Permalink
Browse files

Simplify user reset password by using routes, remove unused XML contr…

…ibs.
  • Loading branch information...
1 parent 466249a commit f76b73417198f9e40da7b7766110a534f2057853 @cdujeu cdujeu committed Sep 9, 2016
@@ -44,6 +44,7 @@ public static function handleRoute($base, $route, $additionalAttributes = []){
$server = new Wopi\RestWopiServer($base.$route, $additionalAttributes);
} else if ($route === "/user") {
$_GET["get_action"] = "user_access_point";
+ $_GET["key"] = $additionalAttributes["key"];
$server = new Server($base, $additionalAttributes);
} else if ($route == "/favicon"){
$_GET["get_action"] = "serve_favicon";
@@ -16,9 +16,9 @@
"method": "handleRoute"
},
"/user":{
- "methods": "*",
+ "methods": "GET",
"routes": [
- "/user[{optional:.+}]"
+ "/user/reset-password/{key}"
],
"class": "Pydio\\Core\\Http\\Base",
"method": "handleRoute"
@@ -49,33 +49,6 @@ class UserGuiController extends Plugin
{
/**
- * Parse
- * @param DOMNode $contribNode
- */
- protected function parseSpecificContributions(ContextInterface $ctx, \DOMNode &$contribNode)
- {
- parent::parseSpecificContributions($ctx, $contribNode);
- if (substr($_SERVER["REQUEST_URI"], 0, strlen('/user')) != '/user') {
- if ($contribNode->nodeName == "client_configs") {
- $children = $contribNode->childNodes;
- foreach ($children as $child) {
- if ($child->nodeType == XML_ELEMENT_NODE) $contribNode->removeChild($child);
- }
- } else if ($contribNode->nodeName == "actions") {
- $children = $contribNode->childNodes;
- foreach ($children as $child) {
- if ($child->nodeType == XML_ELEMENT_NODE && $child->nodeName == "action" && $child->getAttribute("name") == "login") {
- $contribNode->removeChild($child);
- }
- }
-
- }
- }
-
- }
-
-
- /**
* @param ServerRequestInterface $requestInterface
* @param ResponseInterface $responseInterface
* @throws Exception
@@ -90,19 +63,18 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
$context = $requestInterface->getAttribute("ctx");
switch ($action) {
+
case "user_access_point":
- $setUrl = ConfService::getGlobalConf("SERVER_URL");
- $realUri = "/";
- if (!empty($setUrl)) {
- $realUri = parse_url(ConfService::getGlobalConf("SERVER_URL"), PHP_URL_PATH);
- }
- $requestURI = str_replace("//", "/", $_SERVER["REQUEST_URI"]);
- $uri = trim(str_replace(rtrim($realUri, "/") . "/user", "", $requestURI), "/");
- $uriParts = explode("/", $uri);
- $action = array_shift($uriParts);
- $key = ($action == "reset-password" && count($uriParts)) ? array_shift($uriParts) : "";
+
+ $action = "reset-password";
+ $key = InputFilter::sanitize($httpVars["key"], InputFilter::SANITIZE_ALPHANUM);
try {
- $this->processSubAction($action, $uriParts);
+
+ $key = ConfService::getConfStorageImpl()->loadTemporaryKey("password-reset", $key);
+ if ($key == null || $key["user_id"] === false) {
+ throw new Exception("Invalid password reset key! Did you make sure to copy the correct link?");
+ }
+
$_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array(
"REBASE" => "../../",
"USER_GUI_ACTION" => $action,
@@ -118,6 +90,7 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
unset($_SESSION['OVERRIDE_GUI_START_PARAMETERS']);
break;
+
case "reset-password-ask":
// This is a reset password request, generate a token and store it.
@@ -133,7 +106,7 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
$mailer = PluginsService::getInstance($context)->getUniqueActivePluginForType("mailer");
if ($mailer !== false) {
$mess = LocaleService::getMessages();
- $link = ApplicationState::detectServerURL() . "/user/reset-password/" . $uuid;
+ $link = ApplicationState::detectServerURL(true) . "/user/reset-password/" . $uuid;
$mailer->sendMail($context, array($email), $mess["gui.user.1"], $mess["gui.user.7"] . "<a href=\"$link\">$link</a>");
} else {
echo 'ERROR: There is no mailer configured, please contact your administrator';
@@ -146,6 +119,7 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
echo "SUCCESS";
break;
+
case "reset-password":
ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20);
@@ -26,4 +26,5 @@
"5" => "Požadavek na změnu hesla byl zaslán na emailovou adresu registrovanou s vaším uživatelským účtem. Klikněte na odkaz v emailu pro provedení změny hesla.",
"6" => "Děkujeme, nyní se můžete přihlásit!",
"7" => "Byla vyžádána změna hesla pro účet vedený pod touto emailovou adresou. Pokud jste tento požadavek nevyžádali vy, můžete tento email ignorovat. Jinak klikněte na následující odkaz pro reset svého hesla:",
+ "8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
);
@@ -31,4 +31,5 @@
"5" => "E-Mail erfolgreich versendet. Klicken Sie auf den Link in der Nachricht, um ein neues Passwort zu vergeben.",
"6" => "Vielen Dank. Sie k&ouml;nnen sich jetzt anmelden.",
"7" => "Für das Konto mit dieser E-Mail-Adresse wurde eine Anfrage zum Zurücksetzen des Passwortes angefordert. Wenn Sie dieses Anfrage nicht gemacht haben, können Sie die E-Mail ignorieren. Ansonsten klicken Sie auf folgenden Link, um Ihr Passwort zurückzusetzen:", /* No HTