/** * Action to allow a user to change their password * */ public function changePasswordAction() { $this->view->passwordForm = $form = $this->_getFormChangePassword(); if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getUser()->getPassword(), $this->_options['resources']['auth']['oss'])) { $form->getElement('current_password')->addError('Invalid current password'); return $this->forward('index'); } // update the users password $this->getUser()->setPassword(OSS_Auth_Password::hash($form->getValue('new_password'), $this->_options['resources']['auth']['oss'])); $this->getD2EM()->flush(); if ($this->_rememberMeEnabled()) { $this->_deleteRememberMeCookie($this->getUser()); } $this->changePasswordPostFlush(); $form->reset(); $this->getLogger()->info("User {$this->getUser()->getUsername()} changed password"); $this->addMessage(_('Your password has been changed.'), OSS_Message::SUCCESS); $this->redirect('profile/index'); } $this->forward('index'); }
/** * Performs an authentication attempt * * @throws Zend_Auth_Adapter_Exception If authentication cannot be performed * @return Zend_Auth_Result */ public function authenticate() { $user = $this->_em->getRepository($this->_model)->findOneBy(array('username' => $this->_username)); $result = array('code' => Zend_Auth_Result::FAILURE, 'identity' => array('username' => $this->_username), 'messages' => array()); if (!$user) { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $result['identity'], $result['messages']); } $pwcheck = false; if (!$this->_haveCookie) { $pwcheck = OSS_Auth_Password::verify($this->_password, $user->getPassword(), $this->_aoptions); if (!$pwcheck) { if (method_exists($user, 'setFailedLogins')) { $user->setFailedLogins($user->getFailedLogins() + 1); $this->_em->flush(); $result['identity'] = array('count' => $user->getFailedLogins()); } return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $result['identity'], $result['messages']); } } if ($pwcheck || $this->_haveCookie) { $result['code'] = Zend_Auth_Result::SUCCESS; $result['messages'] = array(); $result['identity'] = array('username' => $this->_username, 'user' => $user, 'id' => $user->getId()); } else { die('Huh? This should not have happened....'); } return new Zend_Auth_Result($result['code'], $result['identity'], $result['messages']); }
/** * Action FOR USERS to change the password of their mailbox. */ public function changePasswordAction() { $form = new ViMbAdmin_Form_Mailbox_Password(); if (isset($this->_options['defaults']['mailbox']['min_password_length'])) { $form->setMinPasswordLength($this->_options['defaults']['mailbox']['min_password_length']); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { $mailbox = $this->getD2EM()->getRepository('\\Entities\\Mailbox')->findOneBy(['username' => $form->getValue('username')]); if (!$mailbox) { $this->addMessage(_('Invalid username or password.'), OSS_Message::ERROR); } else { if (OSS_Auth_Password::verify($form->getValue('current_password'), $mailbox->getPassword(), ['pwhash' => $this->_options['defaults']['mailbox']['password_scheme'], 'pwsalt' => isset($this->_options['defaults']['mailbox']['password_salt']) ? $this->_options['defaults']['mailbox']['password_salt'] : null, 'pwdovecot' => isset($this->_options['defaults']['mailbox']['dovecot_pw_binary']) ? $this->_options['defaults']['mailbox']['dovecot_pw_binary'] : null, 'username' => $form->getValue('username')])) { $mailbox->setPassword(OSS_Auth_Password::hash($form->getValue('new_password'), ['pwhash' => $this->_options['defaults']['mailbox']['password_scheme'], 'pwsalt' => isset($this->_options['defaults']['mailbox']['password_salt']) ? $this->_options['defaults']['mailbox']['password_salt'] : null, 'pwdovecot' => isset($this->_options['defaults']['mailbox']['dovecot_pw_binary']) ? $this->_options['defaults']['mailbox']['dovecot_pw_binary'] : null, 'username' => $form->getValue('username')])); $this->getD2EM()->flush(); $this->addMessage(_('You have successfully changed your password.'), OSS_Message::SUCCESS); $this->_redirect('auth/login'); } else { $this->addMessage(_('Invalid username or password.'), OSS_Message::ERROR); } } } $this->view->form = $form; }
/** * Set the password for an admin, and optionally send an email to him/her with the new password. */ public function passwordAction() { $redirectUrl = $this->getAdmin()->isSuper() ? 'admin/list' : 'domain/list'; if (!$this->getTargetAdmin()) { $this->addMessage('Invalid or non-existent admin.', OSS_Message::ERROR); $this->redirect($redirectUrl); } $this->view->targetAdmin = $this->getTargetAdmin(); $self = false; if ($this->getTargetAdmin()->getId() == $this->getAdmin()->getId()) { $self = true; } if (!$this->authorise(true, null, false) && !$self) { $this->getLogger()->alert(sprintf('Admin %s tried to set the password for %s but has no sufficient privileges.', $this->getAdmin()->getUsername(), $this->getTargetAdmin()->getUsername()), OSS_Message::ALERT); $this->addMessage(_('You have insufficient privileges for this task.'), OSS_Message::ERROR); $this->redirect($redirectUrl); } if ($self) { $this->view->form = $form = new ViMbAdmin_Form_Admin_ChangePassword(); } else { $this->view->form = $form = new ViMbAdmin_Form_Admin_Password(); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if ($self) { if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getTargetAdmin()->getPassword(), $this->getOptions()['resources']['auth']['oss'])) { $form->getElement('current_password')->addError('Invalid password.'); return; } } $this->getTargetAdmin()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), $this->_options['resources']['auth']['oss'])); if (!$self) { $this->log(\Entities\Log::ACTION_ADMIN_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for admin {$this->getTargetAdmin()->getFormattedName()}"); } $this->getD2EM()->flush(); if ($form->getValue('email')) { $mailer = $this->getMailer(); $mailer->setSubject(_('ViMbAdmin :: New Password')); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->getTargetAdmin()->getUsername()); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('admin/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $e) { $this->getLogger()->debug($e->getTraceAsString()); $this->addMessage(_('Sending the change password email failed.'), OSS_Message::INFO); } } if (!$self) { $this->addMessage("You have successfully changed the user's password.", OSS_Message::SUCCESS); } else { $this->addMessage("You have successfully changed your password.", OSS_Message::SUCCESS); } $this->redirect($redirectUrl); } }
/** * Action to allow a user to change their profile * */ public function changeProfileAction() { $this->view->profileForm = $form = $this->_getFormProfile(); if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getUser()->getPassword(), $this->_options['resources']['auth']['oss'])) { $form->getElement('current_password')->addError('Invalid current password'); return $this->forward('index'); } // update the users profile $form->assignFormToEntity($this->getUser()->getContact(), $this, true); $this->getUser()->getContact()->setLastUpdated(new DateTime()); $this->getUser()->getContact()->setLastUpdatedBy($this->getUser()->getId()); if (!in_array($this->getUser()->getPrivs(), [\Entities\User::AUTH_CUSTADMIN, \Entities\User::AUTH_SUPERUSER])) { $this->getUser()->setEmail($form->getValue('email')); } $this->getUser()->setLastUpdated(new DateTime()); $this->getUser()->setLastUpdatedBy($this->getUser()->getId()); $this->getD2EM()->flush(); $this->clearUserFromCache(); $this->getLogger()->info("User {$this->getUser()->getUsername()} updated own profile"); $this->addMessage(_('Your profile has been changed.'), OSS_Message::SUCCESS); $this->redirect('profile/index'); } $this->forward('index'); }