/** * Request password reset. * * @access public * @since 2.0.0 */ public function PasswordRequest() { Gdn::Locale()->SetTranslation('Email', T(UserModel::SigninLabelCode())); if ($this->Form->IsPostBack() === TRUE) { $this->Form->ValidateRule('Email', 'ValidateRequired'); if ($this->Form->ErrorCount() == 0) { try { $Email = $this->Form->GetFormValue('Email'); if (!$this->UserModel->PasswordRequest($Email)) { $this->Form->SetValidationResults($this->UserModel->ValidationResults()); } } catch (Exception $ex) { $this->Form->AddError($ex->getMessage()); } if ($this->Form->ErrorCount() == 0) { $this->Form->AddError('Success!'); $this->View = 'passwordrequestsent'; } } else { if ($this->Form->ErrorCount() == 0) { $this->Form->AddError("Couldn't find an account associated with that email/username."); } } } $this->Render(); }
/** * Request password reset. * * @access public * @since 2.0.0 */ public function PasswordRequest() { Gdn::Locale()->SetTranslation('Email', T(UserModel::SigninLabelCode())); if ($this->Form->IsPostBack() === TRUE) { $this->Form->ValidateRule('Email', 'ValidateRequired'); if ($this->Form->ErrorCount() == 0) { try { $Email = $this->Form->GetFormValue('Email'); if (!$this->UserModel->PasswordRequest($Email)) { $this->Form->SetValidationResults($this->UserModel->ValidationResults()); Logger::event('password_reset_failure', Logger::INFO, 'Can\'t find account associated with email/username {Input}.', array('Input' => $Email)); } } catch (Exception $ex) { $this->Form->AddError($ex->getMessage()); } if ($this->Form->ErrorCount() == 0) { $this->Form->AddError('Success!'); $this->View = 'passwordrequestsent'; Logger::event('password_reset_request', Logger::INFO, '{Input} has been sent a password reset email.', array('Input' => $Email)); } } else { if ($this->Form->ErrorCount() == 0) { $this->Form->AddError("Couldn't find an account associated with that email/username."); Logger::event('password_reset_failure', Logger::INFO, 'Can\'t find account associated with email/username {Input}.', array('Input' => $this->Form->GetValue('Email'))); } } } $this->Render(); }
public function SSO($UserID = FALSE) { $this->Permission('Garden.Users.Edit'); $ProviderModel = new Gdn_AuthenticationProviderModel(); $Form = new Gdn_Form(); if ($this->Request->IsPostBack()) { // Make sure everything has been posted. $Form->ValidateRule('ClientID', 'ValidateRequired'); $Form->ValidateRule('UniqueID', 'ValidateRequired'); if (!ValidateRequired($Form->GetFormValue('Username')) && !ValidateRequired($Form->GetFormValue('Email'))) { $Form->AddError('Username or Email is required.'); } $Provider = $ProviderModel->GetProviderByKey($Form->GetFormValue('ClientID')); if (!$Provider) { $Form->AddError(sprintf('%1$s "%2$s" not found.', T('Provider'), $Form->GetFormValue('ClientID'))); } if ($Form->ErrorCount() > 0) { throw new Gdn_UserException($Form->ErrorString()); } // Grab the user. $User = FALSE; if ($Email = $Form->GetFormValue('Email')) { $User = Gdn::UserModel()->GetByEmail($Email); } if (!$User && ($Username = $Form->GetFormValue('Username'))) { $User = Gdn::UserModel()->GetByUsername($Username); } if (!$User) { throw new Gdn_UserException(sprintf(T('User not found.'), strtolower(T(UserModel::SigninLabelCode()))), 404); } // Validate the user's password. $PasswordHash = new Gdn_PasswordHash(); $Password = $this->Form->GetFormValue('Password', NULL); if ($Password !== NULL && !$PasswordHash->CheckPassword($Password, GetValue('Password', $User), GetValue('HashMethod', $User))) { throw new Gdn_UserException(T('Invalid password.'), 401); } // Okay. We've gotten this far. Let's save the authentication. $User = (array) $User; Gdn::UserModel()->SaveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->GetFormValue('ClientID'), 'UniqueID' => $Form->GetFormValue('UniqueID'))); $Row = Gdn::UserModel()->GetAuthentication($Form->GetFormValue('UniqueID'), $Form->GetFormValue('ClientID')); if ($Row) { $this->SetData('Result', $Row); } else { throw new Gdn_UserException(T('There was an error saving the data.')); } } else { $User = Gdn::UserModel()->GetID($UserID); if (!$User) { throw NotFoundException('User'); } $Result = Gdn::SQL()->Select('ua.ProviderKey', '', 'ClientID')->Select('ua.ForeignUserKey', '', 'UniqueID')->Select('ua.UserID')->Select('p.Name')->Select('p.AuthenticationSchemeAlias', '', 'Type')->From('UserAuthentication ua')->Join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->Where('UserID', $UserID)->Get()->ResultArray(); $this->SetData('Result', $Result); } $this->Render('Blank', 'Utility', 'Dashboard'); }
/** * @param Gdn_Controller $Sender * @param array $Args */ protected function Settings_AddEdit($Sender, $Args) { $client_id = $Sender->Request->Get('client_id'); Gdn::Locale()->SetTranslation('AuthenticationKey', 'Client ID'); Gdn::Locale()->SetTranslation('AssociationSecret', 'Secret'); Gdn::Locale()->SetTranslation('AuthenticateUrl', 'Authentication Url'); $Form = new Gdn_Form(); $Sender->Form = $Form; if ($Form->AuthenticatedPostBack()) { if ($Form->GetFormValue('Generate') || $Sender->Request->Post('Generate')) { $Form->SetFormValue('AuthenticationKey', mt_rand()); $Form->SetFormValue('AssociationSecret', md5(mt_rand())); $Sender->SetFormSaved(FALSE); } else { $Form->ValidateRule('AuthenticationKey', 'ValidateRequired'); // $Form->ValidateRule('AuthenticationKey', 'regex:`^[a-z0-9_-]+$`i', T('The client id must contain only letters, numbers and dashes.')); $Form->ValidateRule('AssociationSecret', 'ValidateRequired'); $Form->ValidateRule('AuthenticateUrl', 'ValidateRequired'); $Values = $Form->FormValues(); // $Values = ArrayTranslate($Values, array('Name', 'AuthenticationKey', 'URL', 'AssociationSecret', 'AuthenticateUrl', 'SignInUrl', 'RegisterUrl', 'SignOutUrl', 'IsDefault')); $Values['AuthenticationSchemeAlias'] = 'jsconnect'; $Values['AssociationHashMethod'] = 'md5'; $Values['Attributes'] = serialize(array('HashType' => $Form->GetFormValue('HashType'), 'TestMode' => $Form->GetFormValue('TestMode'), 'Trusted' => $Form->GetFormValue('Trusted', 0))); if ($Form->ErrorCount() == 0) { if ($client_id) { Gdn::SQL()->Put('UserAuthenticationProvider', $Values, array('AuthenticationKey' => $client_id)); } else { Gdn::SQL()->Options('Ignore', TRUE)->Insert('UserAuthenticationProvider', $Values); } $Sender->RedirectUrl = Url('/settings/jsconnect'); } } } else { if ($client_id) { $Provider = self::GetProvider($client_id); TouchValue('Trusted', $Provider, 1); } else { $Provider = array(); } $Form->SetData($Provider); } $Sender->SetData('Title', sprintf(T($client_id ? 'Edit %s' : 'Add %s'), T('Connection'))); $Sender->Render('Settings_AddEdit', '', 'plugins/jsconnect'); }