diff options
author | msquare <msquare@notrademark.de> | 2019-10-13 13:43:08 +0200 |
---|---|---|
committer | msquare <msquare@notrademark.de> | 2019-10-13 13:43:08 +0200 |
commit | c0e97bfe753013b115345b00cbfd9858799a6ac9 (patch) | |
tree | 7e98447e4c7d874ec27e26801771086843f3efc3 /includes | |
parent | 285f5509dd948c2359c861eec364a677e8ce4910 (diff) | |
parent | 7a2427e70296ef652f76fe2e2edc47d2e0f70f5a (diff) |
Password recovery rebuild, correctly translated Mails and some minor fixes #658
Diffstat (limited to 'includes')
-rw-r--r-- | includes/controller/users_controller.php | 115 | ||||
-rw-r--r-- | includes/model/User_model.php | 19 | ||||
-rw-r--r-- | includes/pages/guest_login.php | 4 | ||||
-rw-r--r-- | includes/view/User_view.php | 93 |
4 files changed, 15 insertions, 216 deletions
diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 892089e7..3ad2ffd9 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -1,7 +1,6 @@ <?php use Engelsystem\Database\DB; -use Engelsystem\Models\User\PasswordReset; use Engelsystem\Models\User\State; use Engelsystem\Models\User\User; use Engelsystem\ShiftCalendarRenderer; @@ -312,120 +311,6 @@ function users_list_controller() } /** - * Second step of password recovery: set a new password using the token link from email - * - * @return string - */ -function user_password_recovery_set_new_controller() -{ - $request = request(); - $passwordReset = PasswordReset::whereToken($request->input('token'))->first(); - if (!$passwordReset) { - error(__('Token is not correct.')); - redirect(page_link_to('login')); - } - - if ($request->hasPostData('submit')) { - $valid = true; - - if ( - $request->has('password') - && strlen($request->postData('password')) >= config('min_password_length') - ) { - if ($request->postData('password') != $request->postData('password2')) { - $valid = false; - error(__('Your passwords don\'t match.')); - } - } else { - $valid = false; - error(__('Your password is to short (please use at least 6 characters).')); - } - - if ($valid) { - auth()->setPassword($passwordReset->user, $request->postData('password')); - success(__('Password saved.')); - $passwordReset->delete(); - redirect(page_link_to('login')); - } - } - - return User_password_set_view(); -} - -/** - * First step of password recovery: display a form that asks for your email and send email with recovery link - * - * @return string - */ -function user_password_recovery_start_controller() -{ - $request = request(); - if ($request->hasPostData('submit')) { - $valid = true; - - $user_source = null; - if ($request->has('email') && strlen(strip_request_item('email')) > 0) { - $email = strip_request_item('email'); - if (check_email($email)) { - /** @var User $user_source */ - $user_source = User::whereEmail($email)->first(); - if (!$user_source) { - $valid = false; - error(__('E-mail address is not correct.')); - } - } else { - $valid = false; - error(__('E-mail address is not correct.')); - } - } else { - $valid = false; - error(__('Please enter your e-mail.')); - } - - if ($valid) { - $token = User_generate_password_recovery_token($user_source); - engelsystem_email_to_user( - $user_source, - __('Password recovery'), - sprintf( - __('Please visit %s to recover your password.'), - page_link_to('user_password_recovery', ['token' => $token]) - ) - ); - success(__('We sent an email containing your password recovery link.')); - redirect(page_link_to('login')); - } - } - - return User_password_recovery_view(); -} - -/** - * User password recovery in 2 steps. - * (By email) - * - * @return string - */ -function user_password_recovery_controller() -{ - if (request()->has('token')) { - return user_password_recovery_set_new_controller(); - } - - return user_password_recovery_start_controller(); -} - -/** - * Menu title for password recovery. - * - * @return string - */ -function user_password_recovery_title() -{ - return __('Password recovery'); -} - -/** * Loads a user from param user_id. * * @return User diff --git a/includes/model/User_model.php b/includes/model/User_model.php index 1994bc47..681e70aa 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -2,7 +2,6 @@ use Carbon\Carbon; use Engelsystem\Database\DB; -use Engelsystem\Models\User\PasswordReset; use Engelsystem\Models\User\User; use Engelsystem\ValidationResult; use Illuminate\Database\Query\JoinClause; @@ -228,24 +227,6 @@ function User_reset_api_key($user, $log = true) } /** - * Generates a new password recovery token for given user. - * - * @param User $user - * @return string - */ -function User_generate_password_recovery_token($user) -{ - $reset = PasswordReset::findOrNew($user->id); - $reset->user_id = $user->id; - $reset->token = md5($user->name . time() . rand()); - $reset->save(); - - engelsystem_log('Password