Actions for resetting passwords
This commit is contained in:
parent
1c6e8811dc
commit
27fda1f00a
|
@ -32,7 +32,6 @@ Run the tests locally (against development environment):
|
|||
|
||||
## TODOs
|
||||
|
||||
1. Action for resetting passwords
|
||||
1. Action for locking/unlocking accounts
|
||||
1. CSS
|
||||
1. "All new posts flagged" mode (require approval for new posts)
|
||||
|
|
|
@ -160,6 +160,10 @@ sub startup($self) {
|
|||
->to('moderator#hidden')
|
||||
->name('hidden_list');
|
||||
|
||||
$moderator->any([qw{GET POST}], '/reset')
|
||||
->to('moderator#mod_reset')
|
||||
->name('mod_reset');
|
||||
|
||||
my $mod_thread = $moderator->under('/thread');
|
||||
|
||||
$mod_thread->get('/unflag/:thread_id', [thread_id => qr/\d+/])
|
||||
|
@ -198,6 +202,10 @@ sub startup($self) {
|
|||
$mod_admin->any([qw{GET POST}], '/create')
|
||||
->to('moderator#create')
|
||||
->name('create_mod');
|
||||
|
||||
$mod_admin->any([qw{GET POST}], '/reset')
|
||||
->to('moderator#admin_reset')
|
||||
->name('admin_reset');
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -180,4 +180,57 @@ sub create($self) {
|
|||
return $self->render;
|
||||
}
|
||||
|
||||
sub admin_reset($self) {
|
||||
my $v;
|
||||
|
||||
$v = $self->validation if $self->req->method eq 'POST';
|
||||
|
||||
if ($v && $v->has_data) {
|
||||
$v->required('email' );
|
||||
$v->required('password');
|
||||
|
||||
if ($v->has_error) {
|
||||
$self->stash(status => 400)
|
||||
}
|
||||
else {
|
||||
my ($email, $password);
|
||||
|
||||
$email = $self->param('email' );
|
||||
$password = $self->param('password');
|
||||
|
||||
$self->moderator->admin_reset($email, $password);
|
||||
$self->stash(info => "Reset password for $email 🔐");
|
||||
}
|
||||
}
|
||||
|
||||
return $self->render;
|
||||
}
|
||||
|
||||
sub mod_reset($self) {
|
||||
my $v;
|
||||
|
||||
$v = $self->validation if $self->req->method eq 'POST';
|
||||
|
||||
if ($v && $v->has_data) {
|
||||
$v->required('password');
|
||||
|
||||
if ($v->has_error) {
|
||||
$self->stash(status => 400)
|
||||
}
|
||||
else {
|
||||
my ($password, $mod_id);
|
||||
|
||||
$password = $self->param('password');
|
||||
$mod_id = $self->session->{'mod_id'};
|
||||
|
||||
$self->moderator->mod_reset($mod_id, $password);
|
||||
$self->flash(info => "Password has been reset 🔐");
|
||||
|
||||
return $self->redirect_to('flagged_list');
|
||||
}
|
||||
}
|
||||
|
||||
return $self->render;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -172,4 +172,24 @@ sub hidden($self) {
|
|||
END_SQL
|
||||
}
|
||||
|
||||
sub admin_reset($self, $email, $password) {
|
||||
my $password_hash = $self->authenticator->hash_password($password);
|
||||
|
||||
$self->pg->db->query(<<~'END_SQL', $password_hash, $email);
|
||||
UPDATE moderators
|
||||
SET password_hash = ?
|
||||
WHERE email_addr = ?;
|
||||
END_SQL
|
||||
}
|
||||
|
||||
sub mod_reset($self, $mod_id, $password) {
|
||||
my $password_hash = $self->authenticator->hash_password($password);
|
||||
|
||||
$self->pg->db->query(<<~'END_SQL', $password_hash, $mod_id);
|
||||
UPDATE moderators
|
||||
SET password_hash = ?
