2024-09-22 19:07:54 +01:00
|
|
|
#!/bin/bash
|
2024-09-22 03:41:33 +01:00
|
|
|
|
2024-09-22 19:07:54 +01:00
|
|
|
echo "Content-type: text/html"
|
|
|
|
|
echo ""
|
2024-09-22 03:41:33 +01:00
|
|
|
|
2024-09-22 19:07:54 +01:00
|
|
|
# Extract token from query string
|
|
|
|
|
TOKEN=$(echo "$QUERY_STRING" | sed -n 's/^.*token=\([^&]*\).*$/\1/p')
|
2024-09-22 03:41:33 +01:00
|
|
|
|
2024-09-22 19:07:54 +01:00
|
|
|
# Check if the token exists and is valid (not expired)
|
|
|
|
|
DB_PATH="/var/lib/monotreme/data/monotreme.db"
|
|
|
|
|
VALID_TOKEN=$(sqlite3 $DB_PATH "SELECT COUNT(*) FROM users WHERE reset_token='$TOKEN' AND reset_expires > strftime('%s','now');")
|
2024-09-22 03:41:33 +01:00
|
|
|
|
2024-09-22 19:07:54 +01:00
|
|
|
if [ "$VALID_TOKEN" -eq 0 ]; then
|
|
|
|
|
cat <<EOF
|
|
|
|
|
<html>
|
|
|
|
|
<head><title>Invalid Token</title></head>
|
|
|
|
|
<body>
|
|
|
|
|
<h1>Invalid or expired token!</h1>
|
|
|
|
|
<a href="/login/forgot/">Request a new reset link</a>
|
|
|
|
|
</body>
|
|
|
|
|
</html>
|
|
|
|
|
EOF
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
2024-09-22 03:41:33 +01:00
|
|
|
|
2024-09-22 19:07:54 +01:00
|
|
|
# Display reset form
|
|
|
|
|
cat <<EOF
|
|
|
|
|
<html>
|
|
|
|
|
<head><title>Reset Your Password</title></head>
|
|
|
|
|
<body>
|
|
|
|
|
<h1>Reset Your Password</h1>
|
|
|
|
|
<form action="/cgi-bin/reset_password_confirm.cgi" method="post">
|
2024-09-22 22:20:51 +01:00
|
|
|
<input type="hidden" name="token" value="$TOKEN">
|
2024-09-22 19:07:54 +01:00
|
|
|
<label for="password">New Password:</label>
|
|
|
|
|
<input type="password" id="password" name="password" required>
|
|
|
|
|
<br>
|
|
|
|
|
<label for="confirm_password">Confirm Password:</label>
|
|
|
|
|
<input type="password" id="confirm_password" name="confirm_password" required>
|
|
|
|
|
<br>
|
|
|
|
|
<input type="submit" value="Reset Password">
|
|
|
|
|
</form>
|
|
|
|
|
</body>
|
|
|
|
|
</html>
|
|
|
|
|
EOF
|
