[LON-CAPA-cvs] cvs: loncom /interface resetpw.pm
raeburn
raeburn at source.lon-capa.org
Mon Sep 12 12:02:17 EDT 2016
raeburn Mon Sep 12 16:02:17 2016 EDT
Modified files:
/loncom/interface resetpw.pm
Log:
- When using Forgot Password utility, user will be redirected to their
home server, if the domain they select is for a different institution
than the current server.
- Disable autocapitalization for input textboxes for username and e-mail
address for forgot password form, if user agent suggests a mobile device.
- Client-side validation for non-empty username and e-mail textboxes.
-------------- next part --------------
Index: loncom/interface/resetpw.pm
diff -u loncom/interface/resetpw.pm:1.37 loncom/interface/resetpw.pm:1.38
--- loncom/interface/resetpw.pm:1.37 Wed Jan 27 00:24:09 2016
+++ loncom/interface/resetpw.pm Mon Sep 12 16:02:16 2016
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Allow access to password changing via a token sent to user's e-mail.
#
-# $Id: resetpw.pm,v 1.37 2016/01/27 00:24:09 raeburn Exp $
+# $Id: resetpw.pm,v 1.38 2016/09/12 16:02:16 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -57,6 +57,7 @@
use Apache::loncommon;
use Apache::lonlocal;
use LONCAPA;
+use HTML::Entities;
sub handler {
my $r = shift;
@@ -87,8 +88,20 @@
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
my @emailtypes = ('permanentemail','critnotification','notification');
- my $uname = &unescape($env{'form.uname'});
- my $udom = $env{'form.udom'};
+ my $uname = $env{'form.uname'};
+ $uname =~ s/^\s+|\s+$//g;
+ $uname = &LONCAPA::clean_username($uname);
+ my $udom = &LONCAPA::clean_domain($env{'form.udom'});
+ my ($domdesc,$otherinst);
+ if ($udom) {
+ $domdesc = &Apache::lonnet::domain($udom,'description');
+ if ($domdesc) {
+ my %servers = &Apache::lonnet::internet_dom_servers($udom);
+ unless (exists($servers{$server})) {
+ $otherinst = 1;
+ }
+ }
+ }
my $token = $env{'form.token'};
my $brcrum = [];
if ($token) {
@@ -106,71 +119,152 @@
}
}
my $args = {bread_crumbs => $brcrum};
- $r->print(&Apache::loncommon::start_page('Reset password','',$args));
- $r->print('<h2>'.&mt('Reset forgotten LON-CAPA password').'</h2>');
+ my $js;
+ unless ($token || $otherinst || ($uname && $udom)) {
+ my (@intdoms, at instdoms);
+ my $internet_names = &Apache::lonnet::get_internet_names($server);
+ if (ref($internet_names) eq 'ARRAY') {
+ @intdoms = @{$internet_names};
+ }
+ if (@intdoms) {
+ my %iphost = &Apache::lonnet::get_iphost();
+ foreach my $ip (keys(%iphost)) {
+ if (ref($iphost{$ip}) eq 'ARRAY') {
+ foreach my $id (@{$iphost{$ip}}) {
+ my $location = &Apache::lonnet::internet_dom($id);
+ if ($location) {
+ if (grep(/^\Q$location\E$/, at intdoms)) {
+ my $dom = &Apache::lonnet::host_domain($id);
+ unless (grep(/^\Q$dom\E/, at instdoms)) {
+ push(@instdoms,$dom);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ my $instdomstr;
+ if (@instdoms > 0) {
+ $instdomstr = "'".join("','", at instdoms)."'";
+ }
+ my %js_lt = &Apache::lonlocal::texthash(
+ thdo => 'The domain you have selected is for another institution.',
+ yowi => 'You will be switched to the Forgot Password utility at that institution.',
+ unam => 'You must enter a username.',
+ mail => 'You must enter an e-mail address.'
