1 |
diff -urN smeserver-manager-0.1.4.old/createlinks smeserver-manager-0.1.4/createlinks |
2 |
--- smeserver-manager-0.1.4.old/createlinks 2021-06-21 13:25:10.000000000 +0400 |
3 |
+++ smeserver-manager-0.1.4/createlinks 2022-07-18 14:14:26.458000000 +0400 |
4 |
@@ -47,3 +47,8 @@ |
5 |
|
6 |
event_link('systemd-default', "smeserver-manager-update", '88'); |
7 |
event_link('systemd-reload', "smeserver-manager-update", '89'); |
8 |
+ |
9 |
+use esmith::Build::Backup qw(:all); |
10 |
+backup_includes("smeserver-manager", qw( |
11 |
+/usr/share/smanager/data |
12 |
+)); |
13 |
diff -urN smeserver-manager-0.1.4.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass smeserver-manager-0.1.4/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass |
14 |
--- smeserver-manager-0.1.4.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass 2022-07-17 20:31:12.000000000 +0400 |
15 |
+++ smeserver-manager-0.1.4/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass 2022-07-17 21:08:53.332000000 +0400 |
16 |
@@ -27,19 +27,17 @@ |
17 |
$OUT .= " RequestHeader set X-Forwarded-Proto 'http'\n"; |
18 |
|
19 |
$OUT .= " <Location '/$place'>\n"; |
20 |
- $OUT .= " order deny,allow\n"; |
21 |
- $OUT .= " deny from all\n"; |
22 |
if ($port eq $plainPort) |
23 |
{ |
24 |
- $OUT .= ' allow from 127.0.0.1' . "\n"; |
25 |
+ $OUT .= ' Require ip 127.0.0.1' . "\n"; |
26 |
} |
27 |
elsif (($haveSSL eq 'yes') && ($port eq $sslPort) && ($adminAccess eq 'public')) |
28 |
{ |
29 |
$OUT .= "# public access requested in conf db\n"; |
30 |
- $OUT .= " allow from all\n"; |
31 |
+ $OUT .= " Require all granted\n"; |
32 |
} else { |
33 |
$OUT .= "# private access by default\n"; |
34 |
- $OUT .= " allow from $localAccess $externalSSLAccess\n"; |
35 |
+ $OUT .= " Require ip $localAccess $externalSSLAccess\n"; |
36 |
} |
37 |
$OUT .= " </Location>\n"; |
38 |
} |
39 |
diff -urN smeserver-manager-0.1.4.old/root/etc/e-smith/templates/usr/share/smanager/conf/srvmngr.conf/25Pwdrst smeserver-manager-0.1.4/root/etc/e-smith/templates/usr/share/smanager/conf/srvmngr.conf/25Pwdrst |
40 |
--- smeserver-manager-0.1.4.old/root/etc/e-smith/templates/usr/share/smanager/conf/srvmngr.conf/25Pwdrst 1970-01-01 04:00:00.000000000 +0400 |
41 |
+++ smeserver-manager-0.1.4/root/etc/e-smith/templates/usr/share/smanager/conf/srvmngr.conf/25Pwdrst 2022-01-24 20:32:49.549000000 +0400 |
42 |
@@ -0,0 +1,4 @@ |
43 |
+ # password reset disabled by default |
44 |
+ pwdreset => { ($smanager{'PwdReset'} eq 'enabled' ? '1' : '0') || '0' }, |
45 |
+ # reset delay in hours |
46 |
+ pwdreset_delay => 2, |
47 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/conf/admin_muttrc smeserver-manager-0.1.4/root/usr/share/smanager/conf/admin_muttrc |
48 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/conf/admin_muttrc 1970-01-01 04:00:00.000000000 +0400 |
49 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/conf/admin_muttrc 2022-01-24 20:32:49.549000000 +0400 |
