File Coverage

blib/lib/Bracket/Controller/Auth.pm

Criterion	Covered	Total	%
statement	82	135	60.7
branch	6	22	27.2
condition			n/a
subroutine	25	31	80.6
pod	3	10	30.0
total	116	198	58.5

line	stmt	bran	sub	pod	time	code
1
2						use Moose;
3	4		4		2121	BEGIN { extends 'Catalyst::Controller' }
	4				10
	4				36
4	4		4		23102	use Time::HiRes qw/ time /;
5	4		4		22648	use Bracket::Form::Register;
	4				9
	4				35
6	4		4		2273	use Bracket::Form::Login;
	4				16
	4				180
7	4		4		1997	use Bracket::Form::Password::Change;
	4				16
	4				175
8	4		4		2026	use Bracket::Form::Password::ResetEmail;
	4				14
	4				190
9	4		4		2193	use Bracket::Form::Password::Reset;
	4				26
	4				178
10	4		4		2054
	4				15
	4				1073
11						require Data::Dumper if debug;
12	6		6	0	24
13
14						=head1 Name
15
16						Bracket::Controller::Admin - Functions for admin users
17
18						=head1 Description
19
20						Controller with authentication related actions:
21
22						* register
23						* login/logout
24						* change/reset password
25
26						=cut
27
28						has 'register_form' => (
29						isa => 'Bracket::Form::Register',
30						is => 'rw',
31						lazy => 1,
32						default => sub { Bracket::Form::Register->new },
33						);
34
35						has 'login_form' => (
36						isa => 'Bracket::Form::Login',
37						is => 'rw',
38						lazy => 1,
39						default => sub { Bracket::Form::Login->new },
40						);
41
42						has 'change_password_form' => (
43						isa => 'Bracket::Form::Password::Change',
44						is => 'rw',
45						lazy => 1,
46						default => sub { Bracket::Form::Password::Change->new },
47						);
48
49						has 'email_reset_password_link_form' => (
50						isa => 'Bracket::Form::Password::ResetEmail',
51						is => 'rw',
52						lazy => 1,
53						default => sub { Bracket::Form::Password::ResetEmail->new },
54						);
55
56						has 'reset_password_form' => (
57						isa => 'Bracket::Form::Password::Reset',
58						is => 'rw',
59						lazy => 1,
60						default => sub { Bracket::Form::Password::Reset->new },
61						);
62
63						my ($self, $c) = @_;
64
65						$c->stash(
66	1		1	0	894	template => 'form/auth/register.tt',
67						form => $self->register_form,
68	1				33	);
69
70						my $new_player = $c->model('DBIC::Player')->new_result({});
71						$self->register_form->process(
72						item => $new_player,
73	1				107	params => $c->request->parameters,
74	1				1090	);
75
76						# This return on GET (new form) and a POSTed form that's invalid.
77						return if !$self->register_form->is_valid;
78
79						# At this stage the form has validated
80	1	50			12238	$c->flash->{status_msg} = 'Registration succeeded';
81						$c->response->redirect($c->uri_for('/login'));
82						}
83	0				0
84	0				0	=head2 login
85	4		4		36
	4				10
	4				42
86						Log in through the authentication system.
87
88						=cut
89
90						my ($self, $c) = @_;
91
92						$c->stash(
93						template => 'form/auth/login.tt',
94	2		2	1	2353	form => $self->login_form,
95						);
96	2				72
97						$self->login_form->process(params => $c->request->parameters,);
98
99						# This return on GET (new form) and a POSTed form that's invalid.
100						return if !$self->login_form->is_valid;
101	2				410
102						my $is_authenticated = $c->authenticate(
103						{
104	2	50			14938	email => $self->login_form->field('email')->value,
105						password => $self->login_form->field('password')->value,
106	0				0	}
107						);
108						if (!$is_authenticated) {
109						my $login_URI = $c->uri_for('/login');
110						$c->response->body("Could not <big><a href='$login_URI'>login</a></big>");
111						$c->detach();
112	0	0			0	}
113	0				0
114	0				0	my $user_id = $c->user->id;
115	0				0	warn "USER ID: $user_id" if debug;
116
117						# At this stage the form has validated
118	0				0	$c->response->redirect(
119	0	0			0	$c->uri_for($c->controller('Player')->action_for('home')) . "/${user_id}",
120						);
121
122	0				0	}
123
124						=head2 logout
125
126	4		4		5103	Log in through the authentication system.
	4				9
	4				18
127
128						=cut
129
130						my ($self, $c) = @_;
131
132						$c->logout;
133						$c->response->redirect($c->uri_for('/login'));
134
135	0		0	1	0	return;
136						}
137	0				0
138	0				0	=head2 change_password
139
140	0				0	Change player password
141	4		4		3253
	4				9
	4				18
142						=cut
143
144						my ($self, $c) = @_;