|
||||
WHERE moderator_id = ?;
|
||||
END_SQL
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
23
t/admin.t
23
t/admin.t
|
@ -23,19 +23,24 @@ subtest Login => sub {
|
|||
$t->get_ok('/moderator/flagged')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Flagged Posts/)
|
||||
->element_exists('a[href*="/moderator/admin/create"]' );
|
||||
|
||||
$t->get_ok('/moderator/hidden')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Hidden Posts/)
|
||||
->element_exists('a[href*="/moderator/admin/create"]' );
|
||||
->element_exists('a[href*="/moderator/admin/create"]')
|
||||
->element_exists('a[href*="/moderator/admin/reset"]' )
|
||||
};
|
||||
|
||||
subtest Create => sub {
|
||||
$t->get_ok('/moderator/admin/create')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Create Moderator/)
|
||||
->element_exists('a[href*="/moderator/admin/create"]' )
|
||||
->element_exists('form input[name="name"]' )
|
||||
->element_exists('form input[name="email"]' )
|
||||
->element_exists('form input[name="password"]')
|
||||
};
|
||||
|
||||
subtest Reset => sub {
|
||||
$t->get_ok('/moderator/admin/reset')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Reset Password/)
|
||||
->element_exists('a[href*="/moderator/admin/reset"]')
|
||||
};
|
||||
|
||||
# Admin session ends
|
||||
|
@ -46,11 +51,11 @@ subtest Login => sub {
|
|||
subtest 'No admin, no buttons', sub {
|
||||
$t->get_ok('/thread/single/1')
|
||||
->status_is(200)
|
||||
->element_exists_not('a[href*="/moderator/admin/create"]' );
|
||||
->element_exists_not('a[href*="/moderator/admin/create"]');
|
||||
|
||||
$t->get_ok('/remark/single/1')
|
||||
->status_is(200)
|
||||
->element_exists_not('a[href*="/moderator/admin/create"]' );
|
||||
->element_exists_not('a[href*="/moderator/admin/create"]');
|
||||
|
||||
$t->get_ok('/moderator/admin/create')
|
||||
->status_is(302)
|
||||
|
|
|
@ -80,18 +80,26 @@ subtest Login => sub {
|
|||
$t->get_ok('/moderator/flagged')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Flagged Posts/)
|
||||
->element_exists('a[href*="/moderator/flagged"]' )
|
||||
->element_exists('a[href*="/moderator/hidden"]' )
|
||||
->element_exists('a[href*="/logout"]' )
|
||||
->element_exists('a[href*="/moderator/flagged"]')
|
||||
->element_exists('a[href*="/moderator/hidden"]' )
|
||||
->element_exists('a[href*="/logout"]' )
|
||||
};
|
||||
|
||||
subtest Hidden => sub {
|
||||
$t->get_ok('/moderator/hidden')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Hidden Posts/)
|
||||
->element_exists('a[href*="/moderator/flagged"]' )
|
||||
->element_exists('a[href*="/moderator/hidden"]' )
|
||||
->element_exists('a[href*="/logout"]' )
|
||||
->element_exists('a[href*="/moderator/flagged"]')
|
||||
->element_exists('a[href*="/moderator/hidden"]' )
|
||||
->element_exists('a[href*="/logout"]' )
|
||||
};
|
||||
|
||||
subtest Reset => sub {
|
||||
$t->get_ok('/moderator/reset')
|
||||
->status_is(200)
|
||||
->text_like(h2 => qr/Reset Password/)
|
||||
->element_exists('a[href*="/moderator/reset"]')
|
||||
->element_exists('form input[name="password"]')
|
||||
};
|
||||
|
||||
# Mod session ends
|
||||
|
|
|
@ -19,13 +19,15 @@
|
|||
<span>Moderate:</span>
|
||||
<%= link_to Flagged => 'flagged_list' %>
|
||||
<%= link_to Hidden => 'hidden_list' %>
|
||||
<%= link_to Reset => 'mod_reset' %>
|
||||
<%= link_to Logout => 'mod_logout' %>
|
||||
<% } =%>
|
||||
</div>
|
||||
<div>
|
||||
<% if (is_admin) { =%>
|
||||
<span>Admin:</span>
|
||||
<%= link_to Create => 'create_mod' %>
|
||||
<%= link_to Create => 'create_mod' %>
|
||||
<%= link_to Reset => 'admin_reset' %>
|
||||
<% } =%>
|
||||
</div>
|
||||
</nav>
|
||||
|
|
15
templates/moderator/admin_reset.html.ep
Normal file
15
templates/moderator/admin_reset.html.ep
Normal file
|
@ -0,0 +1,15 @@
|
|||
% layout 'default';
|
||||
% title 'Reset Password';
|
||||
<h2><%= title %></h2>
|
||||
<form method="post">
|
||||
<div class="email field">
|
||||
<%= label_for email => 'Email' %>
|
||||
<%= email_field 'email' %>
|
||||
</div>
|
||||
<div class="password field">
|
||||
<%= label_for password => 'Password' %>
|
||||
<%= password_field 'password' %>
|
||||
</div>
|
||||
<%= submit_button 'Reset' %>
|
||||
</form>
|
||||
|
11
templates/moderator/mod_reset.html.ep
Normal file
11
templates/moderator/mod_reset.html.ep
Normal file
|
@ -0,0 +1,11 @@
|
|||
% layout 'default';
|
||||
% title 'Reset Password';
|
||||
<h2><%= title %></h2>
|
||||
<form method="post">
|
||||
<div class="password field">
|
||||
<%= label_for password => 'Password' %>
|
||||
<%= password_field 'password' %>
|
||||
</div>
|
||||
<%= submit_button 'Reset' %>
|
||||
</form>
|
||||
|
Loading…
Reference in a new issue