gradido/login_server/src/cpsp/UserUpdatePassword.cpsp

<%@ page class="UserUpdatePasswordPage" %>
<%@ page baseClass="SessionHTTPRequestHandler" %>
<%@ page ctorArg="Session*" %>
<%@ header include="HTTPInterface/SessionHTTPRequestHandler.h" %>
<%!
#include "SingletonManager/SessionManager.h"
#include "tasks/AuthenticatedEncryptionCreateKeyTask.h"
#include "Poco/Net/HTTPCookie.h"

enum PageState {
	PAGE_STATE_ASK_PASSWORD,
	PAGE_STATE_SUCCEED
};

%>
<%%
	const char* pageName = "Passwort bestimmen";
	auto user = mSession->getNewUser();
	auto sm = SessionManager::getInstance();
	auto uri_start = getBaseUrl();
	PageState state = PAGE_STATE_ASK_PASSWORD;

	// remove old cookies if exist
	sm->deleteLoginCookies(request, response, mSession);
	// save login cookie, because maybe we've get an new session
	response.addCookie(mSession->getLoginCookie());

	if(!form.empty()) {
		auto pwd = form.get("register-password", "");
		if(pwd != "") {
			if(!mSession->getLanguageCatalog()) {
				mSession->setLanguage(LANG_EN);
			}
			if(pwd != form.get("register-password2", "")) {
				mSession->addError(new Error("Passwort", "Passw&ouml;rter sind nicht identisch."), false);
			} else if(SessionManager::getInstance()->checkPwdValidation(pwd, mSession, mSession->getLanguageCatalog())) {
			    auto sessionState = mSession->getSessionState();

				if(user->setNewPassword(pwd) >= 0) {
					//std::string referUri = request.get("Referer", uri_start + "/");
					//printf("[updateUserPasswordPage] redirect to referUri: %s\n", referUri.data());

					// I think we can savly assume that this session was loaded from verification code
					//! \return 1 = konto already activated
					//!        -1 = invalid code
					//!        -2 = critical error
					//!         0 = ok
					auto code = mSession->getEmailVerificationCode();
					int retUpdateEmailCode = 0;
					if(code) {
						retUpdateEmailCode = mSession->updateEmailVerification(mSession->getEmailVerificationCode());
					}
					//mSession->getErrors(user);
					if(-2 == retUpdateEmailCode || -1 == retUpdateEmailCode || 1 == retUpdateEmailCode) {
						response.redirect(uri_start + "/error500");
						return;
					}
					if(sessionState == SESSION_STATE_RESET_PASSWORD_REQUEST) {
						state = PAGE_STATE_SUCCEED;
						mSession->updateState(SESSION_STATE_RESET_PASSWORD_SUCCEED);
						sm->deleteLoginCookies(request, response, mSession);
						sm->releaseSession(mSession);
						mSession = nullptr;
					} else {
						response.redirect(uri_start + "/passphrase");
						return;
					}
				}
			}
		}
	}
	if(mSession) {
		getErrors(mSession);
	}
	//getErrors(user);
	//printf("session state end [UpdateUserPassword Page]: %s\n", mSession->getSessionStateString());
%><%@ include file="include/header.cpsp" %>
<%= getErrorsHtml() %>
<div class="center-form-container">
	<% if(PAGE_STATE_ASK_PASSWORD == state ) { %>
    <div class="center-form-title">
        <h1>Passwort bestimmen</h1>
    </div>
    <div class="center-form-form">
		<form method="POST">
			<p>
				Bitte denke dir ein sicheres Passwort aus, das mindestens 8 Zeichen lang ist, einen Klein- und einen Gro&szlig;buchstaben enth&auml;lt,
				eine Zahl und ein Sonderzeichen.
			</p>
			<label class="form-label" for="register-password">Passwort</label>
			<input class="form-control" id="register-password" type="password" name="register-password"/>
			<label class="form-label" for="register-password2">Passwort Best&auml;tigung</label>
			<input class="form-control" id="register-password2" type="password" name="register-password2"/>
			<input class="grd-form-bn grd-form-bn-succeed grd_clickable" type="submit" name="submit" value="&Auml;nderung(en) speichern">
		</form>
	<% } else if(PAGE_STATE_SUCCEED == state) { %>
		<p>Deine Daten werden jetzt mit dem neuen Passwort verschl&uuml;sselt. Du kannst dich in etwa 1 Minute mit deinem neuen Passwort einloggen</p>
		<a class="link-button" href="<%= uri_start %>/login">Zum Login</a>
	<% } %>
	</div>
</div>
<%@ include file="include/footer.cpsp" %>