opac/opac-password-recovery.pl

   1 #!/usr/bin/perl
   2
   3 use Modern::Perl;
   4 use CGI;
   5
   6 use C4::Auth;
   7 use C4::Koha;
   8 use C4::Output;
   9 use C4::Context;
  10 use Koha::Patron::Password::Recovery
  11   qw(SendPasswordRecoveryEmail ValidateBorrowernumber GetValidLinkInfo CompletePasswordRecovery DeleteExpiredPasswordRecovery);
  12 use Koha::Patrons;
  13 use Koha::Patrons;
  14 my $query = CGI->new;
  15 use HTML::Entities;
  16 use Try::Tiny;
  17 use List::Util qw/any/;
  18
  19 my ( $template, $dummy, $cookie ) = get_template_and_user(
  20     {
  21         template_name   => "opac-password-recovery.tt",
  22         query           => $query,
  23         type            => "opac",
  24         authnotrequired => 1,
  25         debug           => 1,
  26     }
  27 );
  28
  29 my $email          = $query->param('email') // q{};
  30 my $password       = $query->param('newPassword');
  31 my $repeatPassword = $query->param('repeatPassword');
  32 my $id             = $query->param('id');
  33 my $uniqueKey      = $query->param('uniqueKey');
  34 my $username       = $query->param('username') // q{};
  35 my $borrower_number;
  36
  37 #errors
  38 my $hasError;
  39
  40 #email form error
  41 my $errNoBorrowerFound;
  42 my $errNoBorrowerEmail;
  43 my $errMultipleAccountsForEmail;
  44 my $errAlreadyStartRecovery;
  45 my $errTooManyEmailFound;
  46 my $errBadEmail;
  47 my $errResetForbidden;
  48
  49 #new password form error
  50 my $errLinkNotValid;
  51
  52 if ( $query->param('sendEmail') || $query->param('resendEmail') ) {
  53
  54     #try with the main email
  55     my $borrower;
  56     my $search_results;
  57     # Find the borrower by userid, card number, or email
  58     if ($username) {
  59         $search_results = Koha::Patrons->search( { -or => { userid => $username, cardnumber => $username }, login_attempts => { '!=', Koha::Patron::ADMINISTRATIVE_LOCKOUT } } );
  60     }
  61     elsif ($email) {
  62         $search_results = Koha::Patrons->search( { -or => { email => $email, emailpro => $email, B_email  => $email }, login_attempts => { '!=', Koha::Patron::ADMINISTRATIVE_LOCKOUT } } );
  63     }
  64
  65     if ( !defined $search_results || $search_results->count < 1) {
  66         $hasError           = 1;
  67         $errNoBorrowerFound = 1;
  68     }
  69     elsif ( $username && $search_results->count > 1) { # Multiple accounts for username
  70         $hasError           = 1;
  71         $errNoBorrowerFound = 1;
  72     }
  73     elsif ( $email && $search_results->count > 1) { # Muliple accounts for E-Mail
  74         $hasError           = 1;
  75         $errMultipleAccountsForEmail = 1;
  76     }
  77     elsif ( $borrower = $search_results->next() ) {    # One matching borrower
  78
  79         if ( $borrower->category->effective_reset_password ) {
  80
  81             my @emails = grep { $_ } ( $borrower->email, $borrower->emailpro, $borrower->B_email );
  82
  83             my $firstNonEmptyEmail;
  84             $firstNonEmptyEmail = $emails[0] if @emails;
  85
  86             # Is the given email one of the borrower's ?
  87             if ( $email && !( any { lc($_) eq lc($email) } @emails ) ) {
  88                 $hasError    = 1;
  89                 $errNoBorrowerFound = 1;
  90             }
  91
  92             # If there is no given email, and there is no email on record
  93             elsif ( !$email && !$firstNonEmptyEmail ) {
  94                 $hasError           = 1;
  95                 $errNoBorrowerEmail = 1;
  96             }
  97
  98             # Check if a password reset already issued for this
  99             # borrower AND we are not asking for a new email
 100             elsif ( not $query->param('resendEmail') ) {
 101                 if ( ValidateBorrowernumber( $borrower->borrowernumber ) ) {
 102                     $hasError                = 1;
 103                     $errAlreadyStartRecovery = 1;
 104                 }
 105                 else {
 106                     DeleteExpiredPasswordRecovery( $borrower->borrowernumber );
 107                 }
 108             }
 109             # Set the $email, if we don't have one.
