improve readability of password reset messages

This commit is contained in:
Filip Gralinski 2017-09-23 08:45:04 +02:00
parent 0a534c093d
commit de84c23900
4 changed files with 24 additions and 7 deletions

View File

@ -10,6 +10,8 @@ import Data.Time.Clock (addUTCTime)
import Handler.Common (passwordConfirmField, updatePassword, isPasswordAcceptable, tooWeakPasswordMessage) import Handler.Common (passwordConfirmField, updatePassword, isPasswordAcceptable, tooWeakPasswordMessage)
data AccountStatus = NewlyCreated | PasswordReset
getCreateResetLinkR :: Handler Html getCreateResetLinkR :: Handler Html
getCreateResetLinkR = do getCreateResetLinkR = do
(formWidget, formEnctype) <- generateFormPost createResetLinkForm (formWidget, formEnctype) <- generateFormPost createResetLinkForm
@ -66,8 +68,17 @@ newVerifyKey = Nonce.nonce128urlT nonceGen
getResetPasswordR :: Text -> Handler Html getResetPasswordR :: Text -> Handler Html
getResetPasswordR key = do getResetPasswordR key = do
(formWidget, formEnctype) <- generateFormPost changePasswordForm
mUserId <- checkVerificationKey key mUserId <- checkVerificationKey key
accountStatus <- case mUserId of
(Just userId) -> do
user <- runDB$ get404 userId
return $ if isJust (userPassword user)
then
PasswordReset
else
NewlyCreated
_ -> return PasswordReset
(formWidget, formEnctype) <- generateFormPost $ changePasswordForm accountStatus
master <- getYesod master <- getYesod
defaultLayout $ do defaultLayout $ do
setTitle "Reset password" setTitle "Reset password"
@ -75,7 +86,7 @@ getResetPasswordR key = do
postResetPasswordR :: Text -> Handler Html postResetPasswordR :: Text -> Handler Html
postResetPasswordR key = do postResetPasswordR key = do
((result, _), _) <- runFormPost changePasswordForm ((result, _), _) <- runFormPost $ changePasswordForm PasswordReset
mUserId <- checkVerificationKey key mUserId <- checkVerificationKey key
let mPassword = case result of let mPassword = case result of
FormSuccess password -> Just password FormSuccess password -> Just password
@ -120,6 +131,9 @@ checkVerificationKey key = do
[Entity k _] -> Just k [Entity k _] -> Just k
_ -> Nothing _ -> Nothing
changePasswordForm :: Form Text changePasswordForm :: AccountStatus -> Form Text
changePasswordForm = renderBootstrap3 BootstrapBasicForm changePasswordForm accountStatus = renderBootstrap3 BootstrapBasicForm
$ areq passwordConfirmField (bfs MsgPassword) Nothing $ areq passwordConfirmField (bfs $ passwordFormHeader accountStatus) Nothing
passwordFormHeader NewlyCreated = MsgPasswordForNewAccount
passwordFormHeader PasswordReset = MsgPassword

View File

@ -32,7 +32,7 @@ passwordConfirmField = Field
, fieldView = \idAttr nameAttr otherAttrs _ _ -> , fieldView = \idAttr nameAttr otherAttrs _ _ ->
[whamlet| [whamlet|
<input id=#{idAttr} name=#{nameAttr} *{otherAttrs} type=password> <input id=#{idAttr} name=#{nameAttr} *{otherAttrs} type=password>
<div>confirm new password: <div>re-enter the password
<input id=#{idAttr}-confirm name=#{nameAttr} *{otherAttrs} type=password> <input id=#{idAttr}-confirm name=#{nameAttr} *{otherAttrs} type=password>
|] |]
, fieldEnctype = UrlEncoded , fieldEnctype = UrlEncoded

View File

@ -26,7 +26,7 @@ CommentText: Write a comment
Send: Send Send: Send
Avatar: avatar Avatar: avatar
About: about About: about
Password: new password Password: enter a new password for your account
EMail: e-mail EMail: e-mail
CreateResetLink: create reset link CreateResetLink: create reset link
LinkWrongOrExpired: Link wrong or expired, please ask the site admin again LinkWrongOrExpired: Link wrong or expired, please ask the site admin again
@ -43,3 +43,4 @@ Achievements: achievements
AchievementPoints: points AchievementPoints: points
WantToBeAnonimised: I want to stay anonymous for other user of Gonito.net WantToBeAnonimised: I want to stay anonymous for other user of Gonito.net
YourScore: your score YourScore: your score
PasswordForNewAccount: enter a password for your new account

View File

@ -1 +1,3 @@
<p>Reset link created: <a href=@{ResetPasswordR key}>@{ResetPasswordR key}</a> <p>Reset link created: <a href=@{ResetPasswordR key}>@{ResetPasswordR key}</a>
<p>Now you can send the link to the user.