/**
* Process the "change password" submission.
*
* @param \VuFind\Db\Row\User $user Logged in user
* @param \VuFind\Db\Row\UserCard $card Library card
*
* @return object|bool Response object if redirect is needed, false if form
* needs to be redisplayed.
*/
protected function processPasswordChange($user, $card)
{
$post = $this->getRequest()->getPost();
$userFromHash = isset($post->hash) ? $this->getTable('User')->getByVerifyHash($post->hash) : false;
$oldPassword = $this->params()->fromPost('oldpwd', '');
$password = $this->params()->fromPost('password', '');
$password2 = $this->params()->fromPost('password2', '');
// Validate new password
try {
$ilsAuth = $this->getServiceLocator()->get('VuFind\\AuthPluginManager')->get('ILS');
$ilsAuth->validatePasswordInUpdate(['password' => $password, 'password2' => $password2]);
} catch (AuthException $e) {
$this->flashMessenger()->addMessage($e->getMessage(), 'error');
return false;
}
// Missing or invalid hash
if (false == $userFromHash) {
$this->flashMessenger()->addMessage('recovery_user_not_found', 'error');
return false;
} elseif ($userFromHash->username !== $user->username) {
$this->flashMessenger()->addMessage('authentication_error_invalid', 'error');
return false;
}
// Connect to the ILS and check that the credentials are correct:
$catalog = $this->getILS();
$patron = $catalog->patronLogin($card->cat_username, $oldPassword);
if (!$patron) {
$this->flashMessenger()->addMessage('authentication_error_invalid', 'error');
return false;
}
$result = $catalog->changePassword(['patron' => $patron, 'oldPassword' => $oldPassword, 'newPassword' => $password]);
if (!$result['success'] && $result['status'] == 'authentication_error_invalid' && !empty($oldPassword)) {
// Try again with empty old password just in case this was a user that
// was logged in with the fallback login field
$result = $catalog->changePassword(['patron' => $patron, 'oldPassword' => '', 'newPassword' => $password]);
}
if (!$result['success']) {
$this->flashMessenger()->addMessage($result['status'], 'error');
return false;
}
$user->saveLibraryCard($card->id, $card->card_name, $card->cat_username, $password);
if ($user->cat_username === $card->cat_username) {
$user->saveCredentials($card->cat_username, $password);
}
$user->updateHash();
$this->flashMessenger()->addSuccessMessage('new_password_success');
return $this->redirect()->toRoute('librarycards-home');
}
/**
* Helper function for recoverAction
*
* @param \VuFind\Db\Row\User $user User object we're recovering
* @param \VuFind\Config $config Configuration object
*
* @return void (sends email or adds error message)
*/
protected function sendRecoveryEmail($user, $config)
{
// If we can't find a user
if (null == $user) {
$this->flashMessenger()->setNamespace('error')->addMessage('recovery_user_not_found');
} else {
// Make sure we've waiting long enough
$hashtime = $this->getHashAge($user->verify_hash);
$recoveryInterval = isset($config->Authentication->recover_interval) ? $config->Authentication->recover_interval : 60;
if (time() - $hashtime < $recoveryInterval) {
$this->flashMessenger()->setNamespace('error')->addMessage('recovery_too_soon');
} else {
// Attempt to send the email
try {
// Create a fresh hash
$user->updateHash();
$config = $this->getConfig();
$renderer = $this->getViewRenderer();
$method = $this->getAuthManager()->getAuthMethod();
// Custom template for emails (text-only)
$message = $renderer->render('Email/recover-password.phtml', ['library' => $config->Site->title, 'url' => $this->getServerUrl('myresearch-verify') . '?hash=' . $user->verify_hash . '&auth_method=' . $method]);
$this->getServiceLocator()->get('VuFind\\Mailer')->send($user->email, $config->Site->email, $this->translate('recovery_email_subject'), $message);
$this->flashMessenger()->setNamespace('info')->addMessage('recovery_email_sent');
} catch (MailException $e) {
$this->flashMessenger()->setNamespace('error')->addMessage($e->getMessage());
}
}
}
}
/**
* Process the "change password" submission.
*
* @param \VuFind\Db\Row\User $user Logged in user
* @param \VuFind\Db\Row\UserCard $card Library card
*
* @return object|bool Response object if redirect is needed, false if form
* needs to be redisplayed.
*/
protected function processPasswordChange($user, $card)
{
$post = $this->getRequest()->getPost();
$userFromHash = isset($post->hash) ? $this->getTable('User')->getByVerifyHash($post->hash) : false;
$oldPassword = $this->params()->fromPost('oldpwd', '');
$password = $this->params()->fromPost('password', '');
$password2 = $this->params()->fromPost('password2', '');
if ($oldPassword === '' || $password === '' || $password2 === '') {
$this->flashMessenger()->addMessage('authentication_error_blank', 'error');
return false;
}
// Missing or invalid hash
if (false == $userFromHash) {
$this->flashMessenger()->addMessage('recovery_user_not_found', 'error');
return false;
} elseif ($userFromHash->username !== $user->username) {
$this->flashMessenger()->addMessage('authentication_error_invalid', 'error');
return false;
}
// Connect to the ILS and check that the credentials are correct:
$catalog = $this->getILS();
$patron = $catalog->patronLogin($card->cat_username, $oldPassword);
if (!$patron) {
$this->flashMessenger()->addMessage('authentication_error_invalid', 'error');
return false;
}
if ($password !== $password2) {
$this->flashMessenger()->addMessage('Passwords do not match', 'error');
return false;
}
$result = $catalog->changePassword(['patron' => $patron, 'oldPassword' => $oldPassword, 'newPassword' => $password]);
if (!$result['success']) {
$this->flashMessenger()->addMessage($result['status'], 'error');
return false;
}
$user->saveLibraryCard($card->id, $card->card_name, $card->cat_username, $password);
if ($user->cat_username === $card->cat_username) {
$user->saveCredentials($card->cat_username, $password);
}
$user->updateHash();
$this->flashMessenger()->addMessage('new_password_success', 'info');
return $this->redirect()->toRoute('librarycards-home');
}
