oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed style in style upon reuse of password recovery token

Browse source
This commit is contained in:
Kaleb Murphy 2008-09-11 14:32:21 +00:00
parent 27769a9b68
commit 3f0b3b3e09
3 changed files with 14 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/WebGUI/Auth/WebGUI.pm
View file

@ -752,6 +752,7 @@ sub emailRecoverPassword {
);
$output .= $f->print;
$self->session->log->error($output);
return $output;
}
@ -1004,8 +1005,9 @@ sub emailResetPassword {
$self->session->user({user=>$u});
# do not proceed unless we have an incoming guid from the email, and that guid corresponds to a valid user.
unless ($passwordRecoveryToken && $userId) {
return $session->privilege->insufficient;
if(!defined $userId){
my $i18n = WebGUI::International->new($self->session,"AuthWebGUI");
return $i18n->get("token already used");
}
# login the user and take them to a page where they can change their password.
@ -1068,8 +1070,11 @@ sub emailResetPasswordFinish {
my $passwordRecoveryToken = $form->param('token');
my $userId = $self->getUserIdByPasswordRecoveryToken($session, $passwordRecoveryToken);
return $session->privilege->insufficient unless $userId;
if(!defined $userId){
my $i18n = WebGUI::International->new($self->session,"AuthWebGUI");
return $i18n->get("token already used");
}
if ($self->_isValidPassword($password, $passwordConfirm)) {
$self->user(WebGUI::User->new($self->session, $userId));