From 5896c368d0f433e02d4f895c1d647da5cdc4adb2 Mon Sep 17 00:00:00 2001
From: Petr Baudis
Date: Sun, 26 Aug 2007 23:32:20 +0200
Subject: [PATCH] Add pwproj.cgi for resetting forgotten password
---
cgi/Git/RepoCGI.pm | 8 +++++
cgi/delproj.cgi | 4 +--
cgi/editproj.cgi | 2 +-
cgi/pwproj.pgi | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 98 insertions(+), 3 deletions(-)
create mode 100755 cgi/pwproj.pgi
diff --git a/cgi/Git/RepoCGI.pm b/cgi/Git/RepoCGI.pm
index cd6dade..f00b229 100644
--- a/cgi/Git/RepoCGI.pm
+++ b/cgi/Git/RepoCGI.pm
@@ -557,6 +557,14 @@ sub update {
$self->_group_update;
}
+sub update_password {
+ my $self = shift;
+ my ($pwd) = @_;
+
+ $self->{crypt} = scrypt($pwd);
+ $self->_group_update;
+}
+
# You can explicitly do this just on a ghost() repository too.
sub delete {
my $self = shift;
diff --git a/cgi/delproj.cgi b/cgi/delproj.cgi
index 7b0c3b2..d67a2d7 100755
--- a/cgi/delproj.cgi
+++ b/cgi/delproj.cgi
@@ -62,8 +62,8 @@ print <Please confirm that you are going to remove mirrored project
$name ($url) from the site.
EOT
diff --git a/cgi/editproj.cgi b/cgi/editproj.cgi
index c494bcb..b468087 100755
--- a/cgi/editproj.cgi
+++ b/cgi/editproj.cgi
@@ -61,7 +61,7 @@ EOT
print <
Project name: $h{name} .git
-Admin password:
+Admin password: (forgot password?)
New admin password: (leave empty to keep it at the current value)
New admin password (retype):
E-mail contact:
diff --git a/cgi/pwproj.pgi b/cgi/pwproj.pgi
new file mode 100755
index 0000000..705c692
--- /dev/null
+++ b/cgi/pwproj.pgi
@@ -0,0 +1,87 @@
+#!/usr/bin/perl
+# (c) Petr Baudis
+# GPLv2
+
+use strict;
+use warnings;
+
+use lib qw(/home/repo/repomgr/cgi);
+use Git::RepoCGI;
+
+
+sub genpwd {
+ # FLUFFY!
+ substr(crypt(rand, rand), 2);
+}
+
+
+my $repo = Git::RepoCGI->new('Forgotten Project Password');
+my $cgi = $repo->cgi;
+
+my $name = $cgi->param('name');
+
+unless (defined $name) {
+ print "I need the project name as an argument.
\n";
+ exit;
+}
+
+if (!valid_proj_name($name)) {
+ print "Invalid project name. Go away, sorcerer.
\n";
+ exit;
+}
+
+if (!Git::RepoCGI::Project::does_exist($name)) {
+ print "Sorry but this project does not exist. Now, how did you get here?!
\n";
+ exit;
+}
+
+if (!Git::RepoCGI::Project::available($name)) {
+ print "Sorry but your project has not finished mirroring yet. If it takes inordinate amount of time, please tell the administrator.
\n";
+ exit;
+}
+
+my $proj = Git::RepoCGI::Project->load($name);
+$proj or die "not found project $name, that's really weird!";
+
+my $mail = $proj->{email};
+
+if ($cgi->param('y0')) {
+ # submitted
+
+ my $newpwd = genpwd();
+
+ open (M, '-|', 'mail', '-s', '[repo.or.cz] New password for project '.$name, $mail) or die "Cannot spawn mail: $!";
+ print M <update_password($newpwd);
+
+ print "Project password has been reset. Have a nice day.
\n";
+ exit;
+}
+
+print <You are trying to make me reset password for project $name. I'll send the new
+password to the project admin <$mail>.
+
+EOT
+
--
2.11.4.GIT