/**
* Change the password of a user given their e-mail address
*
* The function will change the password of a user given their e-mail
* address. If there are multiple users with the same e-mail address, and
* this should never be the case, all of their passwords would be changed.
*
* The function will generate a new salt for every password change.
*
* @param string $email The e-mail of the user whose password is being
* changed.
* @param string $password The new password.
*
* @return void
*
* @throws PasswordChangeException Thrown when password change has failed.
*
*/
public function changePassword($email, $password)
{
$salt = StringUtils::random();
$hash = Provider::hashPassword($password, $salt);
$user = $this->usersTableGateway->select(['email' => $email])->current();
if (!$user) {
throw new \InvalidArgumentException(__t('User not found'));
}
try {
$update = ['password' => $hash, 'salt' => $salt, 'access_token' => sha1($user->id . StringUtils::random())];
$changed = $this->usersTableGateway->update($update, ['email' => $email]);
if ($changed == 0) {
throw new PasswordChangeException(__t('Could not change password for ') . $email . ': ' . __t('e-mail not found.'));
}
} catch (\PDOException $ex) {
throw new PasswordChangeException(__t('Failed to change password') . ': ' . str($ex));
}
}
return JsonView::render(array('success' => $success));
})->name('auth_permissions');
// debug helper
$app->get("/{$v}/auth/permissions/?", function () use($app, $acl) {
if ('production' === DIRECTUS_ENV) {
return $app->halt('404');
}
$groupPrivileges = $acl->getGroupPrivileges();
JsonView::render(array('groupPrivileges' => $groupPrivileges));
})->name('auth_permissions');
$app->post("/{$v}/hash/?", function () use($app) {
if (!(isset($_POST['password']) && !empty($_POST['password']))) {
return JsonView::render(array('success' => false, 'message' => 'Must provide password.'));
}
$salt = isset($_POST['salt']) && !empty($_POST['salt']) ? $_POST['salt'] : '';
$hashedPassword = Auth::hashPassword($_POST['password'], $salt);
return JsonView::render(array('success' => true, 'password' => $hashedPassword));
});
$app->get("/{$v}/privileges/:groupId/", function ($groupId) use($acl, $ZendDb, $params, $requestPayload, $app) {
$currentUser = Auth::getUserRecord();
$myGroupId = $currentUser['group'];
if ($myGroupId != 1) {
throw new Exception('Permission denied');
}
$privileges = new DirectusPrivilegesTableGateway($acl, $ZendDb);
$response = $privileges->fetchPerTable($groupId);
return JsonView::render($response);
});
$app->map("/{$v}/privileges/:groupId/?", function ($groupId) use($acl, $ZendDb, $params, $requestPayload, $app) {
$currentUser = Auth::getUserRecord();
$myGroupId = $currentUser['group'];
private function updatePassword()
{
$data = [];
$options = $this->options;
foreach ($options as $key => $value) {
switch ($key) {
case 'uid':
case 'u':
$data['id'] = $value;
unset($options[$key]);
break;
case 'upass':
case 'p':
$data['password'] = $value;
unset($options[$key]);
break;
}
}
if (!isset($data['password']) || !isset($data['id'])) {
echo PHP_EOL . __t('Missing User ID or Password') . PHP_EOL;
exit;
}
$zendDb = Bootstrap::get('zendDb');
$userTableGateway = new TableGateway('directus_users', $zendDb);
$result = $userTableGateway->update(['password' => \Directus\Auth\Provider::hashPassword($data['password']), 'access_token' => sha1($data['id'] . \Directus\Util\StringUtils::random())], ['id' => $data['id']]);
$message = 'Error trying to update the password.';
if ($result) {
$message = 'Password updated successfully';
}
echo PHP_EOL . __t($message) . PHP_EOL;
}
