Your code contains a bug. You have declared $smscode in the global
scope, so every new request will change it for whole application (and
all other requests). It will not work in morbo too, try to do what you
want in different browsers at the same time.
It worked for you with morbo by accident but not with hypnotoad because
hypnotoad is preforking server, so while one request can be handled with
one instance of your application, while another can be executed with
another process (and another $smscode global variable, undefined by default)
Try to store your secret data in Mojo's sessions
http://mojolicio.us/perldoc/Mojolicious/Sessions and avoid any global
variables
hi,
Using
$ mojo version
CORE
Perl (v5.20.1, linux)
Mojolicious (5.62, Tiger Face)
OPTIONAL
EV 4.0+ (4.18)
IO::Socket::Socks 0.64+ (not installed)
IO::Socket::SSL 1.84+ (2.005)
Net::DNS::Native (not installed)
when using the morbo development server, my code works fine. When
using the the hypotoad, the comparison in
@@smscode.html.ep
% layout 'default';
<h1> <%= "$smscode $random" %> </h1>
% if ( $smscode eq $random ) {
is false, so i get to see I type the correct sms code but the random
code hypnotoad knows of is an older one. That has probably to do with
my total newbieness of web development, sessions etc, but I have been
banging my head for a couple of hours already so it is time to ask for
help.
This webapp is meant to be a self service password reset page for our
Active Directory users. I got the inspiration from
https://github.com/sciurus/gente but it does not fit our needs so I
decided to take a shot at it and rewrite it. We want to use a 2 factor
authentication system by sending an sms message to our users (we use
an e-mail to sms gateway). I plan on releasing it as free software as
soon as it is ready .
#!/usr/bin/env perl
use warnings;
use strict;
use Net::SMTP;
use Mojolicious::Lite;
use Mojo::Log;
app->log( Mojo::Log->new(
level => 'debug',
path => 'log/test.log',
)
);
# use this var for loggin stuff inside the web app
#my $log = app->log;
# global variables
my $mobile = "+telephonenr\@domain\.tld";
my $random;
my $smscode;
# Start http routes
get '/' => sub {
my $c = shift;
$c->render('username');
};
post '/' => sub {
my $c = shift;
$random = undef;
$random = _generate_random_string(6);
_sendemail($random, $mobile);
$c->stash( mobile => $mobile );
$c->render('smsform');
};
post '/smscode' => sub {
my $c = shift;
$c->stash( smscode => $c->param('smscode') );
$c->stash( random => $random );
$smscode = $c->param('smscode');
$c->render('smscode');
};
app->start;
#=== FUNCTION
================================================================
# NAME: _sendmail
# PURPOSE: send email to the sms gateway
# PARAMETERS: $smscode
# RETURNS: nothing
# DESCRIPTION:
# THROWS: no exceptions
# COMMENTS: logs the whole smtp conversation to the app debug log
# SEE ALSO: n/a
#===============================================================================
sub _sendemail {
my ( $random, $mobile ) = @_;
my $smtp = Net::SMTP->new(
Host => "mail.domain.tld",
Hello => "helo",
Timeout => 30,
Debug => 0,
);
app->log->debug( $smtp->message() );
$smtp->mail("smsreset\@domain.tld");
app->log->debug( $smtp->message() );
$smtp->to("$mobile\@domain\.tld");
app->log->debug( $smtp->message() );
$smtp->data();
app->log->debug( $smtp->message() );
$smtp->datasend( $random );
app->log->debug( $smtp->message() );
$smtp->dataend();
app->log->debug( $smtp->message() );
$smtp->quit();
}
sub _generate_random_string {
my ($length_of_randomstring) = @_;
my $random_string;
my @chars = ( 'a' .. 'z', '1' .. '9' );
for ( 1 .. $length_of_randomstring ) {
# rand @chars will generate a random
# number between 0 and scalar @chars
$random_string .= $chars[ rand @chars ];
}
return $random_string;
}
__DATA__
@@ username.html.ep
% layout 'default';
<%= form_for '/' => (method => 'post') => begin %>
Username:
<%= input_tag 'username' %>
<%= submit_button %>
<% end %>
@@smsform.html.ep
<%= form_for '/smscode' => (method => 'post') => begin %>
SMS code
<%= input_tag 'smscode' %>
<br>
<%= submit_button %>
<% end %>
@@smscode.html.ep
% layout 'default';
<h1> <%= "$smscode $random" %> </h1>
% if ( $smscode eq $random ) {
<h2> sms code: <%= $smscode %> </h2>
<%= form_for '/changepass' => (method => 'post') => begin %>
Old Password:
<%= input_tag 'old', type => 'password' %>
<br>
New Password:
<%= input_tag 'new', type => 'password' %>
<br>
<%= submit_button %>
<% end %>
<p> <%= link_to 'Back to the form' => '/' %> </p>
% }
% else {
<h1> you did not typed the right sms code! </h1>
<p> <%= link_to 'Back to the form' => '/' %> </p>
% }
@@ layouts/default.html.ep
<!doctype html><html>
<head><title><%= title %></title></head>
<body>
<h1> <%= title %> </h1>
<%= content %>
</body>
</html>
TIA.
Regards,
Natxo
--
You received this message because you are subscribed to the Google
Groups "Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected]
<mailto:[email protected]>.
To post to this group, send email to [email protected]
<mailto:[email protected]>.
Visit this group at http://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