50 |
@@ -0,0 +1,5 @@ |
51 |
+set from = "admin" |
52 |
+set realname = "Administrator" |
53 |
+set record = "/usr/share/smanager/log/mail_sent" |
54 |
+##set content_type = "text/html" |
55 |
+ |
56 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr/Controller/Login.pm smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr/Controller/Login.pm |
57 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr/Controller/Login.pm 2021-06-21 13:25:10.000000000 +0400 |
58 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr/Controller/Login.pm 2022-01-24 20:32:49.550000000 +0400 |
59 |
@@ -7,6 +7,8 @@ |
60 |
# for information |
61 |
# $r->get('/login')->to('login#main')->name('login'); |
62 |
# $r->post('/login')->to('login#login')->name('signin'); |
63 |
+# $r->get('/login2')->to('login#pwdrescue')->name('pwdresc'); |
64 |
+# $r->get('/loginc')->to('login#confpwd')->name('resetpwdconf'); |
65 |
# for information |
66 |
|
67 |
use strict; |
68 |
@@ -47,6 +49,18 @@ |
69 |
|
70 |
my $trt = $c->param('Trt'); |
71 |
|
72 |
+ # password reset request |
73 |
+ if ( $trt eq 'RESET' ) { |
74 |
+ my $res = $c->mail_rescue(); |
75 |
+ if ( $res ne 'OK' ) { |
76 |
+ $c->stash( error => $res, trt => $trt ); |
77 |
+ return $c->render('login'); |
78 |
+ } |
79 |
+ $c->flash( success => $c->l('use_RESET_REGISTERED') ); |
80 |
+ record_login_attempt($c, 'RESET'); |
81 |
+ return $c->redirect_to( $c->home_page ); |
82 |
+ } |
83 |
+ |
84 |
# normal loggin |
85 |
my $name = $c->param('Username'); |
86 |
my $pass = $c->param('Password'); |
87 |
@@ -64,7 +78,6 @@ |
88 |
return $c->render('login'); |
89 |
} |
90 |
|
91 |
- |
92 |
my $alias = SrvMngr::Model::Main->check_adminalias( $c ); |
93 |
if ( $alias ) { |
94 |
if ( $name eq $alias ) { |
95 |
@@ -79,13 +92,14 @@ |
96 |
if (SrvMngr::Model::Main->check_credentials($name, $pass)) { |
97 |
$c->session(logged_in => 1); # set the logged_in flag |
98 |
$c->session(username => $name); # keep a copy of the username |
99 |
-# if ( $name eq 'admin' || $adb->is_user_in_group($name, 'AdmiN') ) { # for futur use |
100 |
+# if ( $name eq 'admin' || $adb->is_user_in_group($name, 'AdmiN') ) # for futur use |
101 |
if ( $name eq 'admin' ) { |
102 |
$c->session(is_admin => 1); |
103 |
} else { |
104 |
$c->session(is_admin => 0); |
105 |
} |
106 |
$c->session(expiration => 600); # expire this session in 10 minutes |
107 |
+ |
108 |
$c->flash( success => $c->l('use_WELCOME') ); |
109 |
record_login_attempt($c, 'SUCCESS'); |
110 |
} else { |
111 |
@@ -102,6 +116,68 @@ |
112 |
} |
113 |
|
114 |
|
115 |
+sub pwdrescue { |
116 |
+ |
117 |
+ my $c = shift; |
118 |
+ |
119 |
+ $c->stash( trt => 'RESET' ); |
120 |
+ |
121 |
+ $c->render('login'); |
122 |
+ |
123 |
+} |
124 |
+ |
125 |
+ |
126 |
+sub mail_rescue { |
127 |
+ |
128 |
+ my $c = shift; |
129 |
+ my $name = $c->param('Username'); |
130 |
+ my $from = $c->param('From'); |
131 |
+ |
132 |