145
146						my $form = $self->change_password_form;
147
148						$c->stash(
149						template => 'form/auth/change_password.tt',
150	0		0	1	0	form => $form,
151						);
152	0				0	$form->process(
153						item_id => $c->user->id,
154	0				0	params => $c->request->parameters,
155						schema => $c->model('DBIC')->schema,
156						);
157
158	0				0	return if !$form->is_valid;
159
160						$c->flash->{status_msg} = 'Password changed';
161						$c->response->redirect($c->uri_for('/account'));
162
163						}
164	0	0			0
165						my ($self, $c) = @_;
166	0				0
167	0				0	my $form = $self->email_reset_password_link_form;
168						$c->stash(
169	4		4		3519	template => 'form/auth/reset_password.tt',
	4				11
	4				18
170						form => $form,
171						);
172	1		1	0	906	$form->process(
173						params => $c->request->parameters,
174	1				36	schema => $c->model('DBIC')->schema,
175	1				9	);
176						return if !$form->is_valid;
177
178						# Get user based on email.
179	1				145	my $to_email = $form->field('email')->value;
180						my $user = $c->model('DBIC::Player')->find({ email => $to_email });
181
182						# create and email password reset link
183	1	50			6822	my $token = create_token($user->id);
184						my $create_token_coderef = sub {
185						$c->model('DBIC::Token')->create(
186	0				0	{
187	0				0	player => $user->id,
188						token => $token,
189						type => 'reset_password',
190	0				0	}
191						);
192	0		0		0	};
193						eval { $c->model('DBIC')->schema->txn_do($create_token_coderef); };
194						if ($@) {
195						my $message = "Not able to create token\n";
196						warn $message . $@;
197						$c->flash->{status_msg} = $message;
198						}
199	0				0	else {
200	0				0	$c->forward($self->action_for('email_link'), [ $to_email, $token ]);
	0				0
201	0	0			0	$c->flash->{status_msg} =
202	0				0	"A password reset </strong>link</strong> has been <strong>emailed to you.</strong>";
203	0				0	$c->response->redirect($c->uri_for('/message'));
204	0				0	}
205						}
206
207	0				0	my ($self, $c) = @_;
208
209	0				0	my $token = $c->request->query_parameters->{reset_password_token};
210	0				0	warn "TOKEN: $token\n" if debug;
211						my ($user_id) = $token =~ /_(\d+)$/;
212	4		4		3760	warn "USER ID for RESET: $user_id\n" if debug;
	4				11
	4				19
213						my $token_row_object =
214						$c->model('DBIC::Token')
215	1		1	0	888	->search({ player => $user_id, token => $token, type => 'reset_password' })->first;
216						if (!$token_row_object) {
217	1				19	$c->response->body("Token not found.");
218	1	50			46	$c->detach();
219	1				19	}
220	1	50			4
221	1				6	my $form = $self->reset_password_form;
222						my $player_object = $token_row_object->player;
223						$c->stash(
224	1	50			4893	template => 'form/auth/reset_password.tt',
225	1				142	form => $form,
226	1				59	);
227						$form->process(
228						item => $player_object,
229	0				0	params => $c->request->body_parameters,
230	0				0	schema => $c->model('DBIC')->schema,
231	0				0	);
232						return if !$form->is_valid;
233
234						$c->flash->{status_msg} = "Password has been reset.";
235	0				0	$c->response->redirect($c->uri_for('/login'));
236						}
237
238						my $user_id = shift;
239						return time . rand(10000) . "_${user_id}";
240	0	0			0	}
241
242	0				0	my ($self, $c, $to_email, $token) = @_;
243	0				0
244	4		4		3883	use Email::Sender::Simple qw(try_to_sendmail);
	4				11
	4				18
245						use Email::Simple;
246						use Email::Simple::Creator;
247	0		0	0		use Email::Sender::Transport::Test;
248	0
249						my $link = $c->request->base . 'reset_password?reset_password_token=' . $token;
250						my $admin_email = 'hunter@missoula.org';
251						my $subject = 'Reset password link';
252	0		0	0	0	my $message = <<"END_MESSAGE";
253						Use the following link to reset your password:
254	4		4		5652	$link
	4				518711
	4				30
255	4		4		1301	END_MESSAGE
	4				98
	4				92
256	4		4		21
	4				8
	4				80
257	4		4		1872	my $email = Email::Simple->create(
	4				49411
	4				480
258						header => [
259	0				0	To => $to_email,
260	0				0	From => $admin_email,
261	0				0	Subject => $subject,
262	0				0	],
263						body => $message,
264						);
265						my $success = try_to_sendmail($email);
266						}
267	0				0
268						my ($self, $c) = @_;
269
270						$c->stash->{template} = 'empty.tt';
271						}
272
273						1