1package App::Netdisco::Web::Password; 2 3use Dancer ':syntax'; 4use Dancer::Plugin::DBIC; 5use Dancer::Plugin::Auth::Extensible; 6use Dancer::Plugin::Passphrase; 7 8use Digest::MD5 (); 9 10sub _make_password { 11 my $pass = (shift || passphrase->generate_random); 12 if (setting('safe_password_store')) { 13 return passphrase($pass)->generate; 14 } 15 else { 16 return Digest::MD5::md5_hex($pass), 17 } 18} 19 20sub _bail { 21 var('passchange_failed' => 1); 22 return template 'password.tt', {}, { layout => 'main' }; 23} 24 25any ['get', 'post'] => '/password' => require_login sub { 26 my $old = param('old'); 27 my $new = param('new'); 28 my $confirm = param('confirm'); 29 30 if (request->is_post) { 31 unless ($old and $new and $confirm and ($new eq $confirm)) { 32 return _bail(); 33 } 34 35 my ($success, $realm) = authenticate_user( 36 session('logged_in_user'), $old 37 ); 38 return _bail() if not $success; 39 40 my $user = schema('netdisco')->resultset('User') 41 ->find({username => session('logged_in_user')}); 42 return _bail() if not $user; 43 44 $user->update({password => _make_password($new)}); 45 var('passchange_ok' => 1); 46 } 47 48 template 'password.tt', {}, { layout => 'main' }; 49}; 50 51true; 52