+ my $res; |
133 |
+ |
134 |
+ $res .= $c->l('use_TOO_MANY_LOGIN') if ( is_denied($c) ); |
135 |
+ |
136 |
+# untaint |
137 |
+ if ( ! $res && $name !~ /^([a-z][\-\_\.a-z0-9]*)$/ ) { |
138 |
+ record_login_attempt($c, 'FAILED'); |
139 |
+ $res .= $c->l('use_ERR_NAME'); |
140 |
+ } |
141 |
+ |
142 |
+ if ( ! $res && $name eq 'admin' ) { |
143 |
+ $res .= $c->l('use_NOT_THAT_OPER'); |
144 |
+ } |
145 |
+ |
146 |
+# user exists ? |
147 |
+ if ( ! $res ) { |
148 |
+ my $acct = $adb->get($name); |
149 |
+ if ( ! $acct || $acct->prop('type') ne "user" || $acct->prop('PasswordSet') ne 'yes' ) { |
150 |
+ $res .= $c->l('use_NOT_THAT_OPER'); |
151 |
+ } |
152 |
+ } |
153 |
+ |
154 |
+ return $res if $res; |
155 |
+ |
156 |
+# send email |
157 |
+ my $email = $name .'@'. $c->session->{DomainName}; |
158 |
+ my $until = time() + $RESET_DURATION; |
159 |
+ |
160 |
+ $c->pwdrst->{$name} = { |
161 |
+ email => $email, |
162 |
+ date => $until, |
163 |
+ confirmed => 0, |
164 |
+ }; |
165 |
+ my $jwt = $c->jwt->claims({username => $name})->encode; |
166 |
+ my $url = $c->url_for('loginc')->to_abs->query(jwt => $jwt); |
167 |
+ |
168 |
+# $c->email( $email, $c->l('use_CONFIRM_RESET'), $c->render_to_string(inline => $c->l('use_GO_TO_URL', $url) ) ); |
169 |
+# directly (without minion) |
170 |
+ $c->send_email( $email, $c->l('use_CONFIRM_RESET'), $c->render_to_string(inline => $c->l('use_GO_TO_URL', $url) ) ); |
171 |
+ |
172 |
+ return 'OK'; |
173 |
+ |
174 |
+} |
175 |
+ |
176 |
+ |
177 |
sub logout { |
178 |
|
179 |
my $c = shift; |
180 |
@@ -109,19 +185,52 @@ |
181 |
|
182 |
$c->session( expires => 1 ); |
183 |
$c->flash( success => $c->l('use_BYE') ); |
184 |
+ $c->flash( error => 'Byegood' ); |
185 |
|
186 |
$c->redirect_to( $c->home_page ); |
187 |
|
188 |
} |
189 |
|
190 |
|
191 |
+sub confpwd { |
192 |
+ |
193 |
+ my $c = shift; |
194 |
+ |
195 |
+ my $jwt = $c->param('jwt'); |
196 |
+ my $name = $c->jwt->decode($jwt)->{username}; |
197 |
+ |
198 |
+ # request already treated or outdated |
199 |
+ if ( $c->pwdrst->{$name}{confirmed} != 0 or $c->pwdrst->{$name}{date} < time() ) { |
200 |
+ $c->flash( error => $c->l('use_INVALID_REQUEST')); |
201 |
+ return $c->redirect_to( $c->home_page ); |
202 |
+ } |
203 |
+ |
204 |
+ # reset password for this account |
205 |
+ $c->pwdrst->{$name}{confirmed} = 1; |
206 |
+ |
207 |
+ $c->flash( success => $c->l('use_OK_FOR_RESET') ); |
208 |
+ |
209 |
+ # call userpassword with encoded name |
210 |
+ my $url = $c->url_for('userpasswordr')->to_abs->query(jwt => $jwt); |
211 |
+ # warn "confpwd: " . $url . "\n"; |
212 |
+ |
213 |
+ return $c->redirect_to( $url ); |
214 |
+ |
215 |
+} |
216 |
+ |
217 |
+ |
218 |
sub record_login_attempt { |
219 |
+ |
220 |
my ($c, $result) = @_; |
221 |
|
222 |
my $user = $c->param('Username'); |
223 |
my $ip_address = $c->tx->remote_address; |
224 |
|
225 |
- if ($result eq 'SUCCESS') { |
226 |
+ if ($result eq 'RESET') { |
