winix/functions/passwd.cpp

/*
 * This file is a part of Winix
 * and is not publicly distributed
 * 
 * Copyright (c) 2011, Tomasz Sowa
 * All rights reserved.
 * 
 */

#include "passwd.h"
#include "core/slog.h"
#include "functions/functions.h"


namespace Fun
{


Passwd::Passwd()
{
	fun.url = L"passwd";
}



bool Passwd::HasAccess()
{
	return cur->session->puser != 0;
}



bool Passwd::ChangePassword(const std::wstring & login, const std::wstring & new_password)
{
	up.pass = new_password;
	system->crypt.PassHashCrypt(up);
	Error res = db->ChangePass(login, up.pass, up.pass_encrypted, up.pass_type, up.pass_hash_salted);

return res == WINIX_ERR_OK;
}


/*
	if you are a root (super_user) you can change a password for everyone
	(the html form has a select option)

	but if you are not a root you can change only your password
	and you should provide your current password as well
*/
void Passwd::MakePost()
{
long user_id;
const std::wstring * plogin;

	if( !cur->session->puser )
		return;

	bool is_root = cur->session->puser->super_user;

	if( is_root )
		plogin = &cur->request->PostVar(L"login");
	else
		plogin = &cur->session->puser->name;

	const std::wstring & pass_cur  = cur->request->PostVar(L"passwordcur");
	const std::wstring & pass_new  = cur->request->PostVar(L"passwordnew");
	const std::wstring & pass_conf = cur->request->PostVar(L"passwordconfirm");

	if( !is_root && !functions->fun_login.CheckUserPass(*plogin, pass_cur, user_id) )
	{
		log << log3 << "Passwd: incorrect current password" << logend;
		slog << logerror << T("passwd_err_bad_current_password") << logend;
		return;
	}

	if( !functions->fun_adduser.IsPasswordCorrect(pass_new, pass_conf) )
		return;

	if( ChangePassword(*plogin, pass_new) )
	{
		log << log2 << "Passwd: password for " << plogin << " has been changed" << logend;
		slog << loginfo << T("passwd_password_changed") << logend;
		system->RedirectToLastItem();
	}
}



} // namespace