From bcce2625a8cb0b630d945c6849014049869e10ce Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Tue, 27 Nov 2018 12:01:36 +0100
Subject: Implemented AuthController for login

* Moved /login functionality to AuthController
* Refactored password handling logic to use the Authenticator
---
 includes/controller/users_controller.php | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

(limited to 'includes/controller/users_controller.php')

diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php
index 7c6bde02..214998dc 100644
--- a/includes/controller/users_controller.php
+++ b/includes/controller/users_controller.php
@@ -47,6 +47,7 @@ function users_controller()
 function user_delete_controller()
 {
     $user = auth()->user();
+    $auth = auth();
     $request = request();
 
     if ($request->has('user_id')) {
@@ -68,14 +69,12 @@ function user_delete_controller()
     if ($request->hasPostData('submit')) {
         $valid = true;
 
-        if (
-        !(
+        if (!(
             $request->has('password')
-            && verify_password($request->postData('password'), $user->password, $user->id)
-        )
-        ) {
+            && $auth->verifyPassword($user, $request->postData('password'))
+        )) {
             $valid = false;
-            error(__('Your password is incorrect.  Please try it again.'));
+            error(__('Your password is incorrect. Please try it again.'));
         }
 
         if ($valid) {
@@ -341,7 +340,7 @@ function user_password_recovery_set_new_controller()
         }
 
         if ($valid) {
-            set_password($passwordReset->user->id, $request->postData('password'));
+            auth()->setPassword($passwordReset->user, $request->postData('password'));
             success(__('Password saved.'));
             $passwordReset->delete();
             redirect(page_link_to('login'));
-- 
cgit v1.2.3-54-g00ecf