public function initEmail()
{
$userService = new \UserService();
$this->tempPass = $this->request->getVal('tempPass');
if (empty($this->tempPass)) {
$this->tempPass = $userService->resetPassword($this->targetUser);
}
}
protected function returnSuccess($user)
{
$newPassword = UserService::resetPassword($user);
$message = $newPassword ? "" : Yii::t('user', 'An email was sent with a new password');
if ($this->isAjax()) {
echo CJSON::encode(array('result' => $newPassword ? 0 : -1, 'message' => $message));
Yii::app()->end();
} else {
if ($emailSent) {
Flashes::addInfoFlash($message);
$this->getController()->redirect(Yii::app()->user->returnUrl);
}
}
}
/**
* Reset password using token and new password
*
* @param Request $request
* @return array
*/
public function put(Request $request)
{
$token = Arr::get($this->getContentAsArray($request), 'token');
// Ensure token is valid
$token = $this->userService->findTokenBy(['token' => $token, 'token_type_id' => TokenEntity::TYPE_RESET_PASSWORD]);
if (!$token) {
return $this->createNotFoundResponse();
}
if ($token->getExpires() < time()) {
return $this->createNotFoundResponse();
}
$user = $this->userService->findById($token->getUserId());
if (!$user) {
return $this->createNotFoundResponse();
}
$password = Arr::get($this->getContentAsArray($request), 'password');
// Ensure user input is valid
if (!$password) {
return $this->createErrorResponse(['password' => ['EMPTY']], 422);
}
$this->userService->resetPassword($user, $password);
$this->userService->deleteToken($token);
return $this->userArrayWithoutPassword($user);
}
/**
* @brief sends an email to username's address
* @details
* if success, send email
* if no email addy for username, set error and msg
* if no username, set error and msg
* @requestParam string username
* @responseParam string result [ok/noemail/error/null]
* @responseParam string msg - result message
*/
public function mailPassword()
{
$loginForm = new LoginForm($this->wg->request);
if ($this->wg->request->getText('username', '') != '') {
$loginForm->mUsername = $this->wg->request->getText('username');
}
if ($loginForm->mUsername == '') {
$this->setErrorResponse('userlogin-error-noname');
return;
}
if (!$this->wg->Auth->allowPasswordChange()) {
$this->setErrorResponse('userlogin-error-resetpass_forbidden');
return;
}
if ($this->wg->User->isBlocked()) {
$this->setErrorResponse('userlogin-error-blocked-mailpassword');
return;
}
$user = User::newFromName($loginForm->mUsername);
if (!$user instanceof User) {
$this->setErrorResponse('userlogin-error-noname');
return;
}
if ($user->getID() == 0) {
$this->setErrorResponse('userlogin-error-nosuchuser');
return;
}
if ($user->isPasswordReminderThrottled()) {
$throttleTTL = round($this->wg->PasswordReminderResendTime, 3);
$this->setErrorResponse('userlogin-error-throttled-mailpassword', $throttleTTL);
return;
}
/// Get a temporary password
$userService = new \UserService();
$tempPass = $userService->resetPassword($user);
$resp = F::app()->sendRequest('Email\\Controller\\ForgotPassword', 'handle', ['targetUser' => $user, 'tempPass' => $tempPass]);
$data = $resp->getData();
if (!empty($data['result']) && $data['result'] == 'ok') {
$this->setSuccessResponse('userlogin-password-email-sent', $loginForm->mUsername);
} else {
$this->setParsedErrorResponse('userlogin-error-mail-error');
}
}
