Refactor + email plugin.

3 years ago · ae82906362
parent 3779b9fe1d
commit ae82906362
4 changed files with 55 additions and 34 deletions
--- a/Web/lib/MJB/Web.pm
+++ b/Web/lib/MJB/Web.pm
@ -65,11 +65,11 @@ sub startup ($self) {

    # Helper to redirect on errors, support setting the form and errors in a flash
    # if they exist in the stash.
-    $self->helper( redirect_error => sub ( $c, $redirect_to ) {
+    $self->helper( redirect_error => sub ( $c, $redirect_to, $redirect_args = {} ) {
        $c->flash( form   => $c->stash->{form}   ) if $c->stash->{form};
        $c->flash( errors => $c->stash->{errors} ) if $c->stash->{errors};

-        $c->redirect_to( $c->url_for( $redirect_to ) );
+        $c->redirect_to( $c->url_for( $redirect_to, $redirect_args ) );
    });

    # Minion plugin & tasks
--- a/Web/lib/MJB/Web/Controller/Auth.pm
+++ b/Web/lib/MJB/Web/Controller/Auth.pm
@ -2,9 +2,6 @@ package MJB::Web::Controller::Auth;
 use Mojo::Base 'Mojolicious::Controller', -signatures;
 use Try::Tiny;
 use DateTime;
-use Email::Sender::Simple qw( sendmail );
-use Email::Sender::Transport::SMTP;
-use Email::MIME::Kit;

 #==
 # GET /register | show_register | templates/auth/register.html.ep
@ -194,44 +191,49 @@ sub do_logout ( $c ) {
 #==
 sub forgot ( $c ) { }

+#==
+# POST /forgot | do_forgot
+#       email | The email address to reset the password for
+#
+# When a user requests their password be reset, a token is created
+# that can be used to reset the password.
+#
+# This token is sent to the user via email as a link they can click
+# to go to the reset page.
+#==
 sub do_forgot ( $c ) {
-    $c->stash->{template} = 'auth/forgot';
-
-    my $email  = $c->stash->{form_email} = $c->param('email');
+    my $email  = $c->stash->{form}->{email} = $c->param('email');
    
    my $person = $c->db->resultset('Person')->find( { email => $email } )
        or push @{$c->stash->{errors}}, "There is no account with that email address.";

-    return 0 if $c->stash->{errors};
+    return $c->redirect_error( 'show_forgot' )
+        if $c->stash->{errors};

    # Make a token & send the email TODO
    my $token = $person->create_auth_token( 'forgot' );

-    my $mkit_path = $c->config->{mkit_path};
-    my $transport =  Email::Sender::Transport::SMTP->new(%{$c->config->{smtp}});
-
-    my $kit = Email::MIME::Kit->new({ source => "$mkit_path/forgot_password.mkit" } );
-
-    my $message = $kit->assemble( { 
-        send_to => $email, 
-        link => 'https://' . $c->config->{domain} . "/reset/$token"
-    });
-
-    sendmail( $message, { transport => $transport } );
+    #$c->send_email( 'forgot_password', {
+    #    send_to => $email, 
+    #    link => 'https://' . $c->config->{domain} . "/reset/$token"
+    #});

    # Let the user know the next steps.
-    $c->stash->{success} = 1;
-    $c->stash->{success_message} = 'Please check your email for a password reset link.';;
-
-    # Clear the form.
-    $c->stash->{form_email} = '';
+    $c->flash( confirmation => 'Please check your email for a password reset link.' );
+    $c->redirect_to( $c->url_for( 'show_forgot' ) );
 }

 sub reset ( $c ) { }

+#==
+# POST /reset/:token
+#       password         | The new password for the user
+#       password_confirm | The new password for the user, again
+#
+# This route is used to reset a password when somebody has a token for
+# a password reset on an account.
+#==
 sub do_reset ( $c ) {
-    $c->stash->{template} = 'auth/reset'; 
-
    my $token    = $c->param('token');
    my $password = $c->stash->{form_password}         = $c->param('password');
    my $confirm  = $c->stash->{form_password_confirm} = $c->param('password_confirm');
@ -239,7 +241,8 @@ sub do_reset ( $c ) {
    push @{$c->stash->{errors}}, "Password is required"         unless $password;
    push @{$c->stash->{errors}}, "Confirm Password is required" unless $confirm;

-    return if $c->stash->{errors};
+    return $c->redirect_error( 'show_reset', { token => $token } )
+        if $c->stash->{errors};

    push @{$c->stash->{errors}}, "Password and confirm password must match"
        unless $confirm eq $password;
@ -247,7 +250,8 @@ sub do_reset ( $c ) {
    push @{$c->stash->{errors}}, "Password must be at least 8 characters"
        unless length($password) >= 8;
    
-    return if $c->stash->{errors};
+    return $c->redirect_error( 'show_reset', { token => $token } )
+        if $c->stash->{errors};

    my $lower_time = DateTime->now;
       $lower_time->subtract( minutes => 60 );
@ -261,7 +265,8 @@ sub do_reset ( $c ) {
    push @{$c->stash->{errors}}, "This token is not valid."
        unless $record;

-    return 0 if $c->stash->{errors};
+    return $c->redirect_error( 'show_reset', { token => $token } )
+        if $c->stash->{errors};

    # Change the user's password.
    $record->person->auth_password->update_password( $password );
@ -277,6 +282,3 @@ sub do_reset ( $c ) {
 }

 1;
-
-
-
--- a/Web/lib/MJB/Web/Plugin/Email.pm
+++ b/Web/lib/MJB/Web/Plugin/Email.pm
@ -0,0 +1,19 @@
+package MJB::Web::Plugin::Email;
+use Mojo::Base 'Mojolicious::Plugin', -signatures;
+use Email::Sender::Simple qw( sendmail );
+use Email::Sender::Transport::SMTP;
+use Email::MIME::Kit;
+
+sub register ( $self, $app, $config ) {
+
+    $app->helper( send_email => sub ($c, $template, $options ) {
+        my $transport =  Email::Sender::Transport::SMTP->new(%{$c->config->{smtp}});
+        my $mkit_path = $c->home->child('mkits')->to_string;
+
+        my $kit = Email::MIME::Kit->new({ source => sprintf( "%s/%s.mkit", $mkit_path, $template ) } );
+
+        my $message = $kid->assemble( $options );
+        
+        sendmail( $message, { transport => $transport } );
+    });
+}
--- a/Web/templates/auth/forgot.html.ep
+++ b/Web/templates/auth/forgot.html.ep
@ -11,7 +11,7 @@
    <%= include '_base/form/input', type => 'email', name => 'email',
        title => 'Email Address', 
        help  => '',
-        value => $c->stash->{form_email}
+        value => $c->stash->{form}->{email}
    %>
    
    <button type="submit" class="btn btn-primary float-end">Reset Password</button>