/** * Authorizes the user with his username and password. Initializes * the user session if the user data are valid. * * @access protected * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @return string|boolean */ protected function generateNewPassword(Framework $framework, RequestAbstract $request, Response $response) { $uuid = $request->getRouteParam('uuid'); $token = $request->getRouteParam('token'); if ($uuid === false || !$this->userManager->hasUserForUuid($uuid) || $token === false) { $response->redirectTo('/'); return; } // Load the user $user = $this->userManager->getUserForUuid($uuid); if ($user->getMetaData('passwordRequestToken') == '') { return array('result' => false, 'message' => $this->translate('You haven\'t requested a new password.', '\\Zepi\\Web\\AccessControl')); } // If the validate function returned a string there was an error in the validation. if ($user->getMetaData('passwordRequestToken') !== $token || $user->getMetaData('passwordRequestTokenLifetime') < time()) { return array('result' => false, 'message' => $this->translate('The given token is invalid or expired. Please request a new password.', '\\Zepi\\Web\\AccessControl')); } // Generate a new password $password = $this->generateRandomPassword(); // Save the new password $user->setNewPassword($password); // Reset the token $user->setMetaData('passwordRequestToken', ''); $user->setMetaData('passwordRequestTokenLifetime', 0); // Update the user $this->userManager->updateUser($user); // Send the request mail $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('New password generated', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\GenerateNewPassword', array('user' => $user, 'password' => $password))); return array('result' => true, 'message' => $this->translate('Your new password is generated and saved. You will receive an email with the new password.', '\\Zepi\\Web\\AccessControl')); }
/** * Authorizes the user with his username and password. Initializes * the user session if the user data are valid. * * @access protected * @param \Zepi\Web\UserInterface\Form\Form $registrationForm * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @return string|boolean */ protected function createUser(Form $registrationForm, Framework $framework, RequestAbstract $request, Response $response) { $group = $registrationForm->searchPartByKeyAndType('user-data'); $username = trim($group->getPart('username')->getValue()); $email = trim($group->getPart('email')->getValue()); $password = trim($group->getPart('password')->getValue()); $tos = $group->getPart('tos-accepted')->getValue(); $result = $this->validateData($framework, $username, $email, $password, $tos); // If the validate function returned a string there was an error in the validation. if ($result !== true) { return $result; } // Create the new user $user = new User('', '', $username, '', array('email' => $email)); $user->setNewPassword($password); // Generate an activation code $activationToken = uniqid(md5($email), true); $user->setMetaData('activationToken', $activationToken); $user = $this->userManager->addUser($user); // Add the disabled access level $this->accessControlManager->grantPermission($user->getUuid(), '\\Zepi\\Web\\AccessControl\\Entity\\User', '\\Global\\Disabled', 'Registration'); // Send the registration mail $activationLink = $request->getFullRoute('/activate/' . $user->getUuid() . '/' . $activationToken . '/'); $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('Your registration', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\Registration', array('user' => $user, 'activationLink' => $activationLink))); return true; }
/** * Authorizes the user with his username and password. Initializes * the user session if the user data are valid. * * @access protected * @param \Zepi\Web\UserInterface\Form\Form $form * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @return string|boolean */ protected function sendRequest(Form $form, Framework $framework, RequestAbstract $request, Response $response) { $group = $form->searchPartByKeyAndType('user-data'); $username = trim($group->getPart('username')->getValue()); $result = $this->validateData($framework, $username); // If the validate function returned a string there was an error in the validation. if ($result !== true) { return $result; } // Load the user $user = $this->userManager->getUserForUsername($username); // Generate an request token $token = uniqid(md5($user->getMetaData('email')), true); $user->setMetaData('passwordRequestToken', $token); $user->setMetaData('passwordRequestTokenLifetime', time() + 3600); $this->userManager->updateUser($user); // Send the request mail $requestLink = $request->getFullRoute('/generate-new-password/' . $user->getUuid() . '/' . $token . '/'); $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('New password requested', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\RequestNewPassword', array('user' => $user, 'requestLink' => $requestLink))); return true; }