227 |
+ |
228 |
+ $c->app->log->info(join "\t", "Password reset requested for : $user at ", $ip_address); |
229 |
+ |
230 |
+ } elsif ($result eq 'SUCCESS') { |
231 |
|
232 |
$c->app->log->info(join "\t", "Login succeeded: $user", $ip_address); |
233 |
$Login_Attempts{$ip_address}->{tries} = 0; # reset the number of login attempts |
234 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr/Controller/Userpassword.pm smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr/Controller/Userpassword.pm |
235 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr/Controller/Userpassword.pm 2020-11-19 11:53:26.000000000 +0400 |
236 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr/Controller/Userpassword.pm 2022-07-11 23:14:53.574000000 +0400 |
237 |
@@ -33,8 +33,29 @@ |
238 |
$pwd_datas{Account} = $c->session->{username}; |
239 |
$pwd_datas{trt} = 'NORM'; |
240 |
} else { |
241 |
- $c->stash( error => 'Invalid state' ); |
242 |
- return $c->redirect_to ( $c->home_page ); |
243 |
+ my $rt = $c->current_route; |
244 |
+ my $mess = ''; |
245 |
+ my $jwt = $c->param('jwt') || ''; |
246 |
+ my $name = $c->jwt->decode($jwt)->{username} || ''; |
247 |
+ |
248 |
+ $mess = 'Invalid state' unless ($jwt and $name and $rt eq 'upwdreset'); |
249 |
+ |
250 |
+ # request already treated or outdated |
251 |
+ if ( $c->pwdrst->{$name}{confirmed} != 1 or $c->pwdrst->{$name}{date} < time() ) { |
252 |
+ $mess = $c->l('use_INVALID_REQUEST').' -step 1-'; |
253 |
+ } |
254 |
+ |
255 |
+ if ( $mess ) { |
256 |
+ $c->stash( error => $mess ); |
257 |
+ return $c->redirect_to ( $c->home_page ); |
258 |
+ } |
259 |
+ |
260 |
+ # ok for reset password for this account - step 2 |
261 |
+ $c->pwdrst->{$name}{confirmed} = 2; |
262 |
+ $pwd_datas{Account} = $name; |
263 |
+ $pwd_datas{trt} = 'RESET'; |
264 |
+ $pwd_datas{jwt} = $jwt; |
265 |
+ $c->flash( success => $c->l('use_OK_FOR_RESET') ); |
266 |
} |
267 |
|
268 |
$c->stash( pwd_datas => \%pwd_datas ); |
269 |
@@ -55,6 +76,31 @@ |
270 |
my $pass = $c->param('Pass'); |
271 |
my $passVerify = $c->param('Passverify'); |
272 |
|
273 |
+ my $jwt = $c->param('jwt') || ''; |
274 |
+ my $rt = $c->current_route; |
275 |
+ my $mess = ''; my $name = ''; |
276 |
+ $name = $c->jwt->decode($jwt)->{username} if $jwt; |
277 |
+ |
278 |
+ if ( $trt eq 'RESET' ) { |
279 |
+ $mess = 'Invalid state' unless ($jwt and $name and ($rt eq 'upwdreset2')); |
280 |
+ # request already treated or outdated |
281 |
+ if ( $c->pwdrst->{$name}{confirmed} != 2 or $c->pwdrst->{$name}{date} < time() ) { |
282 |
+ $mess = $c->l('use_INVALID_REQUEST').' -step 2-'; |
283 |
+ } |
284 |
+ if ( ! $name or $c->is_logged_in or $name ne $acctName ) { |
285 |
+ $mess = 'Invalid reset state'; |
286 |
+ } |
287 |
+ } else { |
288 |
+ if ( $name or $jwt or ! $c->is_logged_in ) { |
289 |
+ $mess = 'Invalid update state'; |
290 |
+ } |
291 |
+ } |
292 |
+ |
293 |
+ if ( $mess ) { |
294 |
