From b16adc7c6f88c59492fa37d57dceaf49b1d17b4a Mon Sep 17 00:00:00 2001
From: Bill Erickson <berick@esilibrary.com>
Date: Mon, 19 Sep 2011 18:18:41 -0400
Subject: [PATCH] TPac: integrated patron password reset

Port the existing password reset functionality into TPac.  This allows
us to leverage the TPac innards for localization.  It also means there's
one less moving part.  (and, incidentally, no more dojo for the form).

Signed-off-by: Bill Erickson <berick@esilibrary.com>
Signed-off-by: Dan Scott <dscott@laurentian.ca>
---
 .../src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm    |  2 +
 .../lib/OpenILS/WWW/EGCatLoader/Account.pm         | 68 +++++++++++++++++++++
 Open-ILS/src/sql/Pg/950.data.seed-values.sql       |  2 +-
 .../XXXX.data.patron-password-reset-msg.sql        | 38 ++++++++++++
 Open-ILS/src/templates/opac/parts/login/form.tt2   |  4 +-
 Open-ILS/src/templates/opac/password_reset.tt2     | 71 ++++++++++++++++++++++
 6 files changed, 182 insertions(+), 3 deletions(-)
 create mode 100644 Open-ILS/src/sql/Pg/upgrade/XXXX.data.patron-password-reset-msg.sql
 create mode 100644 Open-ILS/src/templates/opac/password_reset.tt2

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
index 60d7e8f052..413747276d 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
@@ -130,6 +130,8 @@ sub load {
         return $self->load_logout;
     }
 
+    return $self->load_password_reset if $path =~ m|opac/password_reset|;
+
     # ----------------------------------------------------------------
     #  Everything below here requires SSL + authentication
     # ----------------------------------------------------------------
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm
index 4b0477e8d0..63caca7f40 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm
@@ -1548,4 +1548,72 @@ sub load_myopac_bookbag_print {
     return Apache2::Const::OK;
 }
 
+sub load_password_reset {
+    my $self = shift;
+    my $cgi = $self->cgi;
+    my $ctx = $self->ctx;
+    my $barcode = $cgi->param('barcode');
+    my $username = $cgi->param('username');
+    my $email = $cgi->param('email');
+    my $pwd1 = $cgi->param('pwd1');
+    my $pwd2 = $cgi->param('pwd2');
+    my $uuid = $ctx->{page_args}->[0];
+
+    if ($uuid) {
+
+        $logger->info("patron password reset with uuid $uuid");
+
+        if ($pwd1 and $pwd2) {
+
+            if ($pwd1 eq $pwd2) {
+
+                my $response = $U->simplereq(
+                    'open-ils.actor', 
+                    'open-ils.actor.patron.password_reset.commit',
+                    $uuid, $pwd1);
+
+                $logger->info("patron password reset response " . Dumper($response));
+
+                if ($U->event_code($response)) { # non-success event
+                    
+                    my $code = $response->{textcode};
+                    
+                    if ($code eq 'PATRON_NOT_AN_ACTIVE_PASSWORD_RESET_REQUEST') {
+                        $ctx->{pwreset} = {style => 'error', status => 'NOT_ACTIVE'};
+                    }
+
+                    if ($code eq 'PATRON_PASSWORD_WAS_NOT_STRONG') {
+                        $ctx->{pwreset} = {style => 'error', status => 'NOT_STRONG'};
+                    }
+
+                } else { # success
+
+                    $ctx->{pwreset} = {style => 'success', status => 'SUCCESS'};
+                }
+
+            } else { # passwords not equal
+
+                $ctx->{pwreset} = {style => 'error', status => 'NO_MATCH'};
+            }
+
+        } else { # 2 password values needed
+
+            $ctx->{pwreset} = {style => 'error', status => 'TWO_PASSWORDS'};
+        }
+
+    } elsif ($barcode or $username) {
+
+        my @params = $barcode ? ('barcode', $barcode) : ('username', $username);
+
+        $U->simplereq(
+            'open-ils.actor', 
+            'open-ils.actor.patron.password_reset.request', @params);
+
+        $ctx->{pwreset} = {style => 'plain', status => 'REQUEST_SUCCESS'};
+    }
+
+    $logger->info("patron password reset resulted in " . Dumper($ctx->{pwreset}));
+    return Apache2::Const::OK;
+}
+
 1;
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index db3afc2ae0..a5641e9464 100644
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -6677,7 +6677,7 @@ continue to work.
 If you did request a reset of your library system password, please perform
 the following steps to continue the process of resetting your password:
 
-1. Open the following link in a web browser: https://[% params.hostname %]/opac/password/[% params.locale || 'en-US' %]/[% target.uuid %]
+1. Open the following link in a web browser: https://[% params.hostname %]/eg/opac/password_reset/[% target.uuid %]
 The browser displays a password reset form.
 
