diff --git a/README.md b/README.md index 9d499ca..6283a75 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,6 @@ Run the tests locally (against development environment): ## TODOs -1. lock_status isn't doing anything!! 1. Actions for creating moderators and resetting passwords 1. CSS 1. "All new posts flagged" mode (require approval for new posts) diff --git a/lib/PostText/Model/Moderator.pm b/lib/PostText/Model/Moderator.pm index 9bab22a..527ce43 100644 --- a/lib/PostText/Model/Moderator.pm +++ b/lib/PostText/Model/Moderator.pm @@ -17,7 +17,9 @@ sub create($self, $name, $email, $password) { } sub check($self, $email, $password) { - my $moderator = + my ($moderator, $mod_id); + + $moderator = $self->pg->db->query(<<~'END_SQL', $email)->hash; SELECT moderator_id AS id, password_hash @@ -25,10 +27,22 @@ sub check($self, $email, $password) { WHERE email_addr = ?; END_SQL - return undef unless $moderator->{'id'}; + $mod_id = $moderator->{'id'}; - return $self->authenticator - ->verify_password($password, $moderator->{'password_hash'}); + if ($mod_id && !$self->lock_status($mod_id)) { + return $self->authenticator + ->verify_password($password, $moderator->{'password_hash'}); + } + + return undef; +} + +sub lock_out($self, $mod_id) { + $self->pg->db->query(<<~'END_SQL', $mod_id) + UPDATE moderators + SET lock_status = TRUE + WHERE moderator_id = ?; + END_SQL } sub get_id($self, $email) { @@ -47,6 +61,14 @@ sub get_name($self, $mod_id) { END_SQL } +sub lock_status($self, $mod_id) { + $self->pg->db->query(<<~'END_SQL', $mod_id)->hash->{'lock_status'} + SELECT lock_status + FROM moderators + WHERE moderator_id = ?; + END_SQL +} + sub login_timestamp($self, $mod_id) { $self->pg->db->query(<<~'END_SQL', $mod_id); UPDATE moderators