diff options
Diffstat (limited to 'app/Controller')
| -rw-r--r-- | app/Controller/Auth.php | 17 | ||||
| -rw-r--r-- | app/Controller/Captcha.php | 29 | ||||
| -rw-r--r-- | app/Controller/Config.php | 3 | ||||
| -rw-r--r-- | app/Controller/PasswordReset.php | 120 | ||||
| -rw-r--r-- | app/Controller/User.php | 14 |
5 files changed, 166 insertions, 17 deletions
diff --git a/app/Controller/Auth.php b/app/Controller/Auth.php index cd1dd167..07e66070 100644 --- a/app/Controller/Auth.php +++ b/app/Controller/Auth.php @@ -2,8 +2,6 @@ namespace Kanboard\Controller; -use Gregwar\Captcha\CaptchaBuilder; - /** * Authentication controller * @@ -62,21 +60,6 @@ class Auth extends Base } /** - * Display captcha image - * - * @access public - */ - public function captcha() - { - $this->response->contentType('image/jpeg'); - - $builder = new CaptchaBuilder; - $builder->build(); - $this->sessionStorage->captcha = $builder->getPhrase(); - $builder->output(); - } - - /** * Redirect the user after the authentication * * @access private diff --git a/app/Controller/Captcha.php b/app/Controller/Captcha.php new file mode 100644 index 00000000..fcf081ea --- /dev/null +++ b/app/Controller/Captcha.php @@ -0,0 +1,29 @@ +<?php + +namespace Kanboard\Controller; + +use Gregwar\Captcha\CaptchaBuilder; + +/** + * Captcha Controller + * + * @package controller + * @author Frederic Guillot + */ +class Captcha extends Base +{ + /** + * Display captcha image + * + * @access public + */ + public function image() + { + $this->response->contentType('image/jpeg'); + + $builder = new CaptchaBuilder; + $builder->build(); + $this->sessionStorage->captcha = $builder->getPhrase(); + $builder->output(); + } +} diff --git a/app/Controller/Config.php b/app/Controller/Config.php index c7097da3..4aee8553 100644 --- a/app/Controller/Config.php +++ b/app/Controller/Config.php @@ -40,6 +40,9 @@ class Config extends Base $values = $this->request->getValues(); switch ($redirect) { + case 'application': + $values += array('password_reset' => 0); + break; case 'project': $values += array('subtask_restriction' => 0, 'subtask_time_tracking' => 0, 'cfd_include_closed_tasks' => 0); break; diff --git a/app/Controller/PasswordReset.php b/app/Controller/PasswordReset.php new file mode 100644 index 00000000..ebc1f77a --- /dev/null +++ b/app/Controller/PasswordReset.php @@ -0,0 +1,120 @@ +<?php + +namespace Kanboard\Controller; + +/** + * Password Reset Controller + * + * @package controller + * @author Frederic Guillot + */ +class PasswordReset extends Base +{ + /** + * Show the form to reset the password + */ + public function create(array $values = array(), array $errors = array()) + { + $this->checkActivation(); + + $this->response->html($this->template->layout('password_reset/create', array( + 'errors' => $errors, + 'values' => $values, + 'no_layout' => true, + ))); + } + + /** + * Validate and send the email + */ + public function save() + { + $this->checkActivation(); + + $values = $this->request->getValues(); + list($valid, $errors) = $this->passwordResetValidator->validateCreation($values); + + if ($valid) { + $this->sendEmail($values['username']); + $this->response->redirect($this->helper->url->to('auth', 'login')); + } + + $this->create($values, $errors); + } + + /** + * Show the form to set a new password + */ + public function change(array $values = array(), array $errors = array()) + { + $this->checkActivation(); + + $token = $this->request->getStringParam('token'); + $user_id = $this->passwordReset->getUserIdByToken($token); + + if ($user_id !== false) { + $this->response->html($this->template->layout('password_reset/change', array( + 'token' => $token, + 'errors' => $errors, + 'values' => $values, + 'no_layout' => true, + ))); + } + + $this->response->redirect($this->helper->url->to('auth', 'login')); + } + + /** + * Set the new password + */ + public function update(array $values = array(), array $errors = array()) + { + $this->checkActivation(); + + $token = $this->request->getStringParam('token'); + $values = $this->request->getValues(); + list($valid, $errors) = $this->passwordResetValidator->validateModification($values); + + if ($valid) { + $user_id = $this->passwordReset->getUserIdByToken($token); + + if ($user_id !== false) { + $this->user->update(array('id' => $user_id, 'password' => $values['password'])); + $this->passwordReset->disable($user_id); + } + + $this->response->redirect($this->helper->url->to('auth', 'login')); + } + + $this->change($values, $errors); + } + + /** + * Send the email + */ + private function sendEmail($username) + { + $token = $this->passwordReset->create($username); + + if ($token !== false) { + $user = $this->user->getByUsername($username); + + $this->emailClient->send( + $user['email'], + $user['name'] ?: $user['username'], + t('Password Reset for Kanboard'), + $this->template->render('password_reset/email', array('token' => $token)) + ); + } + } + + /** + * Check feature availability + */ + private function checkActivation() + { + if ($this->config->get('password_reset', 0) == 0) { + $this->response->redirect($this->helper->url->to('auth', 'login')); + } + } +} diff --git a/app/Controller/User.php b/app/Controller/User.php index 8b6df44c..2a811219 100644 --- a/app/Controller/User.php +++ b/app/Controller/User.php @@ -173,6 +173,20 @@ class User extends Base } /** + * Display last password reset + * + * @access public + */ + public function passwordReset() + { + $user = $this->getUser(); + $this->response->html($this->layout('user/password_reset', array( + 'tokens' => $this->passwordReset->getAll($user['id']), + 'user' => $user, + ))); + } + + /** * Display last connections * * @access public |