public function testSave()
{
$user = $this->user('testUser');
$form = new PasswordResetForm($user);
$password = '******';
$form->password = $password;
$form->confirm = $form->password;
$form->save();
$user->refresh();
$this->assertTrue(PasswordUtil::validatePassword($password, $user->password));
$this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id)));
// Test validation as well, as a "bonus", since there needn't be any
// fixture loading for it, and it thus saves a few seconds when running
// the test:
$form = new PasswordResetForm($user);
$passwords = array(false => array('n#6', 'ninininini'), true => array('D83*@)1', 'this that and the next thing'));
foreach ($passwords as $good => $passes) {
foreach ($passes as $pass) {
$form->password = $pass;
$form->confirm = $pass;
$this->assertEquals($good, $form->validate(array('password')));
}
}
}
public function actionPasswordReset($token)
{
try {
$model = new PasswordResetForm($token);
} catch (InvalidParamException $e) {
throw new BadRequestHttpException($e->getMessage());
}
if ($model->load(Yii::$app->request->post()) && $model->validate() && $model->resetPassword()) {
Yii::$app->getSession()->setFlash('success', 'Спасибо! Пароль успешно изменён.');
return $this->goHome();
}
return $this->render('passwordReset', ['model' => $model]);
}
/**
* Allows password reset
*/
public function actionResetPassword()
{
$this->layout = '//layouts/accession';
$this->pageTitle = 'Reset Password | ' . Yii::app()->name;
if (!Yii::app()->user->isGuest) {
// can't be here
$this->redirect(array('site/dashboard'));
}
$PasswordResetForm = new PasswordResetForm();
$User = new User();
$User->scenario = 'resetPassword';
if ($_GET['hash']) {
$User = User::model()->findByAttributes(array('reset_hash' => $_GET['hash']));
if (!is_null($User)) {
if ($_POST['PasswordResetForm']) {
$PasswordResetForm->attributes = $_POST['PasswordResetForm'];
if ($PasswordResetForm->validate()) {
// submitting updated password
$User->password1 = $_POST['PasswordResetForm']['password'];
$User->password2 = $_POST['PasswordResetForm']['password_repeat'];
$User->reset_hash = '';
$User->verified = 1;
if ($User->save(true, array('password', 'reset_hash', 'verified'))) {
Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below');
$this->redirect(array('site/login'));
}
}
}
$User->password2 = '';
$User->password1 = '';
} else {
// Check for a contact user
$Store = $this->getContactStoreByHash($_GET['hash']);
$Accession = $Store->store2contact->accession;
if (!is_null($Store)) {
$PasswordResetForm = new PasswordResetForm();
if ($_POST['PasswordResetForm']) {
$PasswordResetForm->attributes = $_POST['PasswordResetForm'];
if ($PasswordResetForm->validate()) {
$Accession->password = hash('sha256', $_POST['PasswordResetForm']['password'] . SHASALT);
$Accession->reset_hash = '';
$Accession->save(true, array('password', 'reset_hash'));
Yii::app()->user->setFlash('success', 'We\'ve saved your new password. Please log in below');
$this->redirect(array('site/login'));
}
}
} else {
$User = new User();
$User->addError('email', 'That hash is expired or has been used. Please generate a new one below.');
unset($_GET['hash']);
}
}
} elseif ($_POST['PasswordResetForm']['email']) {
if (!strlen(trim($_POST['PasswordResetForm']['email']))) {
$User->addError('email', 'A valid email address is required.');
} else {
// trying to reset an email address
// Check admin users first
$User = User::model()->findByAttributes(array('email' => $_POST['PasswordResetForm']['email']));
if (!is_null($User)) {
// Admin user found. Send email
$User->sendPasswordResetEmail();
} else {
$Store = new Store();
// Check for a contact user
$Store = $this->getContactStore($Store->encryptEmail($_POST['PasswordResetForm']['email']));
if (!is_null($Store)) {
$Store->sendPasswordResetEmail();
} else {
$User = new User();
}
}
}
}
$this->render('resetPassword', array('User' => $User, 'PasswordResetForm' => $PasswordResetForm));
}
