + sub create_passwd { my $passwd = ''; my @letts = ("a".."z");