+ );
+ &js_escape(\%js_lt);
+ $js = <<"END";
+<script type="text/javascript">
+// <![CDATA[
+function verifyDomain(caller,form) {
+ var redirect = 1;
+ var instdoms = new Array($instdomstr);
+ if (instdoms.length > 0) {
+ for (var i=0; i<instdoms.length; i++) {
+ if (caller.options[caller.selectedIndex].value == instdoms[i]) {
+ redirect = 0;
+ break;
+ }
+ }
+ }
+ if (redirect == 1) {
+ if (confirm('$js_lt{thdo}\\n$js_lt{yowi}')) {
+ form.submit();
+ }
+ }
+ return;
+}
+
+function validInfo() {
+ if (document.forgotpw.uname.value == '') {
+ alert("$js_lt{'unam'}");
+ return false;
+ }
+ if (document.forgotpw.useremail.value == '') {
+ alert("$js_lt{'mail'}");
+ return false;
+ }
+ return true;
+}
+// ]]>
+</script>
+END
+ }
+ my $header = &Apache::loncommon::start_page('Reset password',$js,$args).
+ '<h2>'.&mt('Reset forgotten LON-CAPA password').'</h2>';
my $output;
if ($token) {
$output = &reset_passwd($r,$token,$contact_name,$contact_email);
- } elsif ($uname && $udom) {
- my $domdesc = &Apache::lonnet::domain($udom,'description');
- my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom);
- if ($authtype =~ /^internal/) {
- my $useremail = $env{'form.useremail'};
- my ($blocked,$blocktext) =
- &Apache::loncommon::blocking_status('passwd',$uname,$udom);
- if ($blocked) {
- $output = '<p class="LC_warning">'.$blocktext.'</p>'
- .&display_actions($contact_email,$domdesc);
- } elsif ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
+ } elsif ($udom) {
+ if (!$domdesc) {
+ $output = &invalid_state('baddomain',$domdesc,
+ $contact_name,$contact_email);
+ } elsif ($otherinst) {
+ ($header,$output) = &homeserver_redirect($uname,$udom,$domdesc,$brcrum);
+ } elsif ($uname) {
+ my $authtype = &Apache::lonnet::queryauthenticate($uname,$udom);
+ if ($authtype =~ /^internal/) {
+ my $useremail = $env{'form.useremail'};
+ my ($blocked,$blocktext) =
+ &Apache::loncommon::blocking_status('passwd',$uname,$udom);
+ if ($blocked) {
+ $output = '<p class="LC_warning">'.$blocktext.'</p>'
+ .&display_actions($contact_email,$domdesc);
+ } elsif ($useremail !~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
$output = &invalid_state('baduseremail',$domdesc,
$contact_name,$contact_email);
- } else {
- my %userinfo =
- &Apache::lonnet::get('environment',\@emailtypes,
- $udom,$uname);
- my @allemails;
- foreach my $type (@emailtypes) {
- my $email = $userinfo{$type};
- my @items;
- if ($email =~ /,/) {
- @items = split(',',$userinfo{$type});
- } else {
- @items = ($email);
- }
- foreach my $item (@items) {
- if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
- unless(grep(/^\Q$item\E$/, at allemails)) {
- push(@allemails,$item);
+ } else {
+ my %userinfo =
+ &Apache::lonnet::get('environment',\@emailtypes,
+ $udom,$uname);
+ my @allemails;
+ foreach my $type (@emailtypes) {
+ my $email = $userinfo{$type};
+ my @items;
+ if ($email =~ /,/) {
+ @items = split(',',$userinfo{$type});
+ } else {
+ @items = ($email);
+ }
+ foreach my $item (@items) {
+ if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
+ unless(grep(/^\Q$item\E$/, at allemails)) {
+ push(@allemails,$item);
+ }
}
}
}
- }
- if (@allemails > 0) {
- if (grep(/^\Q$useremail\E$/, at allemails)) {
- $output = &send_token($uname,$udom,$useremail,$server,
- $domdesc,$contact_name,
- $contact_email);
+ if (@allemails > 0) {
+ if (grep(/^\Q$useremail\E$/, at allemails)) {
+ $output = &send_token($uname,$udom,$useremail,$server,
+ $domdesc,$contact_name,
+ $contact_email);
+ } else {
+ $output = &invalid_state('mismatch',$domdesc,
+ $contact_name,
+ $contact_email);
+ }
} else {
- $output = &invalid_state('mismatch',$domdesc,
- $contact_name,
- $contact_email);
+ $output = &invalid_state('missing',$domdesc,
+ $contact_name,$contact_email);
}
- } else {
- $output = &invalid_state('missing',$domdesc,
- $contact_name,$contact_email);
}
+ } elsif ($authtype =~ /^(krb|unix|local)/) {
+ $output = &invalid_state('authentication',$domdesc,
+ $contact_name,$contact_email);
+ } else {
+ $output = &invalid_state('invalid',$domdesc,
+ $contact_name,$contact_email);
}
- } elsif ($authtype =~ /^(krb|unix|local)/) {
- $output = &invalid_state('authentication',$domdesc,
- $contact_name,$contact_email);
} else {
- $output = &invalid_state('invalid',$domdesc,
- $contact_name,$contact_email);
+ $output = &get_uname($defdom);
}
} else {
$output = &get_uname($defdom);
}
- $r->print($output);
+ $r->print($header.$output);
$r->print(&Apache::loncommon::end_page());
return OK;
}
@@ -189,16 +283,23 @@
.'<li>'.&mt('You must be able to access e-mail sent to that address.').'</li>'
.'<li>'.&mt('Your LON-CAPA account must be of a type for which LON-CAPA can reset a password.')
