/**
* Request password reset.
*
* @access public
* @since 2.0.0
*/
public function PasswordRequest()
{
Gdn::Locale()->SetTranslation('Email', T(UserModel::SigninLabelCode()));
if ($this->Form->IsPostBack() === TRUE) {
$this->Form->ValidateRule('Email', 'ValidateRequired');
if ($this->Form->ErrorCount() == 0) {
try {
$Email = $this->Form->GetFormValue('Email');
if (!$this->UserModel->PasswordRequest($Email)) {
$this->Form->SetValidationResults($this->UserModel->ValidationResults());
}
} catch (Exception $ex) {
$this->Form->AddError($ex->getMessage());
}
if ($this->Form->ErrorCount() == 0) {
$this->Form->AddError('Success!');
$this->View = 'passwordrequestsent';
}
} else {
if ($this->Form->ErrorCount() == 0) {
$this->Form->AddError("Couldn't find an account associated with that email/username.");
}
}
}
$this->Render();
}
/**
* Request password reset.
*
* @access public
* @since 2.0.0
*/
public function PasswordRequest()
{
Gdn::Locale()->SetTranslation('Email', T(UserModel::SigninLabelCode()));
if ($this->Form->IsPostBack() === TRUE) {
$this->Form->ValidateRule('Email', 'ValidateRequired');
if ($this->Form->ErrorCount() == 0) {
try {
$Email = $this->Form->GetFormValue('Email');
if (!$this->UserModel->PasswordRequest($Email)) {
$this->Form->SetValidationResults($this->UserModel->ValidationResults());
Logger::event('password_reset_failure', Logger::INFO, 'Can\'t find account associated with email/username {Input}.', array('Input' => $Email));
}
} catch (Exception $ex) {
$this->Form->AddError($ex->getMessage());
}
if ($this->Form->ErrorCount() == 0) {
$this->Form->AddError('Success!');
$this->View = 'passwordrequestsent';
Logger::event('password_reset_request', Logger::INFO, '{Input} has been sent a password reset email.', array('Input' => $Email));
}
} else {
if ($this->Form->ErrorCount() == 0) {
$this->Form->AddError("Couldn't find an account associated with that email/username.");
Logger::event('password_reset_failure', Logger::INFO, 'Can\'t find account associated with email/username {Input}.', array('Input' => $this->Form->GetValue('Email')));
}
}
}
$this->Render();
}
public function SSO($UserID = FALSE)
{
$this->Permission('Garden.Users.Edit');
$ProviderModel = new Gdn_AuthenticationProviderModel();
$Form = new Gdn_Form();
if ($this->Request->IsPostBack()) {
// Make sure everything has been posted.
$Form->ValidateRule('ClientID', 'ValidateRequired');
$Form->ValidateRule('UniqueID', 'ValidateRequired');
if (!ValidateRequired($Form->GetFormValue('Username')) && !ValidateRequired($Form->GetFormValue('Email'))) {
$Form->AddError('Username or Email is required.');
}
$Provider = $ProviderModel->GetProviderByKey($Form->GetFormValue('ClientID'));
if (!$Provider) {
$Form->AddError(sprintf('%1$s "%2$s" not found.', T('Provider'), $Form->GetFormValue('ClientID')));
}
if ($Form->ErrorCount() > 0) {
throw new Gdn_UserException($Form->ErrorString());
}
// Grab the user.
$User = FALSE;
if ($Email = $Form->GetFormValue('Email')) {
$User = Gdn::UserModel()->GetByEmail($Email);
}
if (!$User && ($Username = $Form->GetFormValue('Username'))) {
$User = Gdn::UserModel()->GetByUsername($Username);
}
if (!$User) {
throw new Gdn_UserException(sprintf(T('User not found.'), strtolower(T(UserModel::SigninLabelCode()))), 404);
}
// Validate the user's password.
