/**
* Migrates the old sha1 based password hash to sha512 hashes and returns the updated user information
*
* @param int $userId
* @param string $password
*
* @return array
*/
private function migratePasswordHashToSha512($userId, $password)
{
$salt = $this->secureHelper->salt(self::SALT_LENGTH);
$updateValues = ['pwd' => $this->secureHelper->generateSaltedPassword($salt, $password, 'sha512'), 'pwd_salt' => $salt];
$this->userRepository->update($updateValues, $userId);
return $this->userRepository->getOneById($userId);
}
/**
* @param array $formData
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse
*/
protected function executePost(array $formData)
{
return $this->actionHelper->handlePostAction(function () use($formData) {
$this->accountForgotPasswordFormValidation->validate($formData);
$newPassword = $this->secureHelper->salt(Users\Model\UserModel::SALT_LENGTH);
$user = $this->fetchUserByFormFieldValue($formData['nick_mail']);
$mailIsSent = $this->sendPasswordChangeEmail($user, $newPassword);
// Das Passwort des Benutzers nur abändern, wenn die E-Mail erfolgreich versendet werden konnte
if ($mailIsSent === true) {
$salt = $this->secureHelper->salt(Users\Model\UserModel::SALT_LENGTH);
$updateValues = ['pwd' => $this->secureHelper->generateSaltedPassword($salt, $newPassword, 'sha512'), 'pwd_salt' => $salt, 'login_errors' => 0];
$bool = $this->userRepository->update($updateValues, $user['id']);
}
$this->setTemplate($this->get('core.helpers.alerts')->confirmBox($this->translator->t('users', $mailIsSent === true && isset($bool) && $bool !== false ? 'forgot_pwd_success' : 'forgot_pwd_error'), $this->appPath->getWebRoot()));
}, $this->request->getFullPath());
}
