| public static generateToken ( $username, $passwordHash ) : string | ||
| $username | ||
| $passwordHash | ||
| return | string | |
public function lostpasswordAction()
{
$username = $this->getParam("username");
if ($username) {
$user = User::getByName($username);
if (!$user instanceof User) {
$this->view->error = "user unknown";
} else {
if ($user->isActive()) {
if ($user->getEmail()) {
$token = Tool\Authentication::generateToken($username, $user->getPassword());
$uri = $this->getRequest()->getScheme() . "://" . $this->getRequest()->getHttpHost();
$loginUrl = $uri . "/admin/login/login/?username="******"&token=" . $token . "&reset=true";
try {
$mail = Tool::getMail(array($user->getEmail()), "Pimcore lost password service");
$mail->setIgnoreDebugMode(true);
$mail->setBodyText("Login to pimcore and change your password using the following link. This temporary login link will expire in 30 minutes: \r\n\r\n" . $loginUrl);
$mail->send();
$this->view->success = true;
} catch (\Exception $e) {
$this->view->error = "could not send email";
}
} else {
$this->view->error = "user has no email address";
}
} else {
$this->view->error = "user inactive";
}
}
}
}
public function getTokenLoginLinkAction()
{
$user = User::getById($this->getParam("id"));
if ($user->isAdmin() && !$this->getUser()->isAdmin()) {
throw new \Exception("Only admin users are allowed to login as an admin user");
}
if ($user) {
$token = Tool\Authentication::generateToken($user->getName(), $user->getPassword());
$r = $this->getRequest();
$link = $r->getScheme() . "://" . $r->getHttpHost() . "/admin/login/login/?username="******"&token=" . $token;
$this->_helper->json(["link" => $link]);
}
}