redirect "/";# not supposed to be here2015-09-17 4:44 GMT-05:00 Andrew Solomon <andrew@geekuni.com>:Hi Richard,[Without knowing the full state diagram of the site you're setting up I'm not sure I'm really answering your question, however...]What I can say is that when you send someone an email with a link to click, the corresponding GET route handler should *not* be assuming there's a session for that user since the web server's session cache may have been cleared before they respond to the email.If you want the token attached to the user so that when they click on the link you know who's visiting, you should store the token in your database against the user's account.Does that answer your question?AndrewHi Andrew,
So I end up with something like this?
get '/reset/:token' => sub {
return template 'passreset' => {
my $input_hash {
token => params->{token}
}
} # end of return
# compare against stored tokens
my ($matched_user_id) = User->lookup_tokens($input_hash->{token});
if ($user_id < 1) { # does not match
halt("Unauthorized");
}
# token matches that of user no 349.
session mathced_user_id => $matched_user_id;
};
post '/reset/:token' => sub {
my $matched_userid;
if (! (defined session 'matched_user_id')) {} else {
$matched_userid = session 'matched_user_id';
}
my $input_hash = {
Psw1 => param('password1'),
Psw2 => param('password2'),
};
# make sure passwords match eachother
# update password for user $matched_userid;
};
_______________________________________________
dancer-users mailing list
dancer-users@dancer.pm
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users