 110             if ( !$hasError && !$email ) {
 111                 $email = $firstNonEmptyEmail;
 112             }
 113         }
 114         else {
 115             $hasError          = 1;
 116             $errResetForbidden = 1;
 117         }
 118     }
 119     else {    # 0 matching borrower
 120         $hasError           = 1;
 121         $errNoBorrowerFound = 1;
 122     }
 123     if ($hasError) {
 124         $template->param(
 125             hasError                => 1,
 126
 127             errNoBorrowerFound      => $errNoBorrowerFound,
 128             errTooManyEmailFound    => $errTooManyEmailFound,
 129             errAlreadyStartRecovery => $errAlreadyStartRecovery,
 130             errBadEmail             => $errBadEmail,
 131             errNoBorrowerEmail      => $errNoBorrowerEmail,
 132             errMultipleAccountsForEmail => $errMultipleAccountsForEmail,
 133             errResetForbidden       => $errResetForbidden,
 134             password_recovery       => 1,
 135             email                   => HTML::Entities::encode($email),
 136             username                => $username
 137         );
 138     }
 139     elsif ( SendPasswordRecoveryEmail( $borrower, $email, scalar $query->param('resendEmail') ) ) {    # generate uuid and send recovery email
 140         $template->param(
 141             mail_sent => 1,
 142             email     => $email
 143         );
 144     }
 145     else {    # if it doesn't work....
 146         $template->param(
 147             hasError          => 1,
 148             password_recovery => 1,
 149             sendmailError     => 1
 150         );
 151     }
 152 }
 153 elsif ( $query->param('passwordReset') ) {
 154     ( $borrower_number, $username ) = GetValidLinkInfo($uniqueKey);
 155
 156     my $error;
 157     my $min_password_length = C4::Context->preference('minPasswordPreference');
 158     my $require_strong_password = C4::Context->preference('RequireStrongPassword');
 159     if ( not $borrower_number ) {
 160         $error = 'errLinkNotValid';
 161     } elsif ( $password ne $repeatPassword ) {
 162         $error = 'errPassNotMatch';
 163     } else {
 164         my $borrower = Koha::Patrons->find($borrower_number);
 165         $min_password_length = $borrower->category->effective_min_password_length;
 166         $require_strong_password = $borrower->category->effective_require_strong_password;
 167         try {
 168             $borrower->set_password({ password => $password });
 169
 170             CompletePasswordRecovery($uniqueKey);
 171             $template->param(
 172                 password_reset_done => 1,
 173                 username            => $username
 174             );
 175         }
 176         catch {
 177             if ( $_->isa('Koha::Exceptions::Password::TooShort') ) {
 178                 $error = 'password_too_short';
 179             }
 180             elsif ( $_->isa('Koha::Exceptions::Password::WhitespaceCharacters') ) {
 181                 $error = 'password_has_whitespaces';
 182             }
 183             elsif ( $_->isa('Koha::Exceptions::Password::TooWeak') ) {
 184                 $error = 'password_too_weak';
 185             }
 186         };
 187     }
 188     if ( $error ) {
 189         $template->param(
 190             new_password => 1,
 191             email        => $email,
 192             uniqueKey    => $uniqueKey,
 193             hasError     => 1,
 194             $error       => 1,
 195             minPasswordLength => $min_password_length,
 196             RequireStrongPassword => $require_strong_password
 197         );
 198     }
 199 }
 200 elsif ($uniqueKey) {    #reset password form
 201                         #check if the link is valid
 202     ( $borrower_number, $username ) = GetValidLinkInfo($uniqueKey);
 203
 204     if ( !$borrower_number ) {
 205         $errLinkNotValid = 1;
 206     }
 207
 208     my $borrower = Koha::Patrons->find($borrower_number);
 209
 210     $template->param(
 211         new_password    => 1,
 212         email           => $email,
 213         uniqueKey       => $uniqueKey,
 214         username        => $username,
 215         errLinkNotValid => $errLinkNotValid,
 216         hasError        => ( $errLinkNotValid ? 1 : 0 ),
 217         minPasswordLength => $borrower->category->effective_min_password_length,
 218         RequireStrongPassword => $borrower->category->effective_require_strong_password
 219     );
 220 }
 221 else {    #password recovery form (to send email)
 222     $template->param( password_recovery => 1 );
 223 }
 224
 225 output_html_with_http_headers $query, $cookie, $template->output;