Пример #1
0
 public function getForgotAction()
 {
     if ($this->request->isPost()) {
         if ($this->request->isAjax()) {
             if ($this->token->check('token')) {
                 $records = UsersForgotPassword::find()->toArray();
                 $table = array();
                 $i = 0;
                 foreach ($records as $record) {
                     $table[$i] = array();
                     foreach ($record as $n => $v) {
                         $table[$i][$n] = $v;
                         if ($n == 'token' || $n == 'private_key') {
                             $table[$i][$n] = '***';
                         }
                     }
                     $i++;
                 }
                 $records = null;
                 $data = array('data' => $table);
                 return $this->sendAjax($data);
             }
         }
     }
 }
Пример #2
0
 public function resetPassword($publicKey, $token, $newPassword)
 {
     $forgot = UsersForgotPassword::findFirstByToken(rawurldecode($token));
     if ($forgot == false) {
         throw new Auth\Exception(null, 400);
     }
     $privateKey = Crypto::decrypt(rawurldecode($token), rawurldecode($publicKey));
     if ($forgot->private_key != $privateKey) {
         $this->userThrottling($forgot->user->id);
         $hacked = UsersStatus::findFirstByName(self::STATUS_HACKED);
         $forgot->user->status_id = $hacked->id;
         $forgot->save();
         $forgot->delete();
         throw new Auth\Exception(null, 600);
     }
     $active = UsersStatus::findFirstByName(self::STATUS_ACTIVE);
     $forgot->user->status_id = $active->id;
     $forgot->user->password = $this->security->hash($this->passwordHash($newPassword));
     if ($forgot->save() != false && $forgot->delete() != false) {
         $this->flash->success('The new password is stored !');
     } else {
         foreach ($forgot->getMessages() as $message) {
             $this->flash->error($message);
         }
     }
 }