Difference between revisions of "PasswordReset"
Jump to navigation
Jump to search
(Update URL for page where this comes from, as it has moved) |
m (6 revisions imported) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= | = Offer Password Reset on Login Page = | ||
The code below was adapted from [http://www.uio.no/tjenester/it/applikasjoner/rt/utvikling-drift/modifications/index.html http://www.uio.no/tjenester/it/applikasjoner/rt/utvikling-drift/modifications/index.html#toc9] | The code below was adapted from [http://www.uio.no/tjenester/it/applikasjoner/rt/utvikling-drift/modifications/index.html http://www.uio.no/tjenester/it/applikasjoner/rt/utvikling-drift/modifications/index.html#toc9] | ||
| Line 8: | Line 8: | ||
<nowiki>%# taken from http://www2.usit.uio.no/it/rt/modifications/ | <nowiki>%# taken from http://www2.usit.uio.no/it/rt/modifications/ | ||
%# Add template named 'Password Change', with description | |||
%# | |||
%# Automatically generate password for external users who have forgotten their password | |||
%# | |||
<div style="margin: -20px auto 10px auto; text-align: center;"> | |||
<b>Forgot Your Password?</b> | |||
<div style="color: green; font-weight: bold;"><%$forgotSuccess%></div> | |||
<form method="get" style="display: <%$forgotFormDisplay%>;" | |||
<!-- if you are using RT4, you need this: --> | |||
action="NoAuth/Login.html" | |||
<!-- end for RT4 --> | |||
> | |||
<!-- if you are using RT4, you need this next line --> | |||
<input type="hidden" name="next" value="<%$next%>" /> | |||
<!-- END LINE FOR rt4 --> | |||
% if($forgotFail) { | |||
<div class="error" style="text-align: left;"> | |||
<div class="titlebox error"> | |||
<div class="titlebox-title"> | |||
<span class="left">Error</span><span class="right-empty"> </span> | |||
</div> | |||
<div class="titlebox-content"> | |||
<%$forgotFail%><hr class="clear" /> | |||
</div> | |||
</div> | </div> | ||
</div> | </div> | ||
% } | |||
<%$forgotPrompt%> <input type="text" name="email"> <input type="submit" value='Send New Password'> | |||
</form> | |||
</div> | |||
<%INIT> | |||
my $forgotPrompt = "Enter your email address: "; | |||
my $forgotFail = ''; | |||
my $forgotFormDisplay = 'block'; | |||
my $forgotSuccess = ''; | |||
my $mailfrom = 'Ticket System <YOU@YOURDOMAIN>'; | |||
if ($email) | |||
{ | { | ||
my ($ | $email =~ s/^\s+|\s+$//g; | ||
if($ | my $UserObj = RT::User->new($RT::SystemUser); | ||
$UserObj->LoadByEmail($email); | |||
if (defined($UserObj->Id)) | |||
{ | { | ||
$forgotFormDisplay = 'none'; | my ($val, $str) = ResetPassword($UserObj, $mailfrom); | ||
$ | if($val > 0) | ||
{ | |||
$forgotFormDisplay = 'none'; | |||
$forgotSuccess = $str; | |||
} | |||
else | |||
{ | |||
$forgotFail = $str; | |||
} | |||
} | } | ||
else | else | ||
{ | { | ||
$forgotFail = $ | $forgotFail = "Sorry, no account in the ticket system has the email address: $email"; | ||
$forgotPrompt = "Please enter the email used in one of your existing tickets:"; | |||
} | } | ||
} | } | ||
{ | sub ResetPassword { | ||
$ | my $self = shift; | ||
$ | my $mailfrom = shift; | ||
my $email = $self->EmailAddress; | |||
unless ( $self->CurrentUserCanModify('Password') ) { | |||
return ( 0, $self->loc("You don't have permission to change your password.") ); | |||
} | |||
unless ( ($self->Name =~ m/\@/) ) { | |||
return ( 0, $self->loc("Only external users can reset their passwords this way.") ); | |||
} | |||
my ( $status, $pass ) = $self->SetRandomPassword(); | |||
unless ($status) { | |||
return ( 0, "$pass" ); | |||
} | |||
my $template = RT::Template->new( $self->CurrentUser ); | |||
my $parsed; | |||
# This test do not work. I'm not sure how to detect if the template loading failed [pere 2006-08-16] | |||
if ($template->LoadGlobalTemplate('PasswordChange')) { | |||
