/** * Action Logout implementation * * @param sfWebRequest $request */ public function executeLogout($request) { $this->getUser()->setAuthenticated(false); TokenTable::getInstance()->deleteAutologinTokens($this->getUser()->getAttribute('uid')); // Delete the autologin-cookie by setting the expiration date to the past $this->getResponse()->setCookie('autologin', 0, 0); $this->redirect('login/index'); }
/** * Asks for a username (email) and sends a password reset token to the address. If the parameter "rid" * exists (click on link in email) and the RID is valid then sets the admin's password to random and emails * it to him/her, so he/she can log in and re-set the password if desired. */ public function passwordResetAction() { $rid = $this->_getParam('rid', false); if (!$rid) { $resetForm = new ViMbAdmin_Form_Auth_PasswordReset(); if ($this->getRequest()->isPost() && $resetForm->isValid($_POST)) { $username = $resetForm->getValue('username'); $adminModel = Doctrine_Query::create()->from('Admin')->where('username = ?', $username)->fetchOne(); if (!$adminModel) { $this->addMessage(_('User does not exist.'), ViMbAdmin_Message::ERROR); } else { $tokenModel = TokenTable::addToken($adminModel, 'PASSWORD_RESET', null, null); $mailer = new Zend_Mail(); $mailer->setSubject(_('ViMbAdmin :: Password Reset')); $mailer->addTo($adminModel->username); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $this->view->tokenModel = $tokenModel; $this->view->adminModel = $adminModel; $mailer->setBodyText($this->view->render('auth/email/password_reset.phtml')); $mailer->send(); $this->addMessage(_('We have sent you an email with further details.'), ViMbAdmin_Message::SUCCESS); $this->_redirect('auth/login'); } } $this->view->resetForm = $resetForm; } elseif (strlen($rid) != 32) { $this->addMessage(_('Invalid token.'), ViMbAdmin_Message::ERROR); } else { $tokenModel = Doctrine::getTable('Token')->findOneByRid($rid); if (!$tokenModel) { $this->addMessage(_('Invalid token.'), ViMbAdmin_Message::ERROR); } else { $password = TokenTable::createRandomString(10); $tokenModel->Admin->setPassword($password, $this->_options['securitysalt'], true); $mailer = new Zend_Mail(); $mailer->setSubject(_('ViMbAdmin :: Password Reset')); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($tokenModel->Admin->username); $this->view->password = $password; $mailer->setBodyText($this->view->render('auth/email/new_password.phtml')); $mailer->send(); TokenTable::deleteTokens($tokenModel->Admin, 'PASSWORD_RESET'); $this->addMessage(_('We have sent you an email with further details.'), ViMbAdmin_Message::SUCCESS); $this->_redirect('auth/login'); } } }