use warnings;
use strict;
=head1 NAME
Jifty::Plugin::Authentication::PasswordAction::GeneratePasswordToken - generate password token
=cut
package Jifty::Plugin::Authentication::Password::Action::GeneratePasswordToken;
use base qw/Jifty::Action/;
=head2 arguments
We need the email of the user we're fetching a token for, so we can
return the salt.
=cut
sub arguments {
return( { email => { mandatory => 1 } });
}
=head2 take_action
Generate a token and throw it back to the browser. Also, return the
user's password salt in $self->result->content.
=cut
sub take_action {
my $self = shift;
my $email = $self->argument_value('email');
my $class = Jifty->app_class('Model','User');
my $user = $class->new(current_user => Jifty->app_class('CurrentUser')->superuser);
$user->load_by_cols(email => $email);
unless($user->id) {
$self->result->error('No such user');
}
my $password = $user->_value('password');
my $token = time();
$self->result->content(token => $token);
$self->result->content(salt => ($password ? $password->[1] : ""));
Jifty->web->session->set(login_token => $token);
}
1;