/** * Sends recovery message. * * @return bool */ public function sendRecoveryMessage() { if ($this->validate()) { /** @var Token $token */ $token = \Yii::createObject(['class' => Token::className(), 'user_id' => $this->user->id, 'type' => Token::TYPE_RECOVERY]); $token->save(false); $this->mailer->sendRecoveryMessage($this->user, $token); \Yii::$app->session->setFlash('info', \Yii::t('user', 'An email has been sent with instructions for resetting your password')); return true; } return false; }
/** * This method is used to register new user account. If Module::enableConfirmation is set true, this method * will generate new confirmation token and use mailer to send it to the user. Otherwise it will log the user in. * If Module::enableGeneratingPassword is set true, this method will generate new 8-char password. After saving user * to database, this method uses mailer component to send credentials (username and password) to user via email. * * @return bool */ public function register() { if ($this->getIsNewRecord() == false) { throw new \RuntimeException('Calling "' . __CLASS__ . '::' . __METHOD__ . '" on existing user'); } if ($this->module->enableConfirmation == false) { $this->confirmed_at = time(); } if ($this->module->enableGeneratingPassword) { $this->password = Password::generate(8); } $this->trigger(self::USER_REGISTER_INIT); if ($this->save()) { $this->trigger(self::USER_REGISTER_DONE); if ($this->module->enableConfirmation) { $token = \Yii::createObject(['class' => Token::className(), 'type' => Token::TYPE_CONFIRMATION]); $token->link('user', $this); $this->mailer->sendConfirmationMessage($this, $token); } else { \Yii::$app->user->login($this); } if ($this->module->enableGeneratingPassword) { $this->mailer->sendWelcomeMessage($this); } \Yii::$app->session->setFlash('info', $this->getFlashMessage()); \Yii::getLogger()->log('User has been registered', Logger::LEVEL_INFO); return true; } \Yii::getLogger()->log('An error occurred while registering user account', Logger::LEVEL_ERROR); return false; }
use yii\helpers\Html; $I = new FunctionalTester($scenario); $I->wantTo('ensure that account settings page work'); $page = LoginPage::openBy($I); $user = $I->getFixture('user')->getModel('user'); $page->login($user->username, 'qwerty'); $page = SettingsPage::openBy($I); $I->amGoingTo('check that current password is required and must be valid'); $page->update($user->email, $user->username, 'wrong'); $I->see('Current password is not valid'); $I->amGoingTo('check that email is changing properly'); $page->update('*****@*****.**', $user->username, 'qwerty'); $I->seeRecord(User::className(), ['email' => $user->email, 'unconfirmed_email' => '*****@*****.**']); $I->see('A confirmation message has been sent to your new email address'); $user = $I->grabRecord(User::className(), ['id' => $user->id]); $token = $I->grabRecord(Token::className(), ['user_id' => $user->id, 'type' => Token::TYPE_CONFIRM_NEW_EMAIL]); $I->seeInEmail(Html::encode($token->getUrl())); $I->seeInEmailRecipients($user->unconfirmed_email); Yii::$app->user->logout(); $I->amGoingTo('log in using new email address before clicking the confirmation link'); $page = LoginPage::openBy($I); $page->login('*****@*****.**', 'qwerty'); $I->see('Invalid login or password'); $I->amGoingTo('log in using new email address after clicking the confirmation link'); $user->attemptEmailChange($token->code); $page->login('*****@*****.**', 'qwerty'); $I->see('Logout'); $I->seeRecord(User::className(), ['id' => 1, 'email' => '*****@*****.**', 'unconfirmed_email' => null]); $I->amGoingTo('reset email changing process'); $page = SettingsPage::openBy($I); $page->update('*****@*****.**', $user->username, 'qwerty');
/** * Sends a confirmation message to both old and new email addresses with link to confirm changing of email. * @throws \yii\base\InvalidConfigException */ protected function secureEmailChange() { $this->defaultEmailChange(); /** @var Token $token */ $token = \Yii::createObject(['class' => Token::className(), 'user_id' => $this->user->id, 'type' => Token::TYPE_CONFIRM_OLD_EMAIL]); $token->save(false); $this->mailer->sendReconfirmationMessage($this->user, $token); // unset flags if they exist $this->user->flags &= ~User::NEW_EMAIL_CONFIRMED; $this->user->flags &= ~User::OLD_EMAIL_CONFIRMED; $this->user->save(false); \Yii::$app->session->setFlash('info', \Yii::t('user', 'We have sent confirmation links to both old and new email addresses. You must click both links to complete your request')); }
/** * Creates new confirmation token and sends it to the user. * * @return bool */ public function resend() { if (!$this->validate()) { return false; } /** @var Token $token */ $token = \Yii::createObject(['class' => Token::className(), 'user_id' => $this->user->id, 'type' => Token::TYPE_CONFIRMATION]); $token->save(false); $this->mailer->sendConfirmationMessage($this->user, $token); \Yii::$app->session->setFlash('info', \Yii::t('user', 'A message has been sent to your email address. It contains a confirmation link that you must click to complete registration.')); return true; }
$I->wantTo('ensure that password recovery works'); $page = RecoveryPage::openBy($I); $I->amGoingTo('try to request recovery token for unconfirmed account'); $user = $I->getFixture('user')->getModel('unconfirmed'); $page->recover($user->email); $I->see('You need to confirm your email address'); $I->amGoingTo('try to request recovery token'); $user = $I->getFixture('user')->getModel('user'); $page->recover($user->email); $I->see('An email has been sent with instructions for resetting your password'); $user = $I->grabRecord(User::className(), ['email' => $user->email]); $token = $I->grabRecord(Token::className(), ['user_id' => $user->id, 'type' => Token::TYPE_RECOVERY]); $I->seeInEmail(Html::encode($token->getUrl())); $I->seeInEmailRecipients($user->email); $I->amGoingTo('reset password with invalid token'); $user = $I->getFixture('user')->getModel('user_with_expired_recovery_token'); $token = $I->grabRecord(Token::className(), ['user_id' => $user->id, 'type' => Token::TYPE_RECOVERY]); $I->amOnPage(Url::toRoute(['/user/recovery/reset', 'id' => $user->id, 'code' => $token->code])); $I->see('Recovery link is invalid or expired. Please try requesting a new one.'); $I->amGoingTo('reset password'); $user = $I->getFixture('user')->getModel('user_with_recovery_token'); $token = $I->grabRecord(Token::className(), ['user_id' => $user->id, 'type' => Token::TYPE_RECOVERY]); $I->amOnPage(Url::toRoute(['/user/recovery/reset', 'id' => $user->id, 'code' => $token->code])); $I->fillField('#recovery-form-password', 'newpass'); $I->click('Finish'); $I->see('Your password has been changed successfully.'); $page = LoginPage::openBy($I); $page->login($user->email, 'qwerty'); $I->see('Invalid login or password'); $page->login($user->email, 'newpass'); $I->dontSee('Invalid login or password');