zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

what's this? is this password reset???

Browse source
This commit is contained in:
Kyle Drake 2013-07-11 23:33:10 -04:00
parent 72947b6606
commit 1e1051fd36
8 changed files with 104 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
Gemfile
View file

@ -14,6 +14,7 @@ gem 'rmagick', require: nil
gem 'selenium-webdriver', require: nil gem 'selenium-webdriver', require: nil
gem 'sidekiq' gem 'sidekiq'
gem 'ago' gem 'ago'
gem 'mail'
platform :mri do platform :mri do
gem 'magic' # sudo apt-get install file, For OSX: brew install libmagic gem 'magic' # sudo apt-get install file, For OSX: brew install libmagic
@ -55,4 +56,4 @@ group :test do
platform :mri do platform :mri do
gem 'simplecov', require: nil gem 'simplecov', require: nil
end end
end end

9
Gemfile.lock
View file

@ -34,8 +34,12 @@ GEM
kgio (2.8.0) kgio (2.8.0)
magic (0.2.6) magic (0.2.6)
ffi (>= 0.6.3) ffi (>= 0.6.3)
mail (2.5.4)
mime-types (~> 1.16)
treetop (~> 1.4.8)
metaclass (0.0.1) metaclass (0.0.1)
method_source (0.8.1) method_source (0.8.1)
mime-types (1.23)
minitest (4.7.4) minitest (4.7.4)
minitest-reporters (0.14.19) minitest-reporters (0.14.19)
ansi ansi
@ -46,6 +50,7 @@ GEM
metaclass (~> 0.0.1) metaclass (~> 0.0.1)
multi_json (1.7.3) multi_json (1.7.3)
pg (0.15.1) pg (0.15.1)
polyglot (0.3.3)
powerbar (1.0.11) powerbar (1.0.11)
ansi (~> 1.4.0) ansi (~> 1.4.0)
hashie (>= 1.1.0) hashie (>= 1.1.0)
@ -112,6 +117,9 @@ GEM
temple (0.6.5) temple (0.6.5)
tilt (1.4.1) tilt (1.4.1)
timers (1.1.0) timers (1.1.0)
treetop (1.4.14)
polyglot
polyglot (>= 0.3.1)
unicorn (4.6.2) unicorn (4.6.2)
kgio (~> 2.6) kgio (~> 2.6)
rack rack
@ -134,6 +142,7 @@ DEPENDENCIES
jruby-openssl jruby-openssl
json json
magic magic
mail
minitest minitest
minitest-reporters minitest-reporters
mocha mocha

51
app.rb
View file

@ -367,6 +367,57 @@ post '/admin/mark_nsfw' do
redirect '/admin' redirect '/admin'
end end
get '/password_reset' do
slim :'password_reset'
end
post '/send_password_reset' do
site = Site[email: params[:email]]
if site
site.update password_reset_token: token
token = SecureRandom.uuid.gsub('-', '')
body = <<-EOT
Hello! This is the NeoCities cat, and I have received a password reset request for your e-mail address. Purrrr.
Go to this URL to reset your password: http://neocities.org/password_reset_confirm?code=#{token}
If you didn't request this reset, you can ignore it. Or hide under a bed. Or take a nap. Your call.
Meow,
the NeoCities Cat
EOT
body.strip!
EmailWorker.perform_async({
to: params[:email],
subject: '[NeoCities] Password Reset',
body: body
})
end
flash[:success] = 'If your email was valid (and used by a site), the NeoCities Cat will send an e-mail to your account with password reset instructions.'
redirect '/'
end
get '/password_reset_confirm' do
site = Site[password_reset_token: params[:token]]
if site
site.password = params[:token]
site.save
flash[:success] = 'Your password has been changed to the token sent in your e-mail. Please login and change your password in the settings page as soon as possible.'
else
flash[:error] = 'Could not find a site with this token.'
end
redirect '/'
end
def require_admin def require_admin
redirect '/' unless signed_in? && current_site.is_admin redirect '/' unless signed_in? && current_site.is_admin
end end

1
environment.rb
View file

@ -34,6 +34,7 @@ Sidekiq.configure_client do |config|
end end
require File.join(DIR_ROOT, 'workers', 'screenshot_worker.rb') require File.join(DIR_ROOT, 'workers', 'screenshot_worker.rb')
require File.join(DIR_ROOT, 'workers', 'email_worker.rb')
Sequel.datetime_class = Time Sequel.datetime_class = Time
Sequel.extension :pagination Sequel.extension :pagination

11
migrations/014_add_password_reset_token.rb Normal file
View file

@ -0,0 +1,11 @@
Sequel.migration do
up {
DB.add_column :sites, :password_reset_token, :text
DB.add_index :sites, :password_reset_token
}
down {
DB.add_column :sites, :password_reset_token
DB.drop_index :sites, :password_reset_token
}
end

15
views/password_reset.slim Normal file
View file

@ -0,0 +1,15 @@
.text-center
.row
.span12
h1 Reset Password
.row
.span6.offset3.text-center
h5 If you provided your e-mail you can reset your password. If you didn't, you will not be able to reset your password, you will need to create a new site. We will not change a password without an email entered, no exceptions.
.row
.span12
form method="POST" action="/send_password_reset"
input name="csrf_token" type="hidden" value="#{csrf_token}"
fieldset
div: input name="email" type="email" placeholder="Your email"
div: button class="btn btn-large btn-success" href="#" style="margin-top: 10px" Send Password Reset

5
views/signin.slim
View file

@ -13,4 +13,7 @@
div: button class="btn btn-large btn-success" href="#" style="margin-top: 10px" Sign in div: button class="btn btn-large btn-success" href="#" style="margin-top: 10px" Sign in
.row .row
.span12 .span12
a href="/new" I don't have an account yet. div
a href="/new" I don't have an account yet.
div
a href="/password_reset" I forgot my password.

11
workers/email_worker.rb Normal file
View file

@ -0,0 +1,11 @@
class EmailWorker
include Sidekiq::Worker
def perform(args={})
Mail.deliver do
to args[:to]
subject args[:subject]
body args[:body]
end
end
end