+ $c->stash( error => $mess ); |
295 |
+ return $c->redirect_to ( $c->home_page ); |
296 |
+ } |
297 |
+ |
298 |
$pwd_datas{Account} = $acctName; |
299 |
$pwd_datas{trt} = $trt; |
300 |
|
301 |
@@ -79,8 +125,10 @@ |
302 |
$res = $c->check_password( $pass ); |
303 |
$result .= $res . "<br>" unless ( $res eq 'OK' ); |
304 |
|
305 |
+ # controls old password |
306 |
+ if ( $trt ne 'RESET' ) { |
307 |
unless ( $oldPass ) { |
308 |
- $result .= $c->l('pwd_FIELDS_REQUIRED') . "<br>"; |
309 |
+ $result .= $c->l('pwd_FIELDS_REQUIRED') . "<br>" unless $trt eq 'RESET'; |
310 |
} else { |
311 |
$result .= $c->l('pwd_PASSWORD_OLD_INVALID_CHARS') . "<br>" unless (($oldPass) = ($oldPass =~ /^(\S+)$/ )); |
312 |
} |
313 |
@@ -91,8 +139,11 @@ |
314 |
} |
315 |
|
316 |
# verify old password |
317 |
- $result .= $c->l('pwd_ERROR_PASSWORD_CHANGE') . "<br>" |
318 |
- unless (SrvMngr::Model::Main->check_credentials($acctName, $oldPass)); |
319 |
+ if ( $trt ne 'RESET') { |
320 |
+ $result .= $c->l('pwd_ERROR_PASSWORD_CHANGE') . "<br>" |
321 |
+ unless (SrvMngr::Model::Main->check_credentials($acctName, $oldPass)); |
322 |
+ } |
323 |
+ } |
324 |
|
325 |
# $result .= 'Blocked for test (prevents updates)<br>'; |
326 |
|
327 |
@@ -107,6 +158,7 @@ |
328 |
return $c->render( 'userpassword' ); |
329 |
} |
330 |
|
331 |
+ $c->pwdrst->{$name}{confirmed} = 9 if $trt eq 'RESET'; |
332 |
record_password_change_attempt($c, 'SUCCESS'); |
333 |
$result .= $c->l('pwd_PASSWORD_CHANGE_SUCCESS'); |
334 |
$c->flash( success => $result ); |
335 |
@@ -127,7 +179,8 @@ |
336 |
my $acct = $adb->get($user); |
337 |
return $c->l('NO_SUCH_USER', $user) unless ( $acct->prop('type') eq 'user' ); |
338 |
|
339 |
- $ret = esmith::util::setUserPasswordRequirePrevious( $user, $oldpassword, $password ); |
340 |
+ $ret = esmith::util::setUserPasswordRequirePrevious( $user, $oldpassword, $password ) if $trt ne 'RESET'; |
341 |
+ $ret = esmith::util::setUserPassword( $user, $password ) if $trt eq 'RESET'; |
342 |
|
343 |
return $c->l('pwd_ERROR_PASSWORD_CHANGE') .' '. $trt unless $ret; |
344 |
|
345 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Login/login_en.lex smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Login/login_en.lex |
346 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Login/login_en.lex 2020-11-19 11:53:26.000000000 +0400 |
347 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Login/login_en.lex 2022-01-24 20:32:49.551000000 +0400 |
348 |
@@ -20,3 +20,4 @@ |
349 |
use_DESC_RESET => 'Please enter an account name for a password reset !', |
350 |
use_RESET => 'Reset Password', |
351 |
use_OK_FOR_RESET => 'You are about to reset your user account password', |
352 |
+use_INVALID_REQUEST => 'Error: your request is invalid or outdated', |
353 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr.pm smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr.pm |