recovery for ' . User_Nick_render($user, true) . ' started.'); - - return $reset->token; -} - -/** * @param User $user * @return float */ diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 280743e5..170572e4 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -242,9 +242,9 @@ function guest_register() redirect(page_link_to('register')); } - // If a welcome message is present, display registration success page. + // If a welcome message is present, display it on the next page if ($message = $config->get('welcome_msg')) { - return User_registration_success_view($message); + info((new Parsedown())->text($message)); } redirect(page_link_to('/')); diff --git a/includes/view/User_view.php b/includes/view/User_view.php index bfe7e02c..95ecb626 100644 --- a/includes/view/User_view.php +++ b/includes/view/User_view.php @@ -108,46 +108,6 @@ function User_settings_view( } /** - * Displays the welcome message to the user and shows a login form. - * - * @param string $event_welcome_message - * @return string - */ -function User_registration_success_view($event_welcome_message) -{ - $parsedown = new Parsedown(); - $event_welcome_message = $parsedown->text($event_welcome_message); - - return page_with_title(__('Registration successful'), [ - msg(), - div('row', [ - div('col-md-4', [ - $event_welcome_message - ]), - div('col-md-4', [ - '<h2>' . __('Login') . '</h2>', - form([ - form_text('login', __('Nick'), ''), - form_password('password', __('Password')), - form_submit('submit', __('Login')), - buttons([ - button(page_link_to('user_password_recovery'), __('I forgot my password')) - ]), - info(__('Please note: You have to activate cookies!'), true) - ], page_link_to('login')) - ]), - div('col-md-4', [ - '<h2>' . __('What can I do?') . '</h2>', - '<p>' . __('Please read about the jobs you can do to help us.') . '</p>', - buttons([ - button(page_link_to('angeltypes', ['action' => 'about']), __('Teams/Job description') . ' »') - ]) - ]) - ]) - ]); -} - -/** * Gui for deleting user with password field. * * @param User $user @@ -255,13 +215,13 @@ function Users_view( ]; $user_table_headers = [ - 'name' => Users_table_header_link('name', __('Nick'), $order_by) + 'name' => Users_table_header_link('name', __('Nick'), $order_by) ]; - if(config('enable_user_name')) { + if (config('enable_user_name')) { $user_table_headers['first_name'] = Users_table_header_link('first_name', __('Prename'), $order_by); $user_table_headers['last_name'] = Users_table_header_link('last_name', __('Name'), $order_by); } - if(config('enable_dect')) { + if (config('enable_dect')) { $user_table_headers['dect'] = Users_table_header_link('dect', __('DECT'), $order_by); } $user_table_headers['arrived'] = Users_table_header_link('arrived', __('Arrived'), $order_by); @@ -271,8 +231,16 @@ function Users_view( $user_table_headers['force_active'] = Users_table_header_link('force_active', __('Forced'), $order_by); $user_table_headers['got_shirt'] = Users_table_header_link('got_shirt', __('T-Shirt'), $order_by); $user_table_headers['shirt_size'] = Users_table_header_link('shirt_size', __('Size'), $order_by); - $user_table_headers['arrival_date'] = Users_table_header_link('planned_arrival_date', __('Planned arrival'), $order_by); - $user_table_headers['departure_date'] = Users_table_header_link('planned_departure_date', __('Planned departure'), $order_by); + $user_table_headers['arrival_date'] = Users_table_header_link( + 'planned_arrival_date', + __('Planned arrival'), + $order_by + ); + $user_table_headers['departure_date'] = Users_table_header_link( + 'planned_departure_date', + __('Planned departure'), + $order_by + ); $user_table_headers['last_login_at'] = Users_table_header_link('last_login_at', __('Last login'), $order_by); $user_table_headers['actions'] = ''; @@ -792,41 +760,6 @@ function User_view_state_admin($freeloader, $user_source) } /** - * View for password recovery step 1: E-Mail - * - * @return string - */ -function User_password_recovery_view() -{ - return page_with_title(user_password_recovery_title(), [ - msg(), - __('We will send you an e-mail with a password recovery link. Please use the email address you used for registration.'), - form([ - form_text('email', __('E-Mail'), ''), - form_submit('submit', __('Recover')) - ]) - ]); -} - -/** - * View for password recovery step 2: New password - * - * @return string - */ -function User_password_set_view() -{ - return page_with_title(user_password_recovery_title(), [ - msg(), - __('Please enter a new password.'), - form([ - form_password('password', __('Password')), - form_password('password2', __('Confirm password')), - form_submit('submit', __('Save')) - ]) - ]); -} - -/** * @param array[] $user_angeltypes * @return string */ |