.'</ul>';
- $msg .= '<form name="forgotpw" method="post" action="/adm/resetpw">'.
+ my $mobileargs;
+ (undef,undef,undef,undef,undef,undef,my $clientmobile) =
+ &Apache::loncommon::decode_user_agent();
+ if ($clientmobile) {
+ $mobileargs = 'autocapitalize="off" autocorrect="off" ';
+ }
+ my $onchange = 'javascript:verifyDomain(this,this.form);';
+ $msg .= '<form name="forgotpw" method="post" action="/adm/resetpw" onsubmit="return validInfo();">'.
&Apache::lonhtmlcommon::start_pick_box().
&Apache::lonhtmlcommon::row_title($lt{'unam'}).
- '<input type="text" name="uname" size="20" />'.
+ '<input type="text" name="uname" size="20" '.$mobileargs.'/>'.
&Apache::lonhtmlcommon::row_closure(1).
&Apache::lonhtmlcommon::row_title($lt{'udom'}).
- &Apache::loncommon::select_dom_form($defdom,'udom').
+ &Apache::loncommon::select_dom_form($defdom,'udom',undef,undef,$onchange).
&Apache::lonhtmlcommon::row_closure(1).
&Apache::lonhtmlcommon::row_title($lt{'uemail'}).
- '<input type="text" name="useremail" size="30" />'.
+ '<input type="text" name="useremail" size="30" '.$mobileargs.'/>'.
&Apache::lonhtmlcommon::end_pick_box().
'<br /><br /><input type="submit" name="resetter" value="'.$lt{'proc'}.'" /></form>';
return $msg;
@@ -292,6 +393,8 @@
$msg = &mt('A valid e-mail address was not located in the LON-CAPA system for the username and domain you provided.');
} elsif ($error eq 'authentication') {
$msg = &mt('The username you provided uses an authentication type which can not be reset directly via LON-CAPA.');
+ } elsif ($error eq 'baddomain') {
+ $msg = &mt('The domain you provided was not verified as a valid domain in the LON-CAPA system.');
}
$msg = '<p class="LC_warning">'.$msg.'</p>'
.&display_actions($contact_email,$domdesc);
@@ -299,6 +402,25 @@
return $msg;
}
+sub homeserver_redirect {
+ my ($uname,$udom,$domdesc,$brcrum) = @_;
+ my $uhome = &Apache::lonnet::homeserver();
+ if ($uhome eq 'no_host') {
+ $uhome = &Apache::lonnet::domain($udom,'primary');
+ }
+ my $protocol = $Apache::lonnet::protocol{$uhome};
+ $protocol = 'http' if ($protocol ne 'https');
+ my $url = $protocol.'://'.&Apache::lonnet::hostname($uhome).'/adm/resetpw';
+ # Breadcrumbs
+ my $start_page = &Apache::loncommon::start_page('Switching Server',undef,
+ {'redirect' => [0,$url],
+ 'bread_crumbs' => $brcrum,});
+ my $output = '<p>'.&mt('This LON-CAPA server belongs to a different domain.').' '.
+ &mt('You are being switched to your domain ([_1]), to use the "Forgot Password" tool.',$domdesc).
+ '</p>';
+ return ($start_page,$output);
+}
+
sub reset_passwd {
my ($r,$token,$contact_name,$contact_email) = @_;
my $msg;
More information about the LON-CAPA-cvs
mailing list