354 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/lib/SrvMngr.pm 2022-07-17 20:31:12.000000000 +0400 |
355 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/lib/SrvMngr.pm 2022-07-18 13:53:55.920000000 +0400 |
356 |
@@ -15,6 +15,9 @@ |
357 |
use Mojo::File qw( path ); |
358 |
use Mojo::Home; |
359 |
|
360 |
+use DBM::Deep; |
361 |
+use Mojo::JWT; |
362 |
+ |
363 |
use Mojolicious::Plugin::Config; |
364 |
#use Mojolicious::Plugin::I18N; |
365 |
|
366 |
@@ -23,7 +26,7 @@ |
367 |
use SrvMngr::Model::Main; |
368 |
|
369 |
|
370 |
-our $VERSION = '1.411'; |
371 |
+our $VERSION = '1.417'; |
372 |
$VERSION = eval $VERSION; |
373 |
|
374 |
use Exporter 'import'; |
375 |
@@ -168,6 +171,30 @@ |
376 |
|
377 |
$self->plugin( Config => { file => $self->config_file()} ); |
378 |
|
379 |
+ $self->helper( send_email => sub { |
380 |
+ my ($c, $address, $subject, $body) = @_; |
381 |
+ |
382 |
+ if (not defined $body) { |
383 |
+ warn "send_email: Need 3 parameters (Address, Subject, Body)\n"; |
384 |
+ return; |
385 |
+ } |
386 |
+ |
387 |
+ my $rcfile = $c->app->conf_dir().'/admin_muttrc'; |
388 |
+ |
389 |
+ #warn "send_email: $rcfile * $address\n"; #$rcfile $subject $address\n"; |
390 |
+ system( "/bin/echo \"$body\" | /usr/bin/mutt -F $rcfile -s \"$subject\" \"$address\"" ) == 0 |
391 |
+ or warn "error sendmail: $address \n"; # $subject"; |
392 |
+ }); |
393 |
+ |
394 |
+ $self->helper( pwdrst => sub { |
395 |
+ my $c = shift; |
396 |
+ my $file = $c->app->data_dir().'/pwdrst.db'; |
397 |
+ state $db = DBM::Deep->new($file); |
398 |
+ }); |
399 |
+ |
400 |
+ $self->helper( jwt => sub { |
401 |
+ Mojo::JWT->new(secret => shift->app->secrets->[0] || die) |
402 |
+ }); |
403 |
|
404 |
} |
405 |
|
406 |
@@ -222,6 +249,14 @@ |
407 |
$r->get('/manual')->to('manual#main')->name('manual'); |
408 |
$r->get('/support')->to('support#main')->name('support'); |
409 |
|
410 |
+ # Password reset allowed for this server |
411 |
+ if ( ( $self->config->{pwdreset} || '0') == 1 ) { |
412 |
+ $r->get('/login2')->to('login#pwdrescue')->name('pwdresc'); |
413 |
+ $r->get('/loginc')->to('login#confpwd')->name('resetpwdconf'); |
414 |
+ $r->get('/userpasswordr')->to('userpassword#main')->name('upwdreset'); |
415 |
+ $r->post('/userpasswordr')->to('userpassword#change_password')->name('upwdreset2'); |
416 |
+ } |
417 |
+ |
418 |
my $if_logged_in = $r->under( sub { |
419 |
my $c =shift; |
420 |
return $c->is_logged_in || $c->auth_fail($c->l("acs_LOGIN")); |
421 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/t/001_load.t smeserver-manager-0.1.4/root/usr/share/smanager/t/001_load.t |
422 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/t/001_load.t 2021-06-21 13:25:11.000000000 +0400 |
423 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/t/001_load.t 2022-01-24 20:32:49.551000000 +0400 |
424 |
@@ -2,7 +2,7 @@ |
425 |
|
426 |
plan skip_all => 'unset QUICK_TEST to enable this test' if $ENV{QUICK_TEST}; |
427 |
|
428 |
-plan tests => 6; |
