summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorIgor Scheller <igor.scheller@igorshp.de>2019-10-08 16:17:06 +0200
committerIgor Scheller <igor.scheller@igorshp.de>2019-10-08 16:17:06 +0200
commitdd0366296893a0e8da8ae0365387dd4823d53451 (patch)
treea095514373384ebdaeba7b5809cbcb9bbcfd19d8 /includes
parent8f8130634e40f6a24295b7bab449a43ed7c5aa80 (diff)
Rebuild password reset
Diffstat (limited to 'includes')
-rw-r--r--includes/controller/users_controller.php115
-rw-r--r--includes/model/User_model.php19
-rw-r--r--includes/view/User_view.php35
3 files changed, 0 insertions, 169 deletions
diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php
index 892089e7..3ad2ffd9 100644
--- a/includes/controller/users_controller.php
+++ b/includes/controller/users_controller.php
@@ -1,7 +1,6 @@
<?php
use Engelsystem\Database\DB;
-use Engelsystem\Models\User\PasswordReset;
use Engelsystem\Models\User\State;
use Engelsystem\Models\User\User;
use Engelsystem\ShiftCalendarRenderer;
@@ -312,120 +311,6 @@ function users_list_controller()
}
/**
- * Second step of password recovery: set a new password using the token link from email
- *
- * @return string
- */
-function user_password_recovery_set_new_controller()
-{
- $request = request();
- $passwordReset = PasswordReset::whereToken($request->input('token'))->first();
- if (!$passwordReset) {
- error(__('Token is not correct.'));
- redirect(page_link_to('login'));
- }
-
- if ($request->hasPostData('submit')) {
- $valid = true;
-
- if (
- $request->has('password')
- && strlen($request->postData('password')) >= config('min_password_length')
- ) {
- if ($request->postData('password') != $request->postData('password2')) {
- $valid = false;
- error(__('Your passwords don\'t match.'));
- }
- } else {
- $valid = false;
- error(__('Your password is to short (please use at least 6 characters).'));
- }
-
- if ($valid) {
- auth()->setPassword($passwordReset->user, $request->postData('password'));
- success(__('Password saved.'));
- $passwordReset->delete();
- redirect(page_link_to('login'));
- }
- }
-
- return User_password_set_view();
-}
-
-/**
- * First step of password recovery: display a form that asks for your email and send email with recovery link
- *
- * @return string
- */
-function user_password_recovery_start_controller()
-{
- $request = request();
- if ($request->hasPostData('submit')) {
- $valid = true;
-
- $user_source = null;
- if ($request->has('email') && strlen(strip_request_item('email')) > 0) {
- $email = strip_request_item('email');
- if (check_email($email)) {
- /** @var User $user_source */
- $user_source = User::whereEmail($email)->first();
- if (!$user_source) {
- $valid = false;
- error(__('E-mail address is not correct.'));
- }
- } else {
- $valid = false;
- error(__('E-mail address is not correct.'));
- }
- } else {
- $valid = false;
- error(__('Please enter your e-mail.'));
- }
-
- if ($valid) {
- $token = User_generate_password_recovery_token($user_source);
- engelsystem_email_to_user(
- $user_source,
- __('Password recovery'),
- sprintf(
- __('Please visit %s to recover your password.'),
- page_link_to('user_password_recovery', ['token' => $token])
- )
- );
- success(__('We sent an email containing your password recovery link.'));
- redirect(page_link_to('login'));
- }
- }
-
- return User_password_recovery_view();
-}
-
-/**
- * User password recovery in 2 steps.
- * (By email)
- *
- * @return string
- */
-function user_password_recovery_controller()
-{
- if (request()->has('token')) {
- return user_password_recovery_set_new_controller();
- }
-
- return user_password_recovery_start_controller();
-}
-
-/**
- * Menu title for password recovery.
- *
- * @return string
- */
-function user_password_recovery_title()
-{
- return __('Password recovery');
-}
-
-/**
* Loads a user from param user_id.
*
* @return User
diff --git a/includes/model/User_model.php b/includes/model/User_model.php
index 1994bc47..681e70aa 100644
--- a/includes/model/User_model.php
+++ b/includes/model/User_model.php
@@ -2,7 +2,6 @@
use Carbon\Carbon;
use Engelsystem\Database\DB;
-use Engelsystem\Models\User\PasswordReset;
use Engelsystem\Models\User\User;
use Engelsystem\ValidationResult;
use Illuminate\Database\Query\JoinClause;
@@ -228,24 +227,6 @@ function User_reset_api_key($user, $log = true)
}
/**
- * Generates a new password recovery token for given user.
- *
- * @param User $user
- * @return string
- */
-function User_generate_password_recovery_token($user)
-{
- $reset = PasswordReset::findOrNew($user->id);
- $reset->user_id = $user->id;
- $reset->token = md5($user->name . time() . rand());
- $reset->save();
-
- engelsystem_log('Password recovery for ' . User_Nick_render($user, true) . ' started.');
-
- return $reset->token;
-}
-
-/**
* @param User $user
* @return float
*/
diff --git a/includes/view/User_view.php b/includes/view/User_view.php
index b38a5062..95ecb626 100644
--- a/includes/view/User_view.php
+++ b/includes/view/User_view.php
@@ -760,41 +760,6 @@ function User_view_state_admin($freeloader, $user_source)
}
/**
- * View for password recovery step 1: E-Mail
- *
- * @return string
- */
-function User_password_recovery_view()
-{
- return page_with_title(user_password_recovery_title(), [
- msg(),
- __('We will send you an e-mail with a password recovery link. Please use the email address you used for registration.'),
- form([
- form_text('email', __('E-Mail'), ''),
- form_submit('submit', __('Recover'))
- ])
- ]);
-}
-
-/**
- * View for password recovery step 2: New password
- *
- * @return string
- */
-function User_password_set_view()
-{
- return page_with_title(user_password_recovery_title(), [
- msg(),
- __('Please enter a new password.'),
- form([
- form_password('password', __('Password')),
- form_password('password2', __('Confirm password')),
- form_submit('submit', __('Save'))
- ])
- ]);
-}
-
-/**
* @param array[] $user_angeltypes
* @return string
*/