Add reset password, fix #58

release/v1.15
Unknown 2014-04-05 12:32:34 -04:00
parent 3ebc9b991a
commit b7c3b0cc73
10 changed files with 214 additions and 29 deletions

View File

@ -367,6 +367,21 @@ func GetUserByName(name string) (*User, error) {
return user, nil
}
// GetUserByEmail returns the user object by given e-mail if exists.
func GetUserByEmail(email string) (*User, error) {
if len(email) == 0 {
return nil, ErrUserNotExist
}
user := &User{Email: strings.ToLower(email)}
has, err := orm.Get(user)
if err != nil {
return nil, err
} else if !has {
return nil, ErrUserNotExist
}
return user, nil
}
// LoginUserPlain validates user by raw user name and password.
func LoginUserPlain(name, passwd string) (*User, error) {
user := User{LowerName: strings.ToLower(name), Passwd: passwd}

View File

@ -67,6 +67,10 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{
"DateFormat": DateFormat,
"List": List,
"Mail2Domain": func(mail string) string {
if !strings.Contains(mail, "@") {
return "try.gogits.org"
}
suffix := strings.SplitN(mail, "@", 2)[1]
domain, ok := mailDomains[suffix]
if !ok {

View File

@ -86,7 +86,27 @@ func SendActiveMail(r *middleware.Render, user *models.User) {
}
msg := NewMailMessage([]string{user.Email}, subject, body)
msg.Info = fmt.Sprintf("UID: %d, send email verify mail", user.Id)
msg.Info = fmt.Sprintf("UID: %d, send active mail", user.Id)
SendAsync(&msg)
}
// Send reset password email.
func SendResetPasswdMail(r *middleware.Render, user *models.User) {
code := CreateUserActiveCode(user, nil)
subject := "Reset your password"
data := GetMailTmplData(user)
data["Code"] = code
body, err := r.HTMLString("mail/auth/reset_passwd", data)
if err != nil {
log.Error("mail.SendResetPasswdMail(fail to render): %v", err)
return
}
msg := NewMailMessage([]string{user.Email}, subject, body)
msg.Info = fmt.Sprintf("UID: %d, send reset password email", user.Id)
SendAsync(&msg)
}

View File

@ -403,9 +403,12 @@ func Activate(ctx *middleware.Context) {
if user := models.VerifyUserActiveCode(code); user != nil {
user.IsActive = true
user.Rands = models.GetUserSalt()
models.UpdateUser(user)
if err := models.UpdateUser(user); err != nil {
ctx.Handle(404, "user.Activate", err)
return
}
log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.LowerName)
log.Trace("%s User activated: %s", ctx.Req.RequestURI, user.Name)
ctx.Session.Set("userId", user.Id)
ctx.Session.Set("userName", user.Name)
@ -416,3 +419,80 @@ func Activate(ctx *middleware.Context) {
ctx.Data["IsActivateFailed"] = true
ctx.HTML(200, "user/active")
}
func ForgotPasswd(ctx *middleware.Context) {
ctx.Data["Title"] = "Forgot Password"
if base.MailService == nil {
ctx.Data["IsResetDisable"] = true
ctx.HTML(200, "user/forgot_passwd")
return
}
ctx.Data["IsResetRequest"] = true
if ctx.Req.Method == "GET" {
ctx.HTML(200, "user/forgot_passwd")
return
}
email := ctx.Query("email")
u, err := models.GetUserByEmail(email)
if err != nil {
if err == models.ErrUserNotExist {
ctx.RenderWithErr("This e-mail address does not associate to any account.", "user/forgot_passwd", nil)
} else {
ctx.Handle(404, "user.ResetPasswd(check existence)", err)
}
return
}
mailer.SendResetPasswdMail(ctx.Render, u)
ctx.Data["Email"] = email
ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60
ctx.Data["IsResetSent"] = true
ctx.HTML(200, "user/forgot_passwd")
}
func ResetPasswd(ctx *middleware.Context) {
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
if ctx.Req.Method == "GET" {
ctx.Data["IsResetForm"] = true
ctx.HTML(200, "user/reset_passwd")
return
}
if u := models.VerifyUserActiveCode(code); u != nil {
// Validate password length.
passwd := ctx.Query("passwd")
if len(passwd) < 6 || len(passwd) > 30 {
ctx.Data["IsResetForm"] = true
ctx.RenderWithErr("Password length should be in 6 and 30.", "user/reset_passwd", nil)
return
}
u.Passwd = passwd
if err := u.EncodePasswd(); err != nil {
ctx.Handle(404, "user.ResetPasswd(EncodePasswd)", err)
return
}
u.Rands = models.GetUserSalt()
if err := models.UpdateUser(u); err != nil {
ctx.Handle(404, "user.ResetPasswd(UpdateUser)", err)
return
}
log.Trace("%s User password reset: %s", ctx.Req.RequestURI, u.Name)
ctx.Redirect("/user/login")
return
}
ctx.Data["IsResetFailed"] = true
ctx.HTML(200, "user/reset_passwd")
}

View File

@ -0,0 +1,33 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>{{.User.Name}}, please reset your password</title>
</head>
<body style="background:#eee;">
<div style="color:#333; font:12px/1.5 Tahoma,Arial,sans-serif;; text-shadow:1px 1px #fff; padding:0; margin:0;">
<div style="width:600px;margin:0 auto; padding:40px 0 20px;">
<div style="border:1px solid #d9d9d9;border-radius:3px; background:#fff; box-shadow: 0px 2px 5px rgba(0, 0, 0,.05); -webkit-box-shadow: 0px 2px 5px rgba(0, 0, 0,.05);">
<div style="padding: 20px 15px;">
<h1 style="font-size:20px; padding:10px 0 20px; margin:0; border-bottom:1px solid #ddd;"><img src="{{.AppUrl}}/{{.AppLogo}}" style="height: 32px; margin-bottom: -10px;"> <a style="color:#333;text-decoration:none;" target="_blank" href="{{.AppUrl}}">{{.AppName}}</a></h1>
<div style="padding:40px 15px;">
<div style="font-size:16px; padding-bottom:30px; font-weight:bold;">
Hi <span style="color: #00BFFF;">{{.User.Name}}</span>,
</div>
<div style="font-size:14px; padding:0 15px;">
<p style="margin:0;padding:0 0 9px 0;">Please click following link to reset your password within <b>{{.ActiveCodeLives}} hours</b>.</p>
<p style="margin:0;padding:0 0 9px 0;">
<a href="{{.AppUrl}}user/reset_password?code={{.Code}}">{{.AppUrl}}user/reset_password?code={{.Code}}</a>
</p>
<p style="margin:0;padding:0 0 9px 0;">Copy and paste it to your browser if the link is not working.</p>
</div>
</div>
</div>
</div>
<div style="color:#aaa;padding:10px;text-align:center;">
© 2014 <a style="color:#888;text-decoration:none;" target="_blank" href="http://gogits.org">Gogs: Go Git Service</a>
</div>
</div>
</div>
</body>
</html>

View File

@ -1,25 +0,0 @@
{{template "mail/base.html" .}}
{{define "title"}}
{{if eq .Lang "zh-CN"}}
{{.User.NickName}},重置账户密码
{{end}}
{{if eq .Lang "en-US"}}
{{.User.NickName}}, reset your password
{{end}}
{{end}}
{{define "body"}}
{{if eq .Lang "zh-CN"}}
<p style="margin:0;padding:0 0 9px 0;">点击链接重置密码,{{.ResetPwdCodeLives}} 分钟内有效</p>
<p style="margin:0;padding:0 0 9px 0;">
<a href="{{.AppUrl}}reset/{{.Code}}">{{.AppUrl}}reset/{{.Code}}</a>
</p>
<p style="margin:0;padding:0 0 9px 0;">如果链接点击无反应,请复制到浏览器打开。</p>
{{end}}
{{if eq .Lang "en-US"}}
<p style="margin:0;padding:0 0 9px 0;">Please click following link to reset your password in {{.ResetPwdCodeLives}} hours</p>
<p style="margin:0;padding:0 0 9px 0;">
<a href="{{.AppUrl}}reset/{{.Code}}">{{.AppUrl}}reset/{{.Code}}</a>
</p>
<p style="margin:0;padding:0 0 9px 0;">Copy and paste it to your browser if it's not working.</p>
{{end}}
{{end}}

View File

@ -0,0 +1,30 @@
{{template "base/head" .}}
{{template "base/navbar" .}}
<div id="body" class="container">
<form action="/user/forget_password" method="post" class="form-horizontal card" id="login-card">
{{.CsrfTokenHtml}}
<h3>Reset Your Password</h3>
<div class="alert alert-danger form-error{{if .HasError}}{{else}} hidden{{end}}">{{.ErrorMsg}}</div>
{{if .IsResetSent}}
<p>A confirmation e-mail has been sent to <b>{{.Email}}</b>, please check your inbox within {{.Hours}} hours.</p>
<hr/>
<a href="http://{{Mail2Domain .Email}}" class="btn btn-lg btn-success">Sign in to your e-mail</a>
{{else if .IsResetRequest}}
<div class="form-group {{if .Err_Email}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Email: </label>
<div class="col-md-7">
<input name="email" class="form-control" placeholder="Type your e-mail address" required="required">
</div>
</div>
<hr/>
<div class="form-group">
<div class="col-md-offset-4 col-md-6">
<button type="submit" class="btn btn-lg btn-primary">Click here to send reset confirmation e-mail</button>
</div>
</div>
{{else if .IsResetDisable}}
<p>Sorry, mail service is not enabled.</p>
{{end}}
</form>
</div>
{{template "base/footer" .}}

View File

@ -0,0 +1,26 @@
{{template "base/head" .}}
{{template "base/navbar" .}}
<div id="body" class="container">
<form action="/user/reset_password?code={{.Code}}" method="post" class="form-horizontal card" id="login-card">
{{.CsrfTokenHtml}}
<h3>Reset Your Pasword</h3>
<div class="alert alert-danger form-error{{if .HasError}}{{else}} hidden{{end}}">{{.ErrorMsg}}</div>
{{if .IsResetForm}}
<div class="form-group">
<label class="col-md-4 control-label">Password: </label>
<div class="col-md-6">
<input name="passwd" type="password" class="form-control" placeholder="Type your password" required="required">
</div>
</div>
<hr/>
<div class="form-group">
<div class="col-md-offset-4 col-md-6">
<button type="submit" class="btn btn-lg btn-primary">Click here to reset your password</button>
</div>
</div>
{{else}}
<p>Sorry, your confirmation code has been exipired or not valid.</p>
{{end}}
</form>
</div>
{{template "base/footer" .}}

View File

@ -33,7 +33,7 @@
<div class="form-group">
<div class="col-md-offset-4 col-md-6">
<button type="submit" class="btn btn-lg btn-primary">Log In</button>
<a href="/forget-password/">Forgot your password?</a>
<a href="/user/forget_password/">Forgot your password?</a>
</div>
</div>

2
web.go
View File

@ -92,6 +92,8 @@ func runWeb(*cli.Context) {
// r.Any("/login/github", user.SocialSignIn)
r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn)
r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp)
r.Any("/forget_password", user.ForgotPasswd)
r.Any("/reset_password", user.ResetPasswd)
}, reqSignOut)
m.Group("/user", func(r martini.Router) {
r.Any("/logout", user.SignOut)