diff src/change_email.html.luan @ 57:169ac5fdb320

add change email
author Franklin Schmidt <fschmidt@gmail.com>
date Mon, 28 Nov 2022 23:47:19 -0700
parents src/register.html.luan@c57b84f461ae
children 31c895b73bd0
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/change_email.html.luan	Mon Nov 28 23:47:19 2022 -0700
@@ -0,0 +1,96 @@
+local Luan = require "luan:Luan.luan"
+local error = Luan.error
+local Io = require "luan:Io.luan"
+local Http = require "luan:http/Http.luan"
+local Shared = require "site:/lib/Shared.luan"
+local head = Shared.head or error()
+local header = Shared.header or error()
+local footer = Shared.footer or error()
+local base_url = Shared.base_url or error()
+local call_mail_api = Shared.call_mail_api or error()
+local Forum = require "site:/lib/Forum.luan"
+local forum_title = Forum.title or error()
+local User = require "site:/lib/User.luan"
+local Db = require "site:/lib/Db.luan"
+local run_in_transaction = Db.run_in_transaction or error()
+
+
+local function page(contents)
+	Io.stdout = Http.response.text_writer()
+%>
+<!doctype html>
+<html>
+	<head>
+<%		head() %>
+		<title><%=forum_title%> - Change Email</title>
+	</head>
+	<body>
+<%		header() %>
+		<div content>
+			<h1>Change Email</h1>
+<%
+			contents()
+%>
+		</div>
+<%		footer() %>
+	</body>
+</html>
+<%
+end
+
+return function()
+	local user = User.current_required()
+	if user==nil then return end
+	local email = Http.request.parameters.email
+	local password = Http.request.parameters.password
+	if email == nil then
+		page(function()
+%>
+			<form>
+				<p>Your current email is <b><%=user.email%></b>.</p>
+				<p>
+					<label>Change email to</label>
+					<input type="email" name="email" autofocus required>
+				</p>
+				<p><input type="submit"></p>
+			</form>
+<%
+		end)
+	elseif password == nil then
+		run_in_transaction( function()
+			user = user.reload()
+			user.hidden_password = User.new_password()
+			user.save()
+		end )
+		local result = call_mail_api( "change_email", {
+			base_url = base_url()
+			from = forum_title.." <support@freedit.org>"
+			email = email
+			password = user.hidden_password
+		} )
+		result.okay or error(result.error)
+		page(function()
+%>
+			<p>We have sent an email to your new email address.  Click on the link in that email to complete the change.</p>
+<%
+		end)
+	elseif password ~= user.hidden_password then
+		page(function()
+%>
+			<p>This link is no longer valid.  Please <a href="/change_email.html">try again</a>.</p>
+<%
+		end)
+	else
+		run_in_transaction( function()
+			user = user.reload()
+			user.email = email
+			user.hidden_password = nil
+			user.save()
+		end )
+		page(function()
+%>
+			<p>Your email has been change to <b><%=user.email%></b>.</p>
+<%
+		end)
+	end
+end