public function testSave() { $user = $this->user('testUser'); $form = new PasswordResetForm($user); $password = '******'; $form->password = $password; $form->confirm = $form->password; $form->save(); $user->refresh(); $this->assertTrue(PasswordUtil::validatePassword($password, $user->password)); $this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id))); // Test validation as well, as a "bonus", since there needn't be any // fixture loading for it, and it thus saves a few seconds when running // the test: $form = new PasswordResetForm($user); $passwords = array(false => array('n#6', 'ninininini'), true => array('D83*@)1', 'this that and the next thing')); foreach ($passwords as $good => $passes) { foreach ($passes as $pass) { $form->password = $pass; $form->confirm = $pass; $this->assertEquals($good, $form->validate(array('password'))); } } }
public function actionPasswordReset($token) { try { $model = new PasswordResetForm($token); } catch (InvalidParamException $e) { throw new BadRequestHttpException($e->getMessage()); } if ($model->load(Yii::$app->request->post()) && $model->validate() && $model->resetPassword()) { Yii::$app->getSession()->setFlash('success', 'Спасибо! Пароль успешно изменён.'); return $this->goHome(); } return $this->render('passwordReset', ['model' => $model]); }
/** * Allows password reset */ public function actionResetPassword() { $this->layout = '//layouts/accession'; $this->pageTitle = 'Reset Password | ' . Yii::app()->name; if (!Yii::app()->user->isGuest) { // can't be here $this->redirect(array('site/dashboard')); } $PasswordResetForm = new PasswordResetForm(); $User = new User(); $User->scenario = 'resetPassword'; if ($_GET['hash']) { $User = User::model()->findByAttributes(array('reset_hash' => $_GET['hash'])); if (!is_null($User)) { if ($_POST['PasswordResetForm']) { $PasswordResetForm->attributes = $_POST['PasswordResetForm']; if ($PasswordResetForm->validate()) { // submitting updated password $User->password1 = $_POST['PasswordResetForm']['password']; $User->password2 = $_POST['PasswordResetForm']['password_repeat']; $User->reset_hash = ''; $User->verified = 1; if ($User->save(true, array('password', 'reset_hash', 'verified'))) { Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below'); $this->redirect(array('site/login')); } } } $User->password2 = ''; $User->password1 = ''; } else { // Check for a contact user $Store = $this->getContactStoreByHash($_GET['hash']); $Accession = $Store->store2contact->accession; if (!is_null($Store)) { $PasswordResetForm = new PasswordResetForm(); if ($_POST['PasswordResetForm']) { $PasswordResetForm->attributes = $_POST['PasswordResetForm']; if ($PasswordResetForm->validate()) { $Accession->password = hash('sha256', $_POST['PasswordResetForm']['password'] . SHASALT); $Accession->reset_hash = ''; $Accession->save(true, array('password', 'reset_hash')); Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below'); $this->redirect(array('site/login')); } } } else { $User = new User(); $User->addError('email', 'That hash is expired or has been used. Please generate a new one below.'); unset($_GET['hash']); } } } elseif ($_POST['PasswordResetForm']['email']) { if (!strlen(trim($_POST['PasswordResetForm']['email']))) { $User->addError('email', 'A valid email address is required.'); } else { // trying to reset an email address // Check admin users first $User = User::model()->findByAttributes(array('email' => $_POST['PasswordResetForm']['email'])); if (!is_null($User)) { // Admin user found. Send email $User->sendPasswordResetEmail(); } else { $Store = new Store(); // Check for a contact user $Store = $this->getContactStore($Store->encryptEmail($_POST['PasswordResetForm']['email'])); if (!is_null($Store)) { $Store->sendPasswordResetEmail(); } else { $User = new User(); } } } } $this->render('resetPassword', array('User' => $User, 'PasswordResetForm' => $PasswordResetForm)); }