$T::RealName = $self->RealName; | |||
$T::Username = $self->Name; | |||
$T::Password = $pass; | |||
$parsed = $template->_ParseContent(); | |||
} | |||
else | |||
{ | |||
# hardcoded default text body in case 'Password Change' template is missing. | |||
$parsed = <<EOF; | |||
Greetings, | |||
This message was automatically sent in response to a Reset Password request in | |||
the web based ticket system. | |||
You may now login using the following: | |||
Username: $self->Name | |||
Password: $pass | |||
Support Team | |||
EOF | |||
} | |||
my $entity = MIME::Entity->build( | |||
From => $mailfrom, | |||
To => $email, | |||
Subject => loc("CF Ticket Password Changed"), | |||
'X-RT-Loop-Prevention' => $RT::rtname, | |||
Type => "text/plain", | |||
Charset => "UTF-8", | |||
Data => [$parsed] | |||
); | |||
open (MAIL, "|$RT::SendmailPath $RT::SendmailArguments -t") || return(0, "Failed to open mailpipe"); | |||
print MAIL $entity->as_string; | |||
close(MAIL); | |||
return (1, "SUCCESS! A new password was sent to your email address."); | |||
} | } | ||
</%INIT> | |||
<%ARGS> | |||
$email => undef | |||
# if you are using RT4, you need this next line: | |||
$next => undef | |||
# end for RT4 | |||
</%ARGS> | |||
</nowiki> | |||
== For RT4.0.6 (maybe earlier?) == | |||
We had to do a few changes to make it work under RT4.0.6, we hope the following will make it easier for others. | |||
First, for non Debian distrbutions the file ''AfterForm'' should be created under ''[RT4 base dir]/local/html/Callbacks/Default/Elements/Login/'' | |||
Copy pasting the code from here will break things, so make sure you do the following after you pasted it into the file: | |||
Merge the following lines, as keeping it this way will break the HTML code, just remove the comments and put it all on one line (lines ~12-16): | |||
<form method="get" style="display: <%$forgotFormDisplay%>;" | |||
<!-- if you are using RT4, you need this: --> | |||
action="NoAuth/Login.html" | |||
<!-- end for RT4 --> | |||
> | |||
To: | |||
<form method="get" style="display: <%$forgotFormDisplay%>;" action="NoAuth/Login.html"> | |||
Next, ''SetRandomPassword ''function when invoked change the password, but won't include it in the email sent to the user. Change the function to ''ResetPassword ''(line ~83): | |||
my ( $status, $pass ) = $self->SetRandomPassword(); | |||
To: | |||
my ( $status, $pass ) = $self->ResetPassword(); | |||
Last thing, make sure the closing "''EOF''" (line ~120) is at the '''start''' of a line by itself, else it will die with an error. | |||
Latest revision as of 16:20, 6 April 2016
Offer Password Reset on Login Page
The code below was adapted from http://www.uio.no/tjenester/it/applikasjoner/rt/utvikling-drift/modifications/index.html#toc9
I installed from Debian apt-get packages and the "local" directory is found at: /usr/local/share/request-tracker3.8 while the real source directory is at: /usr/share/request-tracker3.8
So, to hook into the Callback offered in the Login form called "AfterForm", I had to create the directory: /usr/local/share/request-tracker3.8/html/Callbacks/Default/Elements/Login and in there put a file called "AfterForm" The content of that file is:
%# taken from http://www2.usit.uio.no/it/rt/modifications/
%# Add template named 'Password Change', with description
%#
%# Automatically generate password for external users who have forgotten their password
%#
<div style="margin: -20px auto 10px auto; text-align: center;">
<b>Forgot Your Password?</b>
<div style="color: green; font-weight: bold;"><%$forgotSuccess%></div>
<form method="get" style="display: <%$forgotFormDisplay%>;"
<!-- if you are using RT4, you need this: -->
action="NoAuth/Login.html"
<!-- end for RT4 -->
>