$PasswordHash = new Gdn_PasswordHash();
$Password = $this->Form->GetFormValue('Password', NULL);
if ($Password !== NULL && !$PasswordHash->CheckPassword($Password, GetValue('Password', $User), GetValue('HashMethod', $User))) {
throw new Gdn_UserException(T('Invalid password.'), 401);
}
// Okay. We've gotten this far. Let's save the authentication.
$User = (array) $User;
Gdn::UserModel()->SaveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->GetFormValue('ClientID'), 'UniqueID' => $Form->GetFormValue('UniqueID')));
$Row = Gdn::UserModel()->GetAuthentication($Form->GetFormValue('UniqueID'), $Form->GetFormValue('ClientID'));
if ($Row) {
$this->SetData('Result', $Row);
} else {
throw new Gdn_UserException(T('There was an error saving the data.'));
}
} else {
$User = Gdn::UserModel()->GetID($UserID);
if (!$User) {
throw NotFoundException('User');
}
$Result = Gdn::SQL()->Select('ua.ProviderKey', '', 'ClientID')->Select('ua.ForeignUserKey', '', 'UniqueID')->Select('ua.UserID')->Select('p.Name')->Select('p.AuthenticationSchemeAlias', '', 'Type')->From('UserAuthentication ua')->Join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->Where('UserID', $UserID)->Get()->ResultArray();
$this->SetData('Result', $Result);
}
$this->Render('Blank', 'Utility', 'Dashboard');
}
/**
* @param Gdn_Controller $Sender
* @param array $Args
*/
protected function Settings_AddEdit($Sender, $Args)
{
$client_id = $Sender->Request->Get('client_id');
Gdn::Locale()->SetTranslation('AuthenticationKey', 'Client ID');
Gdn::Locale()->SetTranslation('AssociationSecret', 'Secret');
Gdn::Locale()->SetTranslation('AuthenticateUrl', 'Authentication Url');
$Form = new Gdn_Form();
$Sender->Form = $Form;
if ($Form->AuthenticatedPostBack()) {
if ($Form->GetFormValue('Generate') || $Sender->Request->Post('Generate')) {
$Form->SetFormValue('AuthenticationKey', mt_rand());
$Form->SetFormValue('AssociationSecret', md5(mt_rand()));
$Sender->SetFormSaved(FALSE);
} else {
$Form->ValidateRule('AuthenticationKey', 'ValidateRequired');
// $Form->ValidateRule('AuthenticationKey', 'regex:`^[a-z0-9_-]+$`i', T('The client id must contain only letters, numbers and dashes.'));
$Form->ValidateRule('AssociationSecret', 'ValidateRequired');
$Form->ValidateRule('AuthenticateUrl', 'ValidateRequired');
$Values = $Form->FormValues();
// $Values = ArrayTranslate($Values, array('Name', 'AuthenticationKey', 'URL', 'AssociationSecret', 'AuthenticateUrl', 'SignInUrl', 'RegisterUrl', 'SignOutUrl', 'IsDefault'));
$Values['AuthenticationSchemeAlias'] = 'jsconnect';
$Values['AssociationHashMethod'] = 'md5';
$Values['Attributes'] = serialize(array('HashType' => $Form->GetFormValue('HashType'), 'TestMode' => $Form->GetFormValue('TestMode'), 'Trusted' => $Form->GetFormValue('Trusted', 0)));
if ($Form->ErrorCount() == 0) {
if ($client_id) {
Gdn::SQL()->Put('UserAuthenticationProvider', $Values, array('AuthenticationKey' => $client_id));
} else {
Gdn::SQL()->Options('Ignore', TRUE)->Insert('UserAuthenticationProvider', $Values);
}
$Sender->RedirectUrl = Url('/settings/jsconnect');
}
}
} else {
if ($client_id) {
$Provider = self::GetProvider($client_id);
TouchValue('Trusted', $Provider, 1);
} else {
$Provider = array();
}
$Form->SetData($Provider);
}
$Sender->SetData('Title', sprintf(T($client_id ? 'Edit %s' : 'Add %s'), T('Connection')));
$Sender->Render('Settings_AddEdit', '', 'plugins/jsconnect');
}
