else {
IkiWiki::userinfo_set($user, $field, $password);
}
+
+ # Setting the password clears any passwordless login token.
+ if ($field ne 'passwordless') {
+ IkiWiki::userinfo_set($user, "cryptpasswordless", "");
+ IkiWiki::userinfo_set($user, "passwordless", "");
+ }
}
sub formbuilder_setup (@) {
my $session=$params{session};
my $cgi=$params{cgi};
- if ($form->title eq "signin" || $form->title eq "register" || $cgi->param("do") eq "register") {
+ my $do_register=defined $cgi->param("do") && $cgi->param("do") eq "register";
+
+ if ($form->title eq "signin" || $form->title eq "register" || $do_register) {
$form->field(name => "name", required => 0);
$form->field(name => "password", type => "password", required => 0);
- if ($form->submitted eq "Register" || $form->submitted eq "Create Account" || $cgi->param("do") eq "register") {
+ if ($form->submitted eq "Register" || $form->submitted eq "Create Account" || $do_register) {
$form->field(name => "confirm_password", type => "password");
$form->field(name => "account_creation_password", type => "password")
if (defined $config{account_creation_password} &&
my $cgi=$params{cgi};
my $buttons=$params{buttons};
+ my $do_register=defined $cgi->param("do") && $cgi->param("do") eq "register";
+
if ($form->title eq "signin" || $form->title eq "register") {
- if (($form->submitted && $form->validate) || $cgi->param("do") eq "register") {
+ if (($form->submitted && $form->validate) || $do_register) {
if ($form->submitted eq 'Login') {
$session->param("name", $form->field("name"));
IkiWiki::cgi_postsignin($cgi, $session);
my $template=template("passwordmail.tmpl");
$template->param(
user_name => $user_name,
- passwordurl => IkiWiki::cgiurl(
+ passwordurl => IkiWiki::cgiurl_abs(
'do' => "reset",
'name' => $user_name,
'token' => $token,
),
wikiurl => $config{url},
wikiname => $config{wikiname},
- REMOTE_ADDR => $ENV{REMOTE_ADDR},
+ remote_addr => $session->remote_addr(),
);
eval q{use Mail::Sendmail};
$form->field(name => "name", required => 0);
push @$buttons, "Reset Password";
}
- elsif ($form->submitted eq "Register" || $cgi->param("do") eq "register") {
+ elsif ($form->submitted eq "Register" || $do_register) {
@$buttons="Create Account";
}
}
elsif ($form->title eq "preferences") {
if ($form->submitted eq "Save Preferences" && $form->validate) {
my $user_name=$form->field('name');
- if ($form->field("password") && length $form->field("password")) {
+ if (defined $form->field("password") && length $form->field("password")) {
setpassword($user_name, $form->field('password'));
}
}
IkiWiki::cgi_prefs($q, $session);
exit;
}
+ elsif ($q->param('do') eq 'tokenauth') {
+ my $name=$q->param("name");
+ my $token=$q->param("token");
+
+ if (! defined $name || ! defined $token ||
+ ! length $name || ! length $token) {
+ error(gettext("incorrect url"));
+ }
+ if (! checkpassword($name, $token, "passwordless")) {
+ error(gettext("access denied"));
+ }
+
+ $session->param("name", $name);
+ IkiWiki::cgi_prefs($q, $session);
+ exit;
+ }
elsif ($q->param("do") eq "register") {
# After registration, need to go somewhere, so show prefs page.
$session->param(postsignin => "do=prefs");