password-update.tcl

Let's the user change his/her password. Asks for old password, new password, and confirmation.

Location:
/packages/acs-subsite/www/user/password-update.tcl
CVS ID:
$Id: password-update.tcl,v 1.27.2.2 2022/01/14 19:23:11 antoniop Exp $

Related Files

[ hide source ] | [ make this the default ]

File Contents

ad_page_contract {
    Let's the user change his/her password.  Asks
    for old password, new password, and confirmation.

    @cvs-id $Id: password-update.tcl,v 1.27.2.2 2022/01/14 19:23:11 antoniop Exp $
} {
    {user_id:naturalnum,notnull {[ad_conn untrusted_user_id]}}
    {return_url:localurl ""}
    {old_password ""}
    {message ""}
}
# This is a bit confusing, but old_password is what we get passed in here,
# whereas password_old is the form element.


# Redirect to HTTPS if so configured
if { [security::RestrictLoginToSSLP] } {
    security::require_secure_conn
}

if { $old_password ne "" } {
    # If old_password is set, this is a user who has had his password recovered,
    # so they won't be authenticated yet.
} else {
    set level [expr {[security::RestrictLoginToSSLP] ? "secure" : "ok"}]

    # If the user is changing passwords for another user, they need to be account ok
    set account_status [expr {$user_id == [ad_conn untrusted_user_id] ? "closed" : "ok"}]

    auth::require_login \
        -level $level \
        -account_status $account_status
}


if { ![auth::password::can_change_p -user_id $user_id] } {
    ad_return_error \
        "Not supported" \
        "Changing password is not supported."
    ad_script_abort
}

set admin_p [permission::permission_p -object_id $user_id -privilege admin]

if { !$admin_p } {
    permission::require_permission -party_id $user_id -object_id $user_id -privilege write
}



set page_title [_ acs-subsite.Update_Password]
set context [list [list [ad_pvt_home] [ad_pvt_home_name]] $page_title]

set system_name [ad_system_name]
set site_link [ad_site_home_link]

acs_user::get -user_id $user_id -array user

ad_form -name update -edit_buttons [list [list [_ acs-kernel.common_update] "ok"]] -form {
        {user_id:integer(hidden)}
        {return_url:text(hidden),optional}
        {old_password:text(hidden),optional}
        {message:text(hidden),optional}
    }

if { $old_password ne "" } {
    set focus "update.password_1"
} else {
    ad_form -extend -name update -form {
        {password_old:text(password)
            {label {[_ acs-subsite.Current_Password]}}
        }
    }
    set focus "update.password_old"
}

ad_form -extend -name update -form {
    {password_1:text(password)
        {label {[_ acs-subsite.New_Password]}}
        {html {size 20}}
    }
    {password_2:text(password)
        {label {[_ acs-subsite.Confirm]}}
        {html {size 20}}
    }
} -on_request {

} -validate {
    {password_1
        { [string equal $password_1 $password_2] }
        { Passwords don't match }
    }
} -on_submit {

    if { $old_password ne "" } {
        set password_old $old_password
    }

    array set result [auth::password::change \
                          -user_id $user_id \
                          -old_password $password_old \
                          -new_password $password_1]

    switch -- $result(password_status) {
        ok {
            # Continue
        }
        old_password_bad {
            if { $old_password eq "" } {
                form set_error update password_old $result(password_message)
            } else {
                # This hack causes the form to reload as if submitted, but with the old password showing
                ad_returnredirect [export_vars \
                                       -base [ad_conn url] \
                                       -entire_form -exclude { old_password } \
                                       -override { { password_old $old_password } }]
                ad_script_abort
            }
            break
        }
        default {
            form set_error update password_1 $result(password_message)
            break
        }
    }

    # If old_password was supplied, handle authentication and log the user in
    if { $old_password ne "" } {

        # We use full-scale auth::authenticate here, in order to be sure we also get account-status checked
        # Hm. What if there's a problem with timing, so the password update doesn't take effect immediately?
        array set auth_info [auth::authenticate \
                -return_url $return_url \
                -authority_id $user(authority_id) \
                -username $user(username) \
                -password $password_1]

        # Handle authentication problems
        switch -- $auth_info(auth_status) {
            ok {
                # Continue below
            }
            default {
                # we shouldn't get bad password here ...
                form set_error update password_1 $auth_info(auth_message)
                break
            }
        }

        if { [info exists auth_info(account_url)] && $auth_info(account_url) ne "" } {
            ad_returnredirect $auth_info(account_url)
            ad_script_abort
        }

        # Handle account status
        switch -- $auth_info(account_status) {
            ok {
                # Continue below
            }
            default {
                # Display the message on a separate page
                ad_returnredirect [export_vars -base "[subsite::get_element -element url]register/account-closed" { { message $auth_info(account_message) } }]
                ad_script_abort
            }
        }
    }

    # If the account was closed, it might be open now
    if {[ad_conn account_status] eq "closed"} {
        auth::verify_account_status
    }

} -after_submit {
    if { $return_url eq "" } {
        set return_url [ad_pvt_home]
    }
    set message [_ acs-subsite.confirmation_password_changed]

    ad_returnredirect -message $message -- $return_url
    ad_script_abort
}

# Local variables:
#    mode: tcl
#    tcl-indent-level: 4
#    indent-tabs-mode: nil
# End: