Software / code / prosody-modules
Annotate
mod_password_reset/mod_password_reset.lua @ 6310:30adcea825c3
mod_conversejs: Fix hostname set as default username (thanks roughnecks)
In login mode, it seems jid is used as default value in the login field
but it was only needed in anonymous mode.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Wed, 18 Jun 2025 14:28:38 +0200 |
| parent | 6229:eb8659ba53e5 |
| rev | line source |
|---|---|
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local adhoc_new = module:require "adhoc".new; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local adhoc_simple_form = require "util.adhoc".new_simple_form; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local new_token = require "util.id".long; |
|
3353
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
4 local new_error_id = require "util.id".short; |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local jid_prepped_split = require "util.jid".prepped_split; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local http_formdecode = require "net.http".formdecode; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 local usermanager = require "core.usermanager"; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local dataforms_new = require "util.dataforms".new; |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
9 local st = require "util.stanza"; |
|
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
10 local apply_template = require"util.interpolation".new("%b{}", st.xml_escape); |
|
6229
eb8659ba53e5
mod_password_reset: Remove compatibility with 0.11
Link Mauve <linkmauve@linkmauve.fr>
parents:
4976
diff
changeset
|
11 local http_files = require "net.http.files"; |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 local reset_tokens = module:open_store(); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 local max_token_age = module:get_option_number("password_reset_validity", 86400); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
|
3355
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
17 module:depends("adhoc"); |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
18 module:depends("http"); |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
19 local password_policy = module:depends("password_policy"); |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
21 local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a"); |
|
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
22 local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a"); |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 function generate_page(event) |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 local request, response = event.request, event.response; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 local token = request.url.query; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 local reset_info = token and reset_tokens:get(token); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 response.headers.content_type = "text/html; charset=utf-8"; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 module:log("warn", "Expired token: %s", token or "<none>"); |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
34 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
37 return apply_template(form_template, { |
|
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
38 jid = reset_info.user.."@"..module.host; |
|
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
39 token = token; |
|
3355
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
40 min_password_length = password_policy.get_policy().length; |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
41 }); |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 function handle_form(event) |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 local request, response = event.request, event.response; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 local form_data = http_formdecode(request.body); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 local password, token = form_data["password"], form_data["token"]; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 local reset_info = reset_tokens:get(token); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 response.headers.content_type = "text/html; charset=utf-8"; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
54 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 |
|
3355
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
57 local policy_ok, policy_err = password_policy.check_password(password); |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
58 if not policy_ok then |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
59 return apply_template(form_template, { |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
60 classes = "alert-danger", message = "Unsuitable password: "..policy_err; |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
61 jid = reset_info.user.."@"..module.host; |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
62 token = token; |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
63 min_password_length = password_policy.get_policy().length; |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
64 }) |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
65 end |
|
3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
Matthew Wild <mwild1@gmail.com>
parents:
3353
diff
changeset
|
66 |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 local ok, err = usermanager.set_password(reset_info.user, password, module.host); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 if ok then |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 reset_tokens:set(token, nil); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
72 return apply_template(result_template, { classes = "alert-success", |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 message = "Your password has been updated! Happy chatting :)" }) |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 else |
|
3353
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
75 local error_id = new_error_id(); |
|
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
76 module:log("warn", "Resetting password for %s failed: %s [%s]", reset_info.user, err, error_id); |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
77 return apply_template(result_template, { |
|
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
78 classes = "alert-danger"; |
|
3353
e8d6f602f382
mod_password_reset: Improve error reporting when setting a password fails
Matthew Wild <mwild1@gmail.com>
parents:
3352
diff
changeset
|
79 message = "An unknown error has occurred. Please contact your administrator and quote error id '"..error_id.."'"; |
|
3352
f7668aee968a
mod_password_reset: Switch to util.interpolation (our standard template library)
Matthew Wild <mwild1@gmail.com>
parents:
3344
diff
changeset
|
80 }) |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 module:provides("http", { |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 route = { |
|
6229
eb8659ba53e5
mod_password_reset: Remove compatibility with 0.11
Link Mauve <linkmauve@linkmauve.fr>
parents:
4976
diff
changeset
|
86 ["GET /bootstrap.min.css"] = http_files.serve(module:get_directory() .. "/password_reset/bootstrap.min.css"); |
|
3344
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 ["GET /reset"] = generate_page; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 ["POST /reset"] = handle_form; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 }); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 -- Changing a user's password |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 local reset_password_layout = dataforms_new{ |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 title = "Generate password reset link"; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 instructions = "Please enter the details of the user who needs a reset link."; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 { name = "FORM_TYPE", type = "hidden", value = "http://prosody.im/protocol/adhoc/mod_password_reset" }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 { name = "accountjid", type = "jid-single", required = true, label = "JID" }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 local reset_command_handler = adhoc_simple_form(reset_password_layout, function (data, errors) |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 if errors then |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 local errmsg = {}; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 for name, text in pairs(errors) do |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 errmsg[#errmsg + 1] = name .. ": " .. text; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
107 return { status = "completed", error = { message = table.concat(errmsg, "\n") } }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
108 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
109 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
110 local jid = data.accountjid; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
111 local user, host = jid_prepped_split(jid); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
112 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 if host ~= module.host then |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 return { |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
115 status = "completed"; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 error = { message = "You may only generate password reset links for users on "..module.host.."." }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 end |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 local token = new_token(); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 reset_tokens:set(token, { |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 generated_at = os.time(); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
123 user = user; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
124 }); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
125 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
126 return { info = module:http_url() .. "/reset?" .. token, status = "completed" }; |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
127 end); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
128 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 local adhoc_reset = adhoc_new( |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
130 "Generate password reset link", |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 "password_reset", |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
132 reset_command_handler, |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
133 "admin" |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
134 ); |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
135 |
|
0ce475235ae1
mod_password_reset: New module for self-service password resets via a web page
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 module:add_item("adhoc", adhoc_reset); |
