Updated Account Info based on review.

Updated Account info with change password form.
2015-07-13 10:25:18 -03:00
parent 2fe2a7f864
commit 0164c6ec6d
7 changed files with 99 additions and 1 deletions
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -85,7 +85,8 @@ feature -- Router
 			a_router.handle ("/account/reactivate", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reactivation (a_api, ?, ?)), a_router.methods_get_post)
 			a_router.handle ("/account/new-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_new_password (a_api, ?, ?)), a_router.methods_get_post)
 			a_router.handle ("/account/reset-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reset_password (a_api, ?, ?)), a_router.methods_get_post)
-
+			a_router.handle ("/account/change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_change_password (a_api, ?, ?)), a_router.methods_get_post)
+			a_router.handle ("/account/post-change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_post_change_password (a_api, ?, ?)), a_router.methods_get)
 		end

 feature -- Hooks configuration
@@ -388,6 +389,51 @@ feature -- Handler
 			r.execute
 		end

+	handle_change_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
+		local
+			r: CMS_RESPONSE
+			l_user_api: CMS_USER_API
+		do
+			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+			l_user_api := api.user_api
+
+			if req.is_post_request_method then
+				if attached current_user (req) as l_user  then
+					r.set_value (api.user_api.user_roles (l_user), "roles")
+					if
+						attached {WSF_STRING} req.form_parameter ("password") as l_password and then
+						attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password and then
+						l_password.value.same_string (l_confirm_password.value)
+					then
+							-- Does the passwords match?	
+						l_user.set_password (l_password.value)
+						l_user_api.update_user (l_user)
+						r.set_redirection (req.absolute_script_url ("/account/post-change-password"))
+					else
+						if attached template_block ("account_info", r) as l_tpl_block then
+							r.set_value (l_user, "user")
+							r.values.force ("Passwords Don't Match", "error_password")
+							r.set_status_code ({HTTP_CONSTANTS}.bad_request)
+							r.add_block (l_tpl_block, "content")
+						end
+					end
+				end
+			end
+			r.execute
+		end
+
+	handle_post_change_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
+		local
+			r: CMS_RESPONSE
+			l_user_api: CMS_USER_API
+		do
+			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+			if attached template_block ("post_change", r) as l_tpl_block then
+				r.add_block (l_tpl_block, "content")
+			end
+			r.execute
+		end
+
 	block_list: ITERABLE [like {CMS_BLOCK}.name]
 		local
 			l_string: STRING