<!-- if you are using RT4, you need this next line -->
<input type="hidden" name="next" value="<%$next%>" />
<!-- END LINE FOR rt4 -->
% if($forgotFail) {
<div class="error" style="text-align: left;">
<div class="titlebox error">
<div class="titlebox-title">
<span class="left">Error</span><span class="right-empty"> </span>
</div>
<div class="titlebox-content">
<%$forgotFail%><hr class="clear" />
</div>
</div>
</div>
% }
<%$forgotPrompt%> <input type="text" name="email"> <input type="submit" value='Send New Password'>
</form>
</div>
<%INIT>
my $forgotPrompt = "Enter your email address: ";
my $forgotFail = '';
my $forgotFormDisplay = 'block';
my $forgotSuccess = '';
my $mailfrom = 'Ticket System <YOU@YOURDOMAIN>';
if ($email)
{
$email =~ s/^\s+|\s+$//g;
my $UserObj = RT::User->new($RT::SystemUser);
$UserObj->LoadByEmail($email);
if (defined($UserObj->Id))
{
my ($val, $str) = ResetPassword($UserObj, $mailfrom);
if($val > 0)
{
$forgotFormDisplay = 'none';
$forgotSuccess = $str;
}
else
{
$forgotFail = $str;
}
}
else
{
$forgotFail = "Sorry, no account in the ticket system has the email address: $email";
$forgotPrompt = "Please enter the email used in one of your existing tickets:";
}
}
sub ResetPassword {
my $self = shift;
my $mailfrom = shift;
my $email = $self->EmailAddress;
unless ( $self->CurrentUserCanModify('Password') ) {
return ( 0, $self->loc("You don't have permission to change your password.") );
}
unless ( ($self->Name =~ m/\@/) ) {
return ( 0, $self->loc("Only external users can reset their passwords this way.") );
}
my ( $status, $pass ) = $self->SetRandomPassword();
unless ($status) {
return ( 0, "$pass" );
}
my $template = RT::Template->new( $self->CurrentUser );
my $parsed;
# This test do not work. I'm not sure how to detect if the template loading failed [pere 2006-08-16]
if ($template->LoadGlobalTemplate('PasswordChange')) {
$T::RealName = $self->RealName;
$T::Username = $self->Name;
$T::Password = $pass;
$parsed = $template->_ParseContent();
}
else
{
# hardcoded default text body in case 'Password Change' template is missing.
$parsed = <<EOF;
Greetings,
This message was automatically sent in response to a Reset Password request in
the web based ticket system.
You may now login using the following:
Username: $self->Name
Password: $pass
Support Team
EOF
}
my $entity = MIME::Entity->build(
From => $mailfrom,
To => $email,
Subject => loc("CF Ticket Password Changed"),
'X-RT-Loop-Prevention' => $RT::rtname,
Type => "text/plain",
Charset => "UTF-8",
Data => [$parsed]
);
open (MAIL, "|$RT::SendmailPath $RT::SendmailArguments -t") || return(0, "Failed to open mailpipe");
print MAIL $entity->as_string;
close(MAIL);
return (1, "SUCCESS! A new password was sent to your email address.");
}
</%INIT>
<%ARGS>
$email => undef
# if you are using RT4, you need this next line:
$next => undef
# end for RT4
</%ARGS>
For RT4.0.6 (maybe earlier?)
We had to do a few changes to make it work under RT4.0.6, we hope the following will make it easier for others.
First, for non Debian distrbutions the file AfterForm should be created under [RT4 base dir]/local/html/Callbacks/Default/Elements/Login/
Copy pasting the code from here will break things, so make sure you do the following after you pasted it into the file:
Merge the following lines, as keeping it this way will break the HTML code, just remove the comments and put it all on one line (lines ~12-16):
To:
Next, SetRandomPassword function when invoked change the password, but won't include it in the email sent to the user. Change the function to ResetPassword (line ~83):
my ( $status, $pass ) = $self->SetRandomPassword();
To:
my ( $status, $pass ) = $self->ResetPassword();
Last thing, make sure the closing "EOF" (line ~120) is at the start of a line by itself, else it will die with an error.