/**
* @param array $config
*/
public function createOrUpdateUser($config = array())
{
$defaultConfig = array("username" => "admin", "password" => md5(microtime()));
$settings = array_replace_recursive($defaultConfig, $config);
if ($user = Model\User::getByName($settings["username"])) {
$user->delete();
}
$user = Model\User::create(array("parentId" => 0, "username" => $settings["username"], "password" => \Pimcore\Tool\Authentication::getPasswordHash($settings["username"], $settings["password"]), "active" => true));
$user->setAdmin(true);
$user->save();
}
public function lostpasswordAction()
{
$username = $this->getParam("username");
if ($username) {
$user = User::getByName($username);
if (!$user instanceof User) {
$this->view->error = "user unknown";
} else {
if ($user->isActive()) {
if ($user->getEmail()) {
$token = Tool\Authentication::generateToken($username, $user->getPassword());
$uri = $this->getRequest()->getScheme() . "://" . $this->getRequest()->getHttpHost();
$loginUrl = $uri . "/admin/login/login/?username="******"&token=" . $token . "&reset=true";
try {
$mail = Tool::getMail(array($user->getEmail()), "Pimcore lost password service");
$mail->setIgnoreDebugMode(true);
$mail->setBodyText("Login to pimcore and change your password using the following link. This temporary login link will expire in 30 minutes: \r\n\r\n" . $loginUrl);
$mail->send();
$this->view->success = true;
} catch (\Exception $e) {
$this->view->error = "could not send email";
}
} else {
$this->view->error = "user has no email address";
}
} else {
$this->view->error = "user inactive";
}
}
}
}
public function init()
{
$this->allParam = $this->getAllParams();
// set api key
$this->apiKey = isset($this->apiKey) ? $this->apiKey : \Pimcore\Model\User::getByName($this->userApiBridgeMagento)->getApiKey();
if (!$this->validateApiKey()) {
die;
// no any error info provided
}
// init api
$this->apiModel = new ApiBridgeMagento_Api();
}
/**
* @param $username
* @param $token
* @param bool $adminRequired
* @return null|User
*/
public static function authenticateToken($username, $token, $adminRequired = false)
{
$user = User::getByName($username);
if (self::isValidUser($user)) {
if ($adminRequired and !$user->isAdmin()) {
return null;
}
$passwordHash = $user->getPassword();
$decrypted = self::tokenDecrypt($passwordHash, $token);
$timestamp = $decrypted[0];
$timeZone = date_default_timezone_get();
date_default_timezone_set("UTC");
if ($timestamp > time() or $timestamp < time() - 60 * 30) {
return null;
}
date_default_timezone_set($timeZone);
return $user;
}
return null;
}
/**
* Enables the test mode. X-pimcore-unit-test-request=true header will be sent.
*/
public function enableTestMode()
{
$this->client->setHeaders("X-pimcore-unit-test-request", "true");
if (!$this->getApiKey()) {
$username = "******";
$password = $username;
$user = User::getByName("{$username}");
if (!$user) {
$apikey = md5(time()) . md5($username);
$user = User::create(array("parentId" => 0, "username" => "rest", "password" => \Pimcore\Tool\Authentication::getPasswordHash($username, $username), "active" => true, "apiKey" => $apikey, "admin" => true));
}
$apikey = $user->getApiKey();
$this->setApiKey($apikey);
}
$this->setTestMode(true);
}
