Continue reset form on bad entry
This commit is contained in:
parent
7226e9f1e2
commit
f819320f5a
31
reset.go
31
reset.go
@ -12,20 +12,24 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
|
|||||||
http.Redirect(w, r, "lost", http.StatusFound)
|
http.Redirect(w, r, "lost", http.StatusFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
base := map[string]interface{}{
|
||||||
|
"login": r.URL.Query().Get("l"),
|
||||||
|
"token": strings.Replace(r.URL.Query().Get("t"), " ", "+", -1),
|
||||||
|
}
|
||||||
|
|
||||||
if r.Method != "POST" {
|
if r.Method != "POST" {
|
||||||
displayTmpl(w, "reset.html", map[string]interface{}{
|
displayTmpl(w, "reset.html", base)
|
||||||
"login": r.URL.Query().Get("l"),
|
|
||||||
"token": strings.Replace(r.URL.Query().Get("t"), " ", "+", -1),
|
|
||||||
})
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check the two new passwords are identical
|
// Check the two new passwords are identical
|
||||||
if r.PostFormValue("newpassword") != r.PostFormValue("new2password") {
|
if r.PostFormValue("newpassword") != r.PostFormValue("new2password") {
|
||||||
displayTmplError(w, http.StatusNotAcceptable, "reset.html", map[string]interface{}{"error": "New passwords are not identical. Please retry."})
|
base["error"] = "New passwords are not identical. Please retry."
|
||||||
|
displayTmplError(w, http.StatusNotAcceptable, "reset.html", base)
|
||||||
return
|
return
|
||||||
} else if err := checkPasswdConstraint(r.PostFormValue("newpassword")); err != nil {
|
} else if err := checkPasswdConstraint(r.PostFormValue("newpassword")); err != nil {
|
||||||
displayTmplError(w, http.StatusNotAcceptable, "reset.html", map[string]interface{}{"error": "The password you chose doesn't respect all constraints: " + err.Error()})
|
base["error"] = "The password you chose doesn't respect all constraints: " + err.Error()
|
||||||
|
displayTmplError(w, http.StatusNotAcceptable, "reset.html", base)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -33,7 +37,8 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
|
|||||||
conn, err := myLDAP.Connect()
|
conn, err := myLDAP.Connect()
|
||||||
if err != nil || conn == nil {
|
if err != nil || conn == nil {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()})
|
base["error"] = err.Error()
|
||||||
|
displayTmplError(w, http.StatusInternalServerError, "reset.html", base)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -41,7 +46,8 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
|
|||||||
err = conn.ServiceBind()
|
err = conn.ServiceBind()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()})
|
base["error"] = err.Error()
|
||||||
|
displayTmplError(w, http.StatusInternalServerError, "reset.html", base)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -49,20 +55,23 @@ func resetPassword(w http.ResponseWriter, r *http.Request) {
|
|||||||
dn, err := conn.SearchDN(r.PostFormValue("login"))
|
dn, err := conn.SearchDN(r.PostFormValue("login"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()})
|
base["error"] = err.Error()
|
||||||
|
displayTmplError(w, http.StatusInternalServerError, "reset.html", base)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check token validity (allow current token + last one)
|
// Check token validity (allow current token + last one)
|
||||||
if conn.genToken(dn, false) != r.PostFormValue("token") && conn.genToken(dn, true) != r.PostFormValue("token") {
|
if conn.genToken(dn, false) != r.PostFormValue("token") && conn.genToken(dn, true) != r.PostFormValue("token") {
|
||||||
displayTmplError(w, http.StatusNotAcceptable, "reset.html", map[string]interface{}{"error": "Token invalid, please retry the lost password procedure. Please note that our token expires after 1 hour."})
|
base["error"] = "Token invalid, please retry the lost password procedure. Please note that our token expires after 1 hour."
|
||||||
|
displayTmplError(w, http.StatusNotAcceptable, "reset.html", base)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Replace the password by the new given
|
// Replace the password by the new given
|
||||||
if err := conn.ChangePassword(dn, r.PostFormValue("newpassword")); err != nil {
|
if err := conn.ChangePassword(dn, r.PostFormValue("newpassword")); err != nil {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
displayTmplError(w, http.StatusInternalServerError, "reset.html", map[string]interface{}{"error": err.Error()})
|
base["error"] = err.Error()
|
||||||
|
displayTmplError(w, http.StatusInternalServerError, "reset.html", base)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
{{template "header"}}
|
{{template "header"}}
|
||||||
<h1 class="display-4">Forgot your password? <small class="text-muted">Define a new one!</small></h1>
|
<h1 class="display-4">Forgot your password? <small class="text-muted">Define a new one!</small></h1>
|
||||||
|
|
||||||
<form method="post" action="reset">
|
<form method="post" action="reset?l={{ .login }}&t={{ .token }}">
|
||||||
{{if .error}}<div class="alert alert-danger" role="alert">{{.error}}</div>{{end}}
|
{{if .error}}<div class="alert alert-danger" role="alert">{{.error}}</div>{{end}}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input required="" class="form-control" id="input_0" type="text" placeholder="Email" value="{{ .login }}" disabled="">
|
<input required="" class="form-control" id="input_0" type="text" placeholder="Email" value="{{ .login }}" disabled="">
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user