ResetPassword: introduce requestResetKey and verifyResetKey methods

This commit is contained in:
Aaron van Geffen 2024-11-05 17:17:14 +01:00
parent 084658820e
commit eb7a40a70d

View File

@ -16,6 +16,39 @@ class ResetPassword extends HTMLController
// Verifying an existing reset key? // Verifying an existing reset key?
if (isset($_GET['step'], $_GET['email'], $_GET['key']) && $_GET['step'] == 2) if (isset($_GET['step'], $_GET['email'], $_GET['key']) && $_GET['step'] == 2)
$this->verifyResetKey();
else
$this->requestResetKey();
}
private function requestResetKey()
{
parent::__construct('Reset password - ' . SITE_TITLE);
$form = new ForgotPasswordForm();
$this->page->adopt($form);
// Have they submitted an email address yet?
if (isset($_POST['emailaddress']) && preg_match('~^.+@.+\.[a-z]+$~', trim($_POST['emailaddress'])))
{
$user = Member::fromEmailAddress($_POST['emailaddress']);
if (!$user)
{
$form->adopt(new Alert('Invalid email address', 'The email address you provided could not be found in our system. Please try again.', 'danger'));
return;
}
Authentication::setResetKey($user->getUserId());
Email::resetMail($user->getUserId());
// Show the success message
$this->page->clear();
$box = new DummyBox('An email has been sent');
$box->adopt(new Alert('', 'We have sent an email to ' . $_POST['emailaddress'] . ' containing details on how to reset your password.', 'success'));
$this->page->adopt($box);
}
}
private function verifyResetKey()
{ {
$email = rawurldecode($_GET['email']); $email = rawurldecode($_GET['email']);
$user = Member::fromEmailAddress($email); $user = Member::fromEmailAddress($email);
@ -51,31 +84,4 @@ class ResetPassword extends HTMLController
$form->adopt(new Alert('Some fields require your attention', '<ul><li>' . implode('</li><li>', $missing) . '</li></ul>', 'danger')); $form->adopt(new Alert('Some fields require your attention', '<ul><li>' . implode('</li><li>', $missing) . '</li></ul>', 'danger'));
} }
} }
else
{
parent::__construct('Reset password - ' . SITE_TITLE);
$form = new ForgotPasswordForm();
$this->page->adopt($form);
// Have they submitted an email address yet?
if (isset($_POST['emailaddress']) && preg_match('~^.+@.+\.[a-z]+$~', trim($_POST['emailaddress'])))
{
$user = Member::fromEmailAddress($_POST['emailaddress']);
if (!$user)
{
$form->adopt(new Alert('Invalid email address', 'The email address you provided could not be found in our system. Please try again.', 'danger'));
return;
}
Authentication::setResetKey($user->getUserId());
Email::resetMail($user->getUserId());
// Show the success message
$this->page->clear();
$box = new DummyBox('An email has been sent');
$box->adopt(new Alert('', 'We have sent an email to ' . $_POST['emailaddress'] . ' containing details on how to reset your password.', 'success'));
$this->page->adopt($box);
}
}
}
} }