prosody-modules: comparison mod_email_pass/mod_email

equal deleted inserted replaced

-:0ae065453dc9
+:7dbde05b48a9
 -- This table has the tokens submited by the server
 tokens_mails = {};
 tokens_expiration = {};
 -- URL
 local https_host = module:get_option_string("https_host");
 local http_host = module:get_option_string("http_host");
 local https_port = module:get_option("https_ports", { 443 });
 local http_port = module:get_option("http_ports", { 80 });
 		module:log("error", "Reset password token collision: '%s'", token);
 		return generateToken(address)
 	end
 end
 function isExpired(token)
 	if not tokens_expiration[token] then
 		return nil;
 	end
 	if os.difftime(os.time(), tokens_expiration[token]) < 86400 then -- 86400 secs == 24h
 		-- token is valid yet
 		return nil;
 	else
 		-- token invalid, we can create a fresh one.
 		return true;
 	end
 end
 -- Expire tokens
 expireTokens = function()
 	for token,value in pairs(tokens_mails) do
 		if isExpired(token) then
 			module:log("info","Expiring password reset request from user '%s', not used.", tokens_mails[token]);
 			tokens_mails[token] = nil;
 	return nil;
 end
 function generateUrl(token)
 	local url;
 	if https_host then
 		url = "https://" .. https_host;
 	else
 		url = "http://" .. http_host;
 	end
 	if https_port then
 		url = url .. ":" .. https_port[1];
 	else
 		url = url .. ":" .. http_port[1];
 	end
 	url = url .. url_path .. "token.html?" .. token;
 	return url;
 end
 function sendMessage(jid, subject, message)
 local msg = st.message({ from = module.host; to = jid; }):
 function send_token_mail(form, origin)
 	local user, host, resource = jidutil.split(form.username);
 	local prepped_username = nodeprep(user);
 	local prepped_mail = form.email;
 	local jid = prepped_username .. "@" .. host;
 if not prepped_username then
 	return nil, "El usuario contiene caracteres incorrectos";
 end
 if #prepped_username == 0 then
 	return nil, "El campo usuario está vacio";
 end
 if not usermanager.user_exists(prepped_username, module.host) then
 	return nil, "El usuario NO existe";
 end
 	if #prepped_mail == 0 then
 	return nil, "El campo email está vacio";
 end
 	local vcarduser = get_user_vcard(prepped_username, module.host);
 	if not vcarduser then
 		return nil, "User has not vCard";
 	else
 		if not vcarduser.EMAIL then
 			return nil, "Esa cuente no tiene ningún email configurado en su vCard";
 		email = string.lower(vcarduser.EMAIL[1]);
 		if email ~= string.lower(prepped_mail) then
 			return nil, "Dirección eMail incorrecta";
 		end
 		-- Check if has already a valid token, not used yet.
 		if hasTokenActive(jid) then
 			local valid_until = tokens_expiration[hasTokenActive(jid)] + 86400;
 			return nil, "Ya tienes una petición de restablecimiento de clave válida hasta: " .. datetime.date(valid_until) .. " " .. datetime.time(valid_until);
 		end
 		local url_token = generateToken(jid);
 		local url = generateUrl(url_token);
 		local email_body =  render(get_template("sendtoken",".mail"), {jid = jid, url = url} );
 		module:log("info", "Sending password reset mail to user %s", jid);
 		send_email(email, smtp_address, email_body, mail_subject);
 		return "ok";
 	end
 end
 function reset_password_with_token(form, origin)
 	local token = form.token;
 	local password = form.newpassword;
 	if not token then
 		return nil, "El Token es inválido";
 	end
 	if not tokens_mails[token] then
 		return nil, "El Token no existe o ya fué usado";
 	if #password < 5 then
 		return nil, "La clave debe tener una longitud de al menos 5 caracteres";
 	end
 	local jid = tokens_mails[token];
 	local user, host, resource = jidutil.split(jid);
 	usermanager.set_password(user, password, host);
 	module:log("info", "Password changed with token for user %s", jid);
 	tokens_mails[token] = nil;
 	tokens_expiration[token] = nil;
 	sendMessage(jid, mail_subject, mail_body);

changeset 1343	7dbde05b48a9
parent 1342	0ae065453dc9
child 1345	c60e9943dcb9