public function lostpasswordAction() { $username = $this->getParam("username"); if ($username) { $user = User::getByName($username); if (!$user instanceof User) { $this->view->error = "user unknown"; } else { if ($user->isActive()) { if ($user->getEmail()) { $token = Tool\Authentication::generateToken($username, $user->getPassword()); $uri = $this->getRequest()->getScheme() . "://" . $this->getRequest()->getHttpHost(); $loginUrl = $uri . "/admin/login/login/?username="******"&token=" . $token . "&reset=true"; try { $mail = Tool::getMail(array($user->getEmail()), "Pimcore lost password service"); $mail->setIgnoreDebugMode(true); $mail->setBodyText("Login to pimcore and change your password using the following link. This temporary login link will expire in 30 minutes: \r\n\r\n" . $loginUrl); $mail->send(); $this->view->success = true; } catch (\Exception $e) { $this->view->error = "could not send email"; } } else { $this->view->error = "user has no email address"; } } else { $this->view->error = "user inactive"; } } } }
public function getTokenLoginLinkAction() { $user = User::getById($this->getParam("id")); if ($user->isAdmin() && !$this->getUser()->isAdmin()) { throw new \Exception("Only admin users are allowed to login as an admin user"); } if ($user) { $token = Tool\Authentication::generateToken($user->getName(), $user->getPassword()); $r = $this->getRequest(); $link = $r->getScheme() . "://" . $r->getHttpHost() . "/admin/login/login/?username="******"&token=" . $token; $this->_helper->json(["link" => $link]); } }