/**
* Saves password reset info and sends confirmation email.
*
* @param QuickForm2 $form
* @return array Error message(s) if an error occurs.
*/
private function resetPasswordFirstStep($form)
{
$loginMail = $form->getSubmitValue('form_login');
$password = $form->getSubmitValue('form_password');
// check the password
try {
UsersManager::checkPassword($password);
} catch (Exception $ex) {
return array($ex->getMessage());
}
// get the user's login
if ($loginMail === 'anonymous') {
return array(Piwik::translate('Login_InvalidUsernameEmail'));
}
$user = self::getUserInformation($loginMail);
if ($user === null) {
return array(Piwik::translate('Login_InvalidUsernameEmail'));
}
$login = $user['login'];
// if valid, store password information in options table, then...
Login::savePasswordResetInfo($login, $password);
// ... send email with confirmation link
try {
$this->sendEmailConfirmationLink($user);
} catch (Exception $ex) {
// remove password reset info
Login::removePasswordResetInfo($login);
return array($ex->getMessage() . Piwik::translate('Login_ContactAdmin'));
}
return null;
}
/**
* Authenticates the user and initializes the session.
*/
public function initSession($login, $md5Password, $rememberMe)
{
$tokenAuth = API::getInstance()->getTokenAuth($login, $md5Password);
$this->setLogin($login);
$this->setTokenAuth($tokenAuth);
$authResult = $this->authenticate();
$authCookieName = Config::getInstance()->General['login_cookie_name'];
$authCookieExpiry = $rememberMe ? time() + Config::getInstance()->General['login_cookie_expire'] : 0;
$authCookiePath = Config::getInstance()->General['login_cookie_path'];
$cookie = new Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
if (!$authResult->wasAuthenticationSuccessful()) {
$cookie->delete();
throw new Exception(Piwik::translate('Login_LoginPasswordNotCorrect'));
}
$cookie->set('login', $login);
$cookie->set('token_auth', $this->getHashTokenAuth($login, $authResult->getTokenAuth()));
$cookie->setSecure(ProxyHttp::isHttps());
$cookie->setHttpOnly(true);
$cookie->save();
@Session::regenerateId();
// remove password reset entry if it exists
Login::removePasswordResetInfo($login);
}
/**
* Executed when the session was successfully authenticated
* @param $login
* @param $tokenAuth
* @param $rememberMe
*/
protected function processSuccessfullSession($login, $tokenAuth, $rememberMe)
{
$cookie = $this->getAuthCookie($rememberMe);
$cookie->set('login', $login);
$cookie->set('token_auth', $this->getHashTokenAuth($login, $tokenAuth));
$cookie->setSecure(ProxyHttp::isHttps());
$cookie->setHttpOnly(true);
$cookie->save();
// remove password reset entry if it exists
Login::removePasswordResetInfo($login);
}
/**
* Executed when the session was successfully authenticated
* @param $login
* @param $tokenAuth
* @param $rememberMe
*/
protected function processSuccessfulSession($login, $tokenAuth, $rememberMe)
{
/**
* Triggered after successful authenticate, but before cookie creation.
* This event propagate login and token_auth which was used in authenticate process.
*
* This event exists to enable the ability to custom action before the cookie will be created,
* but after a successful authentication.
* For example when user have to fill survey or change password.
*
* **Example**
*
* Piwik::addAction('Login.authenticate.successful', function ($login, $tokenAuth) {
* // redirect to change password action
* });
*
* @param string $login User login.
* @param string $tokenAuth User token auth.
*/
Piwik::postEvent('Login.authenticate.successful', array($login, $tokenAuth));
$cookie = $this->getAuthCookie($rememberMe);
$cookie->set('login', $login);
$cookie->set('token_auth', $this->getHashTokenAuth($login, $tokenAuth));
$cookie->setSecure(ProxyHttp::isHttps());
$cookie->setHttpOnly(true);
$cookie->save();
// remove password reset entry if it exists
Login::removePasswordResetInfo($login);
}
