1 package Koha::Patron::Password::Recovery;
3 # Copyright 2014 Solutions InLibro inc.
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
23 use Crypt::Eksblowfish::Bcrypt qw( en_base64 );
24 use Koha::DateUtils qw( dt_from_string );
26 use constant PATRON => 2;
27 use constant STAFF => 5;
29 our (@ISA, @EXPORT_OK);
34 &ValidateBorrowernumber
35 &SendPasswordRecoveryEmail
37 &CompletePasswordRecovery
38 &DeleteExpiredPasswordRecovery
44 Koha::Patron::Password::Recovery - Koha password recovery module
48 use Koha::Patron::Password::Recovery;
52 =head2 ValidateBorrowernumber
54 $alread = ValidateBorrowernumber( $borrower_number );
56 Check if the system already start recovery
62 sub ValidateBorrowernumber {
63 my ($borrower_number) = @_;
64 my $schema = Koha::Database->new->schema;
66 my $rs = $schema->resultset('BorrowerPasswordRecovery')->search(
68 borrowernumber => $borrower_number,
69 valid_until => \'> NOW()'
71 { columns => 'borrowernumber' }
79 =head2 GetValidLinkInfo
81 Check if the link is still valid and return some info.
85 sub GetValidLinkInfo {
87 my $dbh = C4::Context->dbh;
89 SELECT borrower_password_recovery.borrowernumber, userid
90 FROM borrower_password_recovery, borrowers
91 WHERE borrowers.borrowernumber = borrower_password_recovery.borrowernumber
92 AND NOW() < valid_until
95 my $sth = $dbh->prepare($query);
96 $sth->execute($uniqueKey);
97 return $sth->fetchrow;
100 =head2 SendPasswordRecoveryEmail
102 It creates an email using the templates and sends it to the user, using the specified email
106 sub SendPasswordRecoveryEmail {
107 my $borrower = shift; # Koha::Patron
108 my $userEmail = shift; #to_address (the one specified in the request)
110 my $staff = shift // 0;
112 my $schema = Koha::Database->new->schema;
117 $uuid_str = '$2a$08$'.en_base64(Koha::AuthUtils::generate_salt('weak', 16));
118 } while ( substr ( $uuid_str, -1, 1 ) eq '.' );
120 # insert into database
121 my $days = $staff ? STAFF : PATRON;
123 dt_from_string()->add( days => $days );
126 $schema->resultset('BorrowerPasswordRecovery')
127 ->search( { borrowernumber => $borrower->borrowernumber, } );
129 { uuid => $uuid_str, valid_until => $expirydate->datetime() } );
132 my $rs = $schema->resultset('BorrowerPasswordRecovery')->create(
134 borrowernumber => $borrower->borrowernumber,
136 valid_until => $expirydate->datetime()
142 my $opacbase = C4::Context->preference('OPACBaseURL') || '';
143 my $uuidLink = $opacbase
144 . "/cgi-bin/koha/opac-password-recovery.pl?uniqueKey=$uuid_str";
147 my $letter = C4::Letters::GetPreparedLetter(
149 letter_code => $staff ? 'STAFF_PASSWORD_RESET' : 'PASSWORD_RESET',
150 branchcode => $borrower->branchcode,
151 lang => $borrower->lang,
153 { passwordreseturl => $uuidLink, user => $borrower->userid },
157 my $library = $borrower->library;
158 my $kohaEmail = $library->from_email_address; # send from patron's branch or Koha Admin
160 my $message_id = C4::Letters::EnqueueLetter(
163 borrowernumber => $borrower->borrowernumber,
164 to_address => $userEmail,
165 from_address => $kohaEmail,
166 message_transport_type => 'email',
170 my $num_letters_attempted =
171 C4::Letters::SendQueuedMessages( { message_id => $message_id } );
173 return ($num_letters_attempted > 0);
176 =head2 CompletePasswordRecovery
178 $bool = CompletePasswordRecovery($uuid);
180 Deletes a password recovery entry.
184 sub CompletePasswordRecovery {
185 my $uniqueKey = shift;
187 Koha::Database->new->schema->resultset('BorrowerPasswordRecovery');
188 my $entry = $model->search(
189 { -or => [ uuid => $uniqueKey, valid_until => \'< NOW()' ] } );
190 return $entry->delete();
193 =head2 DeleteExpiredPasswordRecovery
195 $bool = DeleteExpiredPasswordRecovery($borrowernumber)
197 Deletes an expired password recovery entry.
201 sub DeleteExpiredPasswordRecovery {
202 my $borrower_number = shift;
204 Koha::Database->new->schema->resultset('BorrowerPasswordRecovery');
205 my $entry = $model->search(
206 { borrowernumber => $borrower_number } );
207 return $entry->delete();
211 END { } # module clean-up code here (global destructor)