From 1d1ef2003432d6993f0169b58e7b5f176948eb35 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 2 Apr 2012 12:17:07 -0400 Subject: [PATCH] add support for a passwordless login token The plan is to use this for accounts that are created implicitly, as when a non-logged-in user subscribes to notifyemail. Such an account has no password, and login can be accomplished by way of a url that is sent to them in email. When the user sets a password, the passwordless login token is disabled. --- IkiWiki/Plugin/passwordauth.pm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/IkiWiki/Plugin/passwordauth.pm b/IkiWiki/Plugin/passwordauth.pm index c167f52b5..6a5153efd 100644 --- a/IkiWiki/Plugin/passwordauth.pm +++ b/IkiWiki/Plugin/passwordauth.pm @@ -96,6 +96,12 @@ sub setpassword ($$;$) { else { IkiWiki::userinfo_set($user, $field, $password); } + + # Setting the password clears any passwordless login token. + if ($field ne 'passwordless') { + IkiWiki::userinfo_set($user, "cryptpasswordless", ""); + IkiWiki::userinfo_set($user, "passwordless", ""); + } } sub formbuilder_setup (@) { -- 2.26.2