From 79e2274a4ba98cdc976489c379bbbf357c1beea7 Mon Sep 17 00:00:00 2001
From: Andreas Granig <agranig@sipwise.com>
Date: Tue, 29 Apr 2014 15:10:22 +0200
Subject: [PATCH] MT#6789 Clear old password on logged-in reset.

That way we force the user to change the pass, otherwise he can't
log in anymore.
---
 lib/NGCP/Panel/Controller/Subscriber.pm | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/NGCP/Panel/Controller/Subscriber.pm b/lib/NGCP/Panel/Controller/Subscriber.pm
index 5351243cd0..1a91fb6a46 100644
--- a/lib/NGCP/Panel/Controller/Subscriber.pm
+++ b/lib/NGCP/Panel/Controller/Subscriber.pm
@@ -445,9 +445,15 @@ sub reset_webpassword :Chained('base') :PathPart('resetwebpassword') :Args(0) {
             UUID::generate($uuid_bin);
             UUID::unparse($uuid_bin, $uuid_string);
             $subscriber->password_resets->delete; # clear any old entries of this subscriber
+
+            # if reset from a logged in user, clear old pass (to force setting new one)
+            # and let reset link be valid for a year
+            $subscriber->provisioning_voip_subscriber->update({
+                webpassword => undef,
+            });
             $subscriber->password_resets->create({
                 uuid => $uuid_string,
-                timestamp => NGCP::Panel::Utils::DateTime::current_local->epoch + 86400,
+                timestamp => NGCP::Panel::Utils::DateTime::current_local->epoch + 31536000,
             });
             my $url = $c->uri_for_action('/subscriber/recover_webpassword')->as_string . '?uuid=' . $uuid_string;
             NGCP::Panel::Utils::Email::password_reset($c, $subscriber, $url);