/**
* Creates new confirmation token and sends it to the user.
*
* @return bool
*/
public function resend()
{
if (!$this->validate()) {
return false;
}
/** @var Token $token */
$token = Yii::createObject(['class' => Token::className(), 'userId' => $this->user->id, 'type' => Token::TYPE_CONFIRMATION]);
$token->save(false);
$this->mailer->sendConfirmationMessage($this->user, $token);
Yii::$app->session->setFlash('info', Yii::t('users', 'A message has been sent to your email address. It contains a confirmation link that you must click to complete registration.'));
return true;
}
/**
* This method attempts changing user email. If user's "unconfirmedEmail" field is empty is returns false, else if
* somebody already has email that equals user's "unconfirmedEmail" it returns false, otherwise returns true and
* updates user's password.
*
* @param string $code
*
* @return bool
* @throws \Exception
*/
public function attemptEmailChange($code)
{
/** @var Token $token */
$token = Token::find()->where(['userId' => $this->id, 'code' => $code])->andWhere(['in', 'type', [Token::TYPE_CONFIRM_NEW_EMAIL, Token::TYPE_CONFIRM_OLD_EMAIL]])->one();
if (empty($this->unconfirmedEmail) || $token === null || $token->isExpired) {
Yii::$app->session->setFlash('danger', Yii::t('users', 'Your confirmation token is invalid or expired'));
} else {
$token->delete();
if (empty($this->unconfirmedEmail)) {
Yii::$app->session->setFlash('danger', Yii::t('users', 'An error occurred processing your request'));
} elseif (User::find()->andWhere(['email' => $this->unconfirmedEmail])->exists() == false) {
if ($this->module->emailChangeStrategy == Module::STRATEGY_SECURE) {
switch ($token->type) {
case Token::TYPE_CONFIRM_NEW_EMAIL:
$this->flags |= self::NEW_EMAIL_CONFIRMED;
Yii::$app->session->setFlash('success', Yii::t('users', 'Awesome, almost there. Now you need to click the confirmation link sent to your old email address'));
break;
case Token::TYPE_CONFIRM_OLD_EMAIL:
$this->flags |= self::OLD_EMAIL_CONFIRMED;
Yii::$app->session->setFlash('success', Yii::t('users', 'Awesome, almost there. Now you need to click the confirmation link sent to your new email address'));
break;
}
}
if ($this->module->emailChangeStrategy == Module::STRATEGY_DEFAULT || $this->flags & self::NEW_EMAIL_CONFIRMED && $this->flags & self::OLD_EMAIL_CONFIRMED) {
$this->email = $this->unconfirmedEmail;
$this->unconfirmedEmail = null;
Yii::$app->session->setFlash('success', Yii::t('users', 'Your email address has been changed'));
}
$this->save(false);
}
}
}
/**
* Displays page where user can reset password.
*
* @param int $id
* @param string $code
*
* @return string
* @throws \yii\web\NotFoundHttpException
*/
public function actionReset($id, $code)
{
if (!$this->module->enablePasswordRecovery) {
throw new NotFoundHttpException();
}
/** @var Token $token */
$token = Token::find()->where(['userId' => $id, 'code' => $code, 'type' => Token::TYPE_RECOVERY])->one();
$event = $this->getResetPasswordEvent($token);
$this->trigger(self::EVENT_BEFORE_TOKEN_VALIDATE, $event);
if ($token === null || $token->isExpired || $token->user === null) {
$this->trigger(self::EVENT_AFTER_TOKEN_VALIDATE, $event);
Yii::$app->session->setFlash('danger', Yii::t('users', 'Recovery link is invalid or expired. Please try requesting a new one.'));
return $this->render('/message', ['title' => Yii::t('users', 'Invalid or expired link'), 'module' => $this->module]);
}
/** @var RecoveryForm $model */
$model = Yii::createObject(['class' => RecoveryForm::className(), 'scenario' => 'reset']);
$event->setForm($model);
$this->performAjaxValidation($model);
$this->trigger(self::EVENT_BEFORE_RESET, $event);
if ($model->load(Yii::$app->getRequest()->post()) && $model->resetPassword($token)) {
$this->trigger(self::EVENT_AFTER_RESET, $event);
return $this->render('/message', ['title' => Yii::t('users', 'Password has been changed'), 'module' => $this->module]);
}
return $this->render('reset', ['model' => $model]);
}
/**
* Sends a confirmation message to both old and new email addresses with link to confirm changing of email.
*
* @throws \yii\base\InvalidConfigException
*/
protected function secureEmailChange()
{
$this->defaultEmailChange();
/** @var Token $token */
$token = Yii::createObject(['class' => Token::className(), 'userId' => $this->user->id, 'type' => Token::TYPE_CONFIRM_OLD_EMAIL]);
$token->save(false);
$this->mailer->sendReconfirmationMessage($this->user, $token);
// unset flags if they exist
$this->user->flags &= ~User::NEW_EMAIL_CONFIRMED;
$this->user->flags &= ~User::OLD_EMAIL_CONFIRMED;
$this->user->save(false);
Yii::$app->session->setFlash('info', Yii::t('users', 'We have sent confirmation links to both old and new email addresses. You must click both links to complete your request'));
}
/**
* Resets user's password.
*
* @param Token $token
*
* @return bool
*/
public function resetPassword(Token $token)
{
if (!$this->validate() || $token->user === null) {
return false;
}
if ($token->user->resetPassword($this->password)) {
Yii::$app->session->setFlash('success', Yii::t('users', 'Your password has been changed successfully.'));
$token->delete();
} else {
Yii::$app->session->setFlash('danger', Yii::t('users', 'An error occurred and your password has not been changed. Please try again later.'));
}
return true;
}