From 5896c368d0f433e02d4f895c1d647da5cdc4adb2 Mon Sep 17 00:00:00 2001 From: Petr Baudis Date: Sun, 26 Aug 2007 23:32:20 +0200 Subject: [PATCH] Add pwproj.cgi for resetting forgotten password --- cgi/Git/RepoCGI.pm | 8 +++++ cgi/delproj.cgi | 4 +-- cgi/editproj.cgi | 2 +- cgi/pwproj.pgi | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 98 insertions(+), 3 deletions(-) create mode 100755 cgi/pwproj.pgi diff --git a/cgi/Git/RepoCGI.pm b/cgi/Git/RepoCGI.pm index cd6dade..f00b229 100644 --- a/cgi/Git/RepoCGI.pm +++ b/cgi/Git/RepoCGI.pm @@ -557,6 +557,14 @@ sub update { $self->_group_update; } +sub update_password { + my $self = shift; + my ($pwd) = @_; + + $self->{crypt} = scrypt($pwd); + $self->_group_update; +} + # You can explicitly do this just on a ghost() repository too. sub delete { my $self = shift; diff --git a/cgi/delproj.cgi b/cgi/delproj.cgi index 7b0c3b2..d67a2d7 100755 --- a/cgi/delproj.cgi +++ b/cgi/delproj.cgi @@ -62,8 +62,8 @@ print <Please confirm that you are going to remove mirrored project $name ($url) from the site.

- -

Admin password:

+ +

Admin password: (forgot password?)

EOT diff --git a/cgi/editproj.cgi b/cgi/editproj.cgi index c494bcb..b468087 100755 --- a/cgi/editproj.cgi +++ b/cgi/editproj.cgi @@ -61,7 +61,7 @@ EOT print <

Project name: $h{name}.git

-

Admin password:

+

Admin password: (forgot password?)

New admin password: (leave empty to keep it at the current value)

New admin password (retype):

E-mail contact:

diff --git a/cgi/pwproj.pgi b/cgi/pwproj.pgi new file mode 100755 index 0000000..705c692 --- /dev/null +++ b/cgi/pwproj.pgi @@ -0,0 +1,87 @@ +#!/usr/bin/perl +# (c) Petr Baudis +# GPLv2 + +use strict; +use warnings; + +use lib qw(/home/repo/repomgr/cgi); +use Git::RepoCGI; + + +sub genpwd { + # FLUFFY! + substr(crypt(rand, rand), 2); +} + + +my $repo = Git::RepoCGI->new('Forgotten Project Password'); +my $cgi = $repo->cgi; + +my $name = $cgi->param('name'); + +unless (defined $name) { + print "

I need the project name as an argument.

\n"; + exit; +} + +if (!valid_proj_name($name)) { + print "

Invalid project name. Go away, sorcerer.

\n"; + exit; +} + +if (!Git::RepoCGI::Project::does_exist($name)) { + print "

Sorry but this project does not exist. Now, how did you get here?!

\n"; + exit; +} + +if (!Git::RepoCGI::Project::available($name)) { + print "

Sorry but your project has not finished mirroring yet. If it takes inordinate amount of time, please tell the administrator.

\n"; + exit; +} + +my $proj = Git::RepoCGI::Project->load($name); +$proj or die "not found project $name, that's really weird!"; + +my $mail = $proj->{email}; + +if ($cgi->param('y0')) { + # submitted + + my $newpwd = genpwd(); + + open (M, '-|', 'mail', '-s', '[repo.or.cz] New password for project '.$name, $mail) or die "Cannot spawn mail: $!"; + print M <update_password($newpwd); + + print "

Project password has been reset. Have a nice day.

\n"; + exit; +} + +print <You are trying to make me reset password for project $name. I'll send the new +password to the project admin <$mail>.

+
+ +

+
+EOT + -- 2.11.4.GIT