257 lines
4.9 KiB
C++
Executable File
257 lines
4.9 KiB
C++
Executable File
/*
|
|
* This file is a part of Winix
|
|
* and is not publicly distributed
|
|
*
|
|
* Copyright (c) 2012, Tomasz Sowa
|
|
* All rights reserved.
|
|
*
|
|
*/
|
|
|
|
#include "pw.h"
|
|
#include "core/log.h"
|
|
#include "core/misc.h"
|
|
#include "functions/functions.h"
|
|
|
|
|
|
namespace Fun
|
|
{
|
|
|
|
Pw::Pw()
|
|
{
|
|
fun.url = L"pw";
|
|
}
|
|
|
|
|
|
bool Pw::HasAccess()
|
|
{
|
|
return true;
|
|
}
|
|
|
|
|
|
|
|
bool Pw::ActivateAccount(User * puser, long code, bool use_ses_log)
|
|
{
|
|
std::wstring * user_code_str = puser->aenv.GetValue(L"activation_code");
|
|
|
|
if( user_code_str )
|
|
{
|
|
if( Tol(*user_code_str) == code )
|
|
{
|
|
if( db->ChangeUserStatus(puser->id, WINIX_ACCOUNT_READY) == WINIX_ERR_OK )
|
|
{
|
|
puser->aenv.Remove(L"activation_code");
|
|
db->ChangeUserAdminEnv(puser->id, puser->aenv);
|
|
puser->status = WINIX_ACCOUNT_READY;
|
|
|
|
log << log2 << "Pw: account: " << puser->name << " activated" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << loginfo << T(L"account_activated") << logend;
|
|
|
|
return true;
|
|
}
|
|
else
|
|
{
|
|
log << log1 << "Pw: account not activated -- database error" << logend;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
log << log2 << "Pw: incorrect activation code" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << logerror << T(L"incorrect_activation_code") << logend;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
log << log1 << "Pw: there is no activation_code value in admin environment" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << loginfo << T(L"account_cannot_be_activated") << logend;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
|
|
bool Pw::ActivateAccount(const std::wstring & login, long code, bool use_ses_log)
|
|
{
|
|
bool result = false;
|
|
User * puser = system->users.GetUser(login);
|
|
|
|
if( puser )
|
|
{
|
|
if( puser->status == WINIX_ACCOUNT_NOT_ACTIVATED )
|
|
{
|
|
result = ActivateAccount(puser, code, use_ses_log);
|
|
}
|
|
else
|
|
{
|
|
log << log2 << "Pw: this account is already activated" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << loginfo << T(L"account_already_activated") << logend;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
log << log1 << "Pw: there is no a user: " << login << logend;
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
|
|
void Pw::ActivateAccount()
|
|
{
|
|
const std::wstring & login = cur->request->ParamValue(L"login");
|
|
long code = Tol(cur->request->ParamValue(L"code"));
|
|
|
|
ActivateAccount(login, code, true);
|
|
system->RedirectToLastItem();
|
|
}
|
|
|
|
|
|
|
|
bool Pw::SetNewPassword(User * puser, bool use_ses_log)
|
|
{
|
|
bool result = false;
|
|
|
|
const std::wstring & pass = cur->request->PostVar(L"passwordnew");
|
|
const std::wstring & pass_conf = cur->request->PostVar(L"passwordconfirm");
|
|
|
|
if( functions->fun_passwd.IsPasswordCorrect(pass, pass_conf, use_ses_log) )
|
|
{
|
|
if( functions->fun_passwd.ChangePassword(puser->id, pass) )
|
|
{
|
|
result = true;
|
|
|
|
if( use_ses_log )
|
|
slog << loginfo << T("pw_password_changed") << logend;
|
|
}
|
|
else
|
|
{
|
|
if( use_ses_log )
|
|
slog << logerror << T("service_unavailable") << logend;
|
|
}
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
|
|
bool Pw::ResetPassword(User * puser, long code, bool use_ses_log, bool only_check_access)
|
|
{
|
|
std::wstring * user_code_str = puser->aenv.GetValue(L"password_change_code");
|
|
|
|
if( user_code_str )
|
|
{
|
|
if( Tol(*user_code_str) == code )
|
|
{
|
|
if( only_check_access )
|
|
return true;
|
|
else
|
|
return SetNewPassword(puser, use_ses_log);
|
|
}
|
|
else
|
|
{
|
|
log << log2 << "Pw: incorrect change password code" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << logerror << T(L"incorrect_change_password_code") << logend;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
log << log1 << "Pw: there is no change password code in admin environment" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << loginfo << T(L"password_cannot_be_changed") << logend;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
|
|
bool Pw::ResetPassword(const std::wstring & login, long code, bool use_ses_log, bool only_check_access)
|
|
{
|
|
bool result = false;
|
|
User * puser = system->users.GetUser(login);
|
|
|
|
if( puser )
|
|
{
|
|
long t = static_cast<long>(cur->request->start_time);
|
|
|
|
if( puser->aenv.Long(L"password_change_time") + config->reset_password_code_expiration_time > t )
|
|
{
|
|
result = ResetPassword(puser, code, use_ses_log, only_check_access);
|
|
}
|
|
else
|
|
{
|
|
log << log2 << "Pw: the code has expired" << logend;
|
|
|
|
if( use_ses_log )
|
|
slog << logerror << T(L"code_expired") << logend;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
log << log1 << "Pw: there is no a user: " << login << logend;
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
void Pw::ResetPassword()
|
|
{
|
|
const std::wstring & login = cur->request->PostVar(L"login");
|
|
long code = Tol(cur->request->PostVar(L"code"));
|
|
|
|
ResetPassword(login, code, true, false);
|
|
system->RedirectToLastItem();
|
|
}
|
|
|
|
|
|
void Pw::ShowResetPasswordForm()
|
|
{
|
|
const std::wstring & login = cur->request->ParamValue(L"login");
|
|
long code = Tol(cur->request->ParamValue(L"code"));
|
|
|
|
if( !login.empty() )
|
|
{
|
|
if( !ResetPassword(login, code, true, true) )
|
|
system->RedirectToLastItem();
|
|
}
|
|
else
|
|
{
|
|
system->RedirectToLastItem();
|
|
}
|
|
}
|
|
|
|
|
|
void Pw::MakePost()
|
|
{
|
|
if( cur->request->IsParam(L"resetpassword") )
|
|
ResetPassword();
|
|
}
|
|
|
|
|
|
void Pw::MakeGet()
|
|
{
|
|
if( cur->request->IsParam(L"activate") )
|
|
ActivateAccount();
|
|
else
|
|
if( cur->request->IsParam(L"resetpassword") )
|
|
ShowResetPasswordForm();
|
|
}
|
|
|
|
|
|
|
|
|
|
} // namespace
|
|
|