Adding forgot password functionality.
This commit is contained in:
Dan Cryer
parent
2cd4bade30
commit
cf2d93f71a
6 changed files with 351 additions and 90 deletions
|
|
@ -10,6 +10,7 @@
|
|||
namespace PHPCI\Controller;
|
||||
|
||||
use b8;
|
||||
use PHPCI\Helper\Email;
|
||||
|
||||
/**
|
||||
* Session Controller - Handles user login / logout.
|
||||
|
|
@ -88,4 +89,74 @@ class SessionController extends \PHPCI\Controller
|
|||
header('Location: ' . PHPCI_URL);
|
||||
die;
|
||||
}
|
||||
|
||||
public function forgotPassword()
|
||||
{
|
||||
if ($this->request->getMethod() == 'POST') {
|
||||
$email = $this->getParam('email', null);
|
||||
$user = $this->userStore->getByEmail($email);
|
||||
|
||||
if (empty($user)) {
|
||||
$this->view->error = 'No user exists with that email address, please try again.';
|
||||
return $this->view->render();
|
||||
}
|
||||
|
||||
$key = md5(date('Y-m-d') . $user->getHash());
|
||||
$url = PHPCI_URL;
|
||||
$name = $user->getName();
|
||||
$id = $user->getId();
|
||||
|
||||
$message = <<<MSG
|
||||
Hi {$name},
|
||||
|
||||
You have received this email because you, or someone else, has requested a password reset for PHPCI.
|
||||
|
||||
If this was you, please click the following link to reset your password: {$url}session/reset-password/{$id}/{$key}
|
||||
|
||||
Otherwise, please ignore this email and no action will be taken.
|
||||
|
||||
Thank you,
|
||||
|
||||
PHPCI
|
||||
MSG;
|
||||
|
||||
|
||||
$email = new Email();
|
||||
$email->setTo($user->getEmail(), $user->getName());
|
||||
$email->setSubject('Password reset');
|
||||
$email->setBody($message);
|
||||
$email->send();
|
||||
|
||||
$this->view->emailed = true;
|
||||
}
|
||||
|
||||
return $this->view->render();
|
||||
}
|
||||
|
||||
public function resetPassword($id, $key)
|
||||
{
|
||||
$user = $this->userStore->getById($id);
|
||||
$userKey = md5(date('Y-m-d') . $user->getHash());
|
||||
|
||||
if (empty($user) || $key != $userKey) {
|
||||
$this->view->error = 'Invalid password reset request.';
|
||||
return $this->view->render();
|
||||
}
|
||||
|
||||
if ($this->request->getMethod() == 'POST') {
|
||||
$hash = password_hash($this->getParam('password'), PASSWORD_DEFAULT);
|
||||
$user->setHash($hash);
|
||||
|
||||
$_SESSION['user'] = $this->userStore->save($user);
|
||||
$_SESSION['user_id'] = $user->getId();
|
||||
|
||||
header('Location: ' . PHPCI_URL);
|
||||
die;
|
||||
}
|
||||
|
||||
$this->view->id = $id;
|
||||
$this->view->key = $key;
|
||||
|
||||
return $this->view->render();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue