package My::Mailserver::Controller::Auth; use Mojo::Base 'Mojolicious::Controller'; use Email::Stuffer; sub under { my $c = shift; if ($c->is_user_authenticated) { $c->current_user->recovery_codes->delete; return 1; } $c->redirect_to('/'); return 0; } sub is_manager { ... } sub login_get { my $c = shift; $c->redirect_to('/dashboard') if $c->is_user_authenticated; } sub login_post { my $c = shift; my $v = $c->validation; $v->csrf_protect; $v->required('email'); $v->required('password'); if ($v->is_valid && $c->authenticate($v->param('email'), $v->param('password'))) { return $c->redirect_to('/dashboard'); }; return $c->redirect_to('/'); } sub recover_post { my $c = shift; my $v = $c->validation; $v->csrf_protect; $v->required('recovery_email'); if ($v->is_valid) { my $email = $c->schema->resultset('VirtualUser')->find({email => $v->param('recovery_email')}); if (defined $email) { my $recovery = $email->new_recovery_code; $c->app->log->debug('Created recovery token: ' . $recovery->code); my $url = $c->url_for('/reset/' . $recovery->code)->to_abs; my $email_body = $c->render_to_string( template => '_email/reset', email => $email, url => $url, format => 'txt', ); Email::Stuffer ->from('postmaster@' . $email->domain->name) ->to($email->email) ->subject('Password Reset') ->text_body($email_body) ->transport($c->email_transport) ->send_or_die; } else { $c->app->log->debug('Email not found'); } } else { $c->app->log->debug('Invalid Form'); } # You'l never know.... :D $c->flash(success => 'If that email exists, a recovery link has been sent'); return $c->redirect_to('/'); } sub reset_get { my $self = shift; } sub reset_post { my $self = shift; } sub logout_any { my $c = shift; $c->logout; $c->redirect_to('/'); } 1;