/**
* Resets user's password and send it to email
* @param UserAccount $user
*/
public function resetPassword(UserAccount $user)
{
if ($user->status != UserAccount::STATUS_ACTIVE) {
if (!$this->allowActivationOnPasswordReset) {
throw new CException('Can\'t reset password for inactive users.');
} else {
$identity = Identity::model()->findByAttributes(array('user_id' => $user->id, 'type' => Identity::TYPE_EMAIL, 'status' => Identity::STATUS_NEED_CONFIRMATION));
$identity->userIdentityConfirmation->confirm();
}
}
$emailAddr = $user->getActiveEmail();
$newPassword = $this->randomPassword();
$user->setPassword($newPassword);
$user->save(false, array('password'));
$email = new YiiMailer('resetPassword', $data = array('newPassword' => $newPassword, 'description' => $description = 'Password reset'));
$email->setSubject($description);
$email->setTo($emailAddr);
$email->setFrom(Yii::app()->params['noreplyAddress'], Yii::app()->name, FALSE);
Yii::log('Sendign reset password mail to ' . $emailAddr);
if ($email->send()) {
Yii::log('Ok');
} else {
Yii::log('Failed');
throw new CException('Failed to send the email');
}
}
public function actionRecovery()
{
$form = new RecoveryForm();
if ($this->request->isPostRequest) {
$form->attributes = $_POST['RecoveryForm'];
if ($form->validate()) {
$user = Identity::model()->findByAttributes(array('identity' => $form->email, 'type' => Identity::TYPE_EMAIL))->userAccount;
$this->module->resetPassword($user);
Yii::app()->user->setFlash('success', 'New password had been sent to your email address.');
$this->redirect(array($this->module->loginUrl));
}
}
$this->render('recovery', array('model' => $form));
}
/**
* Provides ability to change password and email address.
* If user want to change email it will be changed after confirmation of
* new email address.
*
* @throws CException
*/
public function actionEdit()
{
$identity = Identity::model()->findByAttributes(array('user_id' => Yii::app()->user->id));
$newPassword = new ChangePasswordForm();
if ($this->request->isPostRequest) {
if ($identity->identity !== $_POST['Identity']['identity']) {
$newEmail = $_POST['Identity']['identity'];
$storedIdentity = clone $identity;
$identity->identity = $newEmail;
}
$newPassword->attributes = $_POST['ChangePasswordForm'];
$isFormValid = $newPassword->validate();
if ($isFormValid && $newEmail) {
$isFormValid = $identity->validate();
}
if ($isFormValid && isset($newEmail)) {
$identity->status = Identity::STATUS_NEED_CONFIRMATION;
$identity->isNewRecord = true;
$identity->id = null;
$identity->save();
$confirmation = $identity->startConfirmation(IdentityConfirmation::TYPE_EMAIL_REPLACE_CONFIRMATION);
$activationUrl = $this->createAbsoluteUrl($this->module->confirmationUrl, array('key' => $confirmation->key));
$email = new YiiMailer('changeEmail', $data = array('activationUrl' => $activationUrl, 'description' => $description = 'Email change confirmation'));
$email->setSubject($description);
$email->setTo($identity->identity);
$email->setFrom(Yii::app()->params['noreplyAddress'], Yii::app()->name, FALSE);
Yii::log('Sendign email change confirmation to ' . $identity->identity . ' with data: ' . var_export($data, true));
// @TODO: catch mailing exceptions here, to give user right messages
if ($email->send()) {
Yii::log('Ok');
} else {
Yii::log('Failed');
throw new CException('Failed to send the email');
}
Yii::app()->user->setFlash('info', 'Your new email will be applied after confirmation. Please, check this email address ' . $newEmail . '. You should get confirmation mail there.');
}
if ($isFormValid) {
$user = $identity->userAccount;
if ($newPassword->password && !$user->passwordEquals($newPassword->password)) {
$user->setPassword($newPassword->password);
$user->save();
Yii::app()->user->setFlash('success', 'Password has been changed successfully');
}
}
if ($isFormValid) {
$this->redirect(array($this->module->afterIdentityEditedUrl));
}
}
$this->render('edit', array('identity' => $identity, 'newPassword' => $newPassword));
}
public function authenticate()
{
$identityRow = Identity::model()->findByAttributes(array('identity' => $this->username, 'type' => Identity::TYPE_EMAIL, 'status' => Identity::STATUS_CONFIRMED));
if ($identityRow) {
$user = $identityRow->userAccount;
}
if (!$identityRow || !$user) {
$this->errorCode = self::ERROR_UNKNOWN_IDENTITY;
} else {
if (!$user->passwordEquals($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
if ($user->status != UserAccount::STATUS_ACTIVE) {
$this->errorCode = self::ERROR_USER_NOT_ACTIVE;
} else {
$this->errorCode = self::ERROR_NONE;
$this->setState('id', $user->id);
$this->setState('username', $user->profile->username);
}
}
}
return !$this->errorCode;
}
/**
* @returns string Active email
*/
public function getActiveEmail()
{
$identity = Identity::model()->findByAttributes(array('status' => Identity::STATUS_CONFIRMED, 'type' => Identity::TYPE_EMAIL, 'user_id' => $this->id));
return !$identity ? null : $identity->identity;
}
