Check lock_status before logging in

This commit is contained in:
swag 2023-01-08 23:37:41 -05:00
parent 0ea7f7c906
commit a33cbff534
2 changed files with 26 additions and 5 deletions

View File

@ -32,7 +32,6 @@ Run the tests locally (against development environment):
## TODOs
1. lock_status isn't doing anything!!
1. Actions for creating moderators and resetting passwords
1. CSS
1. "All new posts flagged" mode (require approval for new posts)

View File

@ -17,7 +17,9 @@ sub create($self, $name, $email, $password) {
}
sub check($self, $email, $password) {
my $moderator =
my ($moderator, $mod_id);
$moderator =
$self->pg->db->query(<<~'END_SQL', $email)->hash;
SELECT moderator_id AS id,
password_hash
@ -25,10 +27,22 @@ sub check($self, $email, $password) {
WHERE email_addr = ?;
END_SQL
return undef unless $moderator->{'id'};
$mod_id = $moderator->{'id'};
return $self->authenticator
->verify_password($password, $moderator->{'password_hash'});
if ($mod_id && !$self->lock_status($mod_id)) {
return $self->authenticator
->verify_password($password, $moderator->{'password_hash'});
}
return undef;
}
sub lock_out($self, $mod_id) {
$self->pg->db->query(<<~'END_SQL', $mod_id)
UPDATE moderators
SET lock_status = TRUE
WHERE moderator_id = ?;
END_SQL
}
sub get_id($self, $email) {
@ -47,6 +61,14 @@ sub get_name($self, $mod_id) {
END_SQL
}
sub lock_status($self, $mod_id) {
$self->pg->db->query(<<~'END_SQL', $mod_id)->hash->{'lock_status'}
SELECT lock_status
FROM moderators
WHERE moderator_id = ?;
END_SQL
}
sub login_timestamp($self, $mod_id) {
$self->pg->db->query(<<~'END_SQL', $mod_id);
UPDATE moderators