/* * This file is a part of Winix * and is not publicly distributed * * Copyright (c) 2012, Tomasz Sowa * All rights reserved. * */ #include "pw.h" #include "core/log.h" #include "core/misc.h" #include "functions/functions.h" namespace Fun { Pw::Pw() { fun.url = L"pw"; } bool Pw::HasAccess() { return true; } bool Pw::ActivateAccount(User * puser, long code, bool use_ses_log) { std::wstring * user_code_str = puser->aenv.GetValue(L"activation_code"); if( user_code_str ) { if( Tol(*user_code_str) == code ) { if( db->ChangeUserStatus(puser->id, WINIX_ACCOUNT_READY) == WINIX_ERR_OK ) { puser->aenv.Remove(L"activation_code"); db->ChangeUserAdminEnv(puser->id, puser->aenv); puser->status = WINIX_ACCOUNT_READY; log << log2 << "Pw: account: " << puser->name << " activated" << logend; if( use_ses_log ) slog << loginfo << T(L"account_activated") << logend; return true; } else { log << log1 << "Pw: account not activated -- database error" << logend; } } else { log << log2 << "Pw: incorrect activation code" << logend; if( use_ses_log ) slog << logerror << T(L"incorrect_activation_code") << logend; } } else { log << log1 << "Pw: there is no activation_code value in admin environment" << logend; if( use_ses_log ) slog << loginfo << T(L"account_cannot_be_activated") << logend; } return false; } bool Pw::ActivateAccount(const std::wstring & login, long code, bool use_ses_log) { bool result = false; User * puser = system->users.GetUser(login); if( puser ) { if( puser->status == WINIX_ACCOUNT_NOT_ACTIVATED ) { result = ActivateAccount(puser, code, use_ses_log); } else { log << log2 << "Pw: this account is already activated" << logend; if( use_ses_log ) slog << loginfo << T(L"account_already_activated") << logend; } } else { log << log1 << "Pw: there is no a user: " << login << logend; } return result; } void Pw::ActivateAccount() { const std::wstring & login = cur->request->ParamValue(L"login"); long code = Tol(cur->request->ParamValue(L"code")); ActivateAccount(login, code, true); system->RedirectToLastItem(); } bool Pw::SetNewPassword(User * puser, bool use_ses_log) { bool result = false; const std::wstring & pass = cur->request->PostVar(L"passwordnew"); const std::wstring & pass_conf = cur->request->PostVar(L"passwordconfirm"); if( functions->fun_passwd.IsPasswordCorrect(pass, pass_conf, use_ses_log) ) { if( functions->fun_passwd.ChangePassword(puser->id, pass) ) { result = true; if( use_ses_log ) slog << loginfo << T("pw_password_changed") << logend; } else { if( use_ses_log ) slog << logerror << T("service_unavailable") << logend; } } return result; } bool Pw::ResetPassword(User * puser, long code, bool use_ses_log, bool only_check_access) { std::wstring * user_code_str = puser->aenv.GetValue(L"password_change_code"); if( user_code_str ) { if( Tol(*user_code_str) == code ) { if( only_check_access ) return true; else return SetNewPassword(puser, use_ses_log); } else { log << log2 << "Pw: incorrect change password code" << logend; if( use_ses_log ) slog << logerror << T(L"incorrect_change_password_code") << logend; } } else { log << log1 << "Pw: there is no change password code in admin environment" << logend; if( use_ses_log ) slog << loginfo << T(L"password_cannot_be_changed") << logend; } return false; } bool Pw::ResetPassword(const std::wstring & login, long code, bool use_ses_log, bool only_check_access) { bool result = false; User * puser = system->users.GetUser(login); if( puser ) { long t = static_cast(cur->request->start_time); if( puser->aenv.Long(L"password_change_time") + config->reset_password_code_expiration_time > t ) { result = ResetPassword(puser, code, use_ses_log, only_check_access); } else { log << log2 << "Pw: the code has expired" << logend; if( use_ses_log ) slog << logerror << T(L"code_expired") << logend; } } else { log << log1 << "Pw: there is no a user: " << login << logend; } return result; } void Pw::ResetPassword() { const std::wstring & login = cur->request->PostVar(L"login"); long code = Tol(cur->request->PostVar(L"code")); ResetPassword(login, code, true, false); system->RedirectToLastItem(); } void Pw::ShowResetPasswordForm() { const std::wstring & login = cur->request->ParamValue(L"login"); long code = Tol(cur->request->ParamValue(L"code")); if( !login.empty() ) { if( !ResetPassword(login, code, true, true) ) system->RedirectToLastItem(); } else { system->RedirectToLastItem(); } } void Pw::MakePost() { if( cur->request->IsParam(L"resetpassword") ) ResetPassword(); } void Pw::MakeGet() { if( cur->request->IsParam(L"activate") ) ActivateAccount(); else if( cur->request->IsParam(L"resetpassword") ) ShowResetPasswordForm(); } } // namespace