429 |
+plan tests => 8; |
430 |
|
431 |
use FindBin; |
432 |
use lib "$FindBin::Bin/../lib"; |
433 |
@@ -15,3 +15,5 @@ |
434 |
use_ok('Mojolicious::Plugin::RenderFile'); |
435 |
use_ok('Mojolicious::Plugin::CSRFDefender'); |
436 |
use_ok('Net::Netmask'); |
437 |
+use_ok('DBM::Deep'); |
438 |
+use_ok('Mojo::JWT'); |
439 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/themes/default/templates/login.html.ep smeserver-manager-0.1.4/root/usr/share/smanager/themes/default/templates/login.html.ep |
440 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/themes/default/templates/login.html.ep 2022-07-17 20:31:12.000000000 +0400 |
441 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/themes/default/templates/login.html.ep 2022-01-24 20:32:49.552000000 +0400 |
442 |
@@ -4,7 +4,7 @@ |
443 |
|
444 |
<div id='module' class='module login-panel'> |
445 |
|
446 |
- %if ($config->{debug} == 1) { |
447 |
+ %if ( config 'debug' ) { |
448 |
<p> |
449 |
%= dumper $c->current_route |
450 |
%if ( stash 'trt' ) { |
451 |
@@ -19,7 +19,13 @@ |
452 |
</div> |
453 |
%} |
454 |
|
455 |
- % my $btn = l('use_SIGNIN'); |
456 |
+% my $btn = l('use_SIGNIN'); |
457 |
+% if ( $trt eq 'RESET' ) { |
458 |
+ <br><div class=sme-error><h2> |
459 |
+ %= $c->render_to_string(inline => l 'use_DESC_RESET') |
460 |
+ </h2></div> |
461 |
+ % $btn = l('use_RESET'); |
462 |
+%} |
463 |
|
464 |
<h1> |
465 |
%=l 'use_TITLE' |
466 |
@@ -33,6 +39,7 @@ |
467 |
%= text_field 'Username' |
468 |
</span></p> |
469 |
|
470 |
+% if ( $trt ne 'RESET' ) { |
471 |
<p><span class=label> |
472 |
%=l 'PASSWORD' |
473 |
</span><span class=input> |
474 |
@@ -41,17 +48,22 @@ |
475 |
<a href='#' id='togglePassword' class='toggle-password tg-icon'> <img src="images/visible.png" height="16" alt="Visible"></a> |
476 |
% } |
477 |
</span></p> |
478 |
+%} |
479 |
|
480 |
%= hidden_field 'From' => $c->tx->req->url |
481 |
- %= hidden_field 'Trt' => stash 'trt' |
482 |
+ %= hidden_field 'Trt' => $trt |
483 |
|
484 |
<br> |
485 |
<div class='center'> |
486 |
%= submit_button "$btn", class => 'action' |
487 |
</div> |
488 |
+ %if ( config 'pwdreset' ) { |
489 |
+ <div class='center'><a href='login2'> |
490 |
+ %=l 'use_FORGOT' |
491 |
+ </a></div> |
492 |
+ %} |
493 |
|
494 |
% end |
495 |
|
496 |
</div> |
497 |
%end |
498 |
- |
499 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/themes/default/templates/partials/_header.html.ep smeserver-manager-0.1.4/root/usr/share/smanager/themes/default/templates/partials/_header.html.ep |
500 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/themes/default/templates/partials/_header.html.ep 2022-07-17 20:31:12.000000000 +0400 |
501 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/themes/default/templates/partials/_header.html.ep 2022-07-18 18:16:57.639000000 +0400 |
502 |
@@ -3,8 +3,8 @@ |
503 |
<div id="h2e11"> |
504 |
<a target='_blank' href="http://www.koozali.org"><img src="images/smeserver_logo.jpg" height="40" alt="SME Server"></a> |
505 |
</div> |
506 |
- <div id="h2e12"><h5><a href="initial">Server Manager II</a> |
507 |
- <a href="/server-manager" target='main'>    (Previous)</a></h5> |
508 |
+ <div id="h2e12"><h5><a href="initial">Server Manager</a> |
509 |
+ <a href="/server-manager" target='_blank'>    (Prev SM)</a></h5> |
510 |
</div> |
511 |
</div> |
512 |
|
513 |
diff -urN smeserver-manager-0.1.4.old/root/usr/share/smanager/themes/default/templates/userpassword.html.ep smeserver-manager-0.1.4/root/usr/share/smanager/themes/default/templates/userpassword.html.ep |
514 |
--- smeserver-manager-0.1.4.old/root/usr/share/smanager/themes/default/templates/userpassword.html.ep 2022-07-17 20:31:12.000000000 +0400 |
515 |
+++ smeserver-manager-0.1.4/root/usr/share/smanager/themes/default/templates/userpassword.html.ep 2022-01-24 20:32:49.552000000 +0400 |
516 |
@@ -21,52 +21,50 @@ |
517 |
</div> |
518 |
%} |
519 |
|
520 |
- % my $btn = l('pwd_PASSWORD_CHANGE'); |
521 |
- |
522 |
<p> |
523 |
-% my $url = '/userpassword'; |
524 |
+ % my $btn = l('pwd_PASSWORD_CHANGE'); |
525 |
+ % my $url = '/userpassword'; |
526 |
%= $c->render_to_string( inline => l('pwd_DESCRIPTION')); |
527 |
+ % if ( $pwd_datas->{trt} eq 'RESET' ) { |
528 |
+ % $btn = l('pwd_PASSWORD_RESET'); |
529 |
+ % $url = '/userpasswordr'; |
530 |
+ %= $c->render_to_string( inline => l('pwd_DESCRIPTION_RESET')); |
531 |
+ % } |
532 |
</p> |
533 |
|
534 |
%= form_for $url => (method => 'POST') => begin |
535 |
- |
536 |
- <p> |
537 |
- <span class=label> |
538 |
+ <p><span class=label> |
539 |
%= l 'pwd_YOUR_ACCOUNT' |
540 |
</span><span class=data> |
541 |
%= $pwd_datas->{Account} |
542 |
</span> |
543 |
%= hidden_field 'User' => $pwd_datas->{Account} |
544 |
%= hidden_field 'Trt' => $pwd_datas->{trt} |
545 |
- <br><br> |
546 |
- </p> |
547 |
+ %= hidden_field 'jwt' => $pwd_datas->{jwt} |
548 |
+ <br><br></p> |
549 |
|
550 |
- <p> |
551 |
- <span class=label> |
552 |
+ % if ( $pwd_datas->{trt} ne 'RESET' ) { |
553 |
+ <p><span class=label> |
554 |
%= l 'pwd_PASSWORD_OLD' |
555 |
</span><span class=data> |
556 |
%= password_field 'Oldpass', class => 'input' |
557 |
</span> |
558 |
- <br><br> |
559 |
- </p> |
560 |
- |
561 |
- <p> |
562 |
- <span class=label> |
563 |
+ <br><br></p> |
564 |
+ % } |
565 |
+ |
566 |
+ <p><span class=label> |
567 |
%=l 'pwd_PASSWORD_NEW' |
568 |
</span><span class=data> |
569 |
%= password_field 'Pass', class => 'input' |
570 |
</span> |
571 |
- <br><br> |
572 |
- </p> |
573 |
- |
574 |
- <p> |
575 |
- <span class=label> |
576 |
+ <br><br></p> |
577 |
+ |
578 |
+ <p><span class=label> |
579 |
%=l 'pwd_PASSWORD_VERIFY_NEW' |
580 |
</span><span class=data> |
581 |
%= password_field 'Passverify', class => 'input' |
582 |
</span> |
583 |
- <br><br> |
584 |
- </p> |
585 |
+ <br><br></p> |
586 |
|
587 |
<div class='center'> |
588 |
%= submit_button "$btn", class => 'action' |