 2. Enter your new password in the password reset form in the browser. You must
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.patron-password-reset-msg.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.patron-password-reset-msg.sql
new file mode 100644
index 0000000000..7eb3bfc266
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.patron-password-reset-msg.sql
@@ -0,0 +1,38 @@
+-- Evergreen DB patch XXXX.data.patron-password-reset-msg.sql
+--
+-- FIXME: insert description of change, if needed
+--
+BEGIN;
+
+
+-- check whether patch can be applied
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+UPDATE action_trigger.event_definition SET template = 
+$$
+[%- USE date -%]
+[%- user = target.usr -%]
+To: [%- params.recipient_email || user.email %]
+From: [%- params.sender_email || user.home_ou.email || default_sender %]
+Subject: [% user.home_ou.name %]: library account password reset request
+  
+You have received this message because you, or somebody else, requested a reset
+of your library system password. If you did not request a reset of your library
+system password, just ignore this message and your current password will
+continue to work.
+
+If you did request a reset of your library system password, please perform
+the following steps to continue the process of resetting your password:
+
+1. Open the following link in a web browser: https://[% params.hostname %]/eg/opac/password_reset/[% target.uuid %]
+The browser displays a password reset form.
+
+2. Enter your new password in the password reset form in the browser. You must
+enter the password twice to ensure that you do not make a mistake. If the
+passwords match, you will then be able to log in to your library system account
+with the new password.
+
+$$
+WHERE id = 20; -- Password reset request notification
+
+COMMIT;
diff --git a/Open-ILS/src/templates/opac/parts/login/form.tt2 b/Open-ILS/src/templates/opac/parts/login/form.tt2
index 7e200ab87b..48f2f67982 100644
--- a/Open-ILS/src/templates/opac/parts/login/form.tt2
+++ b/Open-ILS/src/templates/opac/parts/login/form.tt2
@@ -128,8 +128,8 @@
                                 </div>
                                 <div style="padding-top:14px;">
                                     <input type="submit" value="[% l('Log in') %]" alt="[% l('Log in') %]" class="opac-button" />
-                                    [% IF reset_password; loc = ctx.locale.replace('_', '-'); %]
-                                    <a href='/opac/password/[% loc %]/'>[% l('Forgot your password?') %]</a>
+                                    [% IF reset_password %]
+                                    <a href='[% mkurl(ctx.opac_root _ '/password_reset', {}, 1) %]'>[% l('Forgot your password?') %]</a>
                                     [% END %]
                                 </div>
                             </td>
diff --git a/Open-ILS/src/templates/opac/password_reset.tt2 b/Open-ILS/src/templates/opac/password_reset.tt2
new file mode 100644
index 0000000000..bc35a647ca
--- /dev/null
+++ b/Open-ILS/src/templates/opac/password_reset.tt2
@@ -0,0 +1,71 @@
+[%  PROCESS "opac/parts/header.tt2";
+    PROCESS "opac/parts/config.tt2";
+    WRAPPER "opac/parts/base.tt2";
+    INCLUDE "opac/parts/topnav.tt2";
+    ctx.page_title = l('Library system password reset request form');
+%]
+<div id="search-wrapper">
+    [% INCLUDE "opac/parts/printnav.tt2" %]
+    [% INCLUDE "opac/parts/searchbar.tt2" %]
+</div>
+
+[%  
+    uuid = ctx.page_args.0;
+    msg_map = {
+        SUCCESS => l('Password has been reset'),
+        NO_MATCH => l('Passwords did not match. Please try again'),
+        NOT_ACTIVE => l('This was not an active password reset request. Your password has not been reset.'),
+        NOT_STRONG => l('The password you chose was not considered complex enough to protect your account. Your password has not been reset.'),
+        TWO_PASSWORDS => l('Please enter your password twice'),
+        REQUEST_SUCCESS => l('Your user name or barcode has been submitted for a password reset. ' _ 
+            'If a matching account with an email address is found, you will soon receive an email at that address with further instructions for resetting your password.')
+    }
+%]
+<div id="content-wrapper">
+    <div id="main-content">
+        <br/>
+        <p class='[% ctx.pwreset.style %]'>[% stat = ctx.pwreset.status; msg_map.$stat %]</p>
+        [% IF uuid %]
+            [% IF stat == 'SUCCESS' %]
+                <p><a href='[% mkurl(ctx.opac_root _ '/login', {}, 1) %]'>[% l('Log in to My Account') %]</a>
+            [% ELSE %]
+            <form method="post">
+                <input type='hidden' name='uuid' value='[% uuid | html %]'/>
+                <table>
+                    <tr>
+                        <td><label for="pwd1">[% l('New password:') %]</label></td>
+                        <td><input type="password" name="pwd1"/></td>
+                    </tr>
+                    <tr>
+                        <td><label for="pwd2">[% l('Re-enter new password:') %]</label></td>
+                        <td><input type="password" name="pwd2"/></td>
+                    </tr>
+                    <tr>
+                        <td>
+                            <button name="submit" id="submitButton" type="submit">[% l('Submit') %]</button>
+                        </td>
+                    </tr>
+                </table>
+            </form>
+            [% END %]
+        [% ELSIF !ctx.pwreset.status %]
+        <h2>[% l('Please enter your user name or barcode to identify your library account and request a password reset') %]</h2>
+        <form method="post">
+            <table>
+                <tr>
+                    <td><label for="barcode">[% l('Barcode:') %] </label></td>
+                    <td><input type="text" id="barcode" name="barcode"/></td>
+                </tr>
+                <tr>
+                    <td><label for="username">[% l('User name:') %] </label></td>
+                    <td><input type="text" id="username" name="username"/></td>
+                </tr>
+            </table>
+            <!--<label for="email">[% l('Email address associated with the account:') %] </label><input type="text" name="email"/></br>-->
+            <button name="submit" id="submitButton" type="submit">[% l('Submit') %]</button>
+        </form>
+        [% END %]
+    </div>
+</div>
+[% END %]
+
-- 
2.11.0