public function passwordProcessAction(Request $req)
{
if (!$this->app['sentry']->check()) {
return $this->redirectTo('login');
}
$user = $this->app['sentry']->getUser();
/**
* Okay, the logic is kind of weird but we can use the SignupForm
* validation code to make sure our password changes are good
*/
$formData = array('password' => $req->get('password'), 'password2' => $req->get('password_confirm'));
$form = new SignupForm($formData, $this->app['purifier']);
$form->sanitize();
if ($form->validatePasswords() === false) {
$this->app['session']->set('flash', array('type' => 'error', 'short' => 'Error', 'ext' => implode("<br>", $form->getErrorMessages())));
return $this->redirectTo('password_edit');
}
/**
* Resetting passwords looks weird because we need to use Sentry's
* own built-in password reset functionality to do it
*/
$sanitized_data = $form->getCleanData();
$reset_code = $user->getResetPasswordCode();
if (!$user->attemptResetPassword($reset_code, $sanitized_data['password'])) {
$this->app['session']->set('flash', array('type' => 'error', 'short' => 'Error', 'ext' => "Unable to update your password in the database. Please try again."));
return $this->redirectTo('password_edit');
}
$this->app['session']->set('flash', array('type' => 'success', 'short' => 'Success', 'ext' => "Changed your password."));
return $this->redirectTo('password_edit');
}
/**
* Test that we get back some sanitized data
*
* @test
* @param array $inputData
* @param array $expectedData
* @dataProvider sanitizationProvider
*/
public function dataGetsSanitizedCorrectly($inputData, $expectedData)
{
$form = new \OpenCFP\Http\Form\SignupForm($inputData, $this->purifier);
$form->sanitize();
$sanitizedData = $form->getCleanData();
$this->assertEquals($expectedData, $sanitizedData, "Data was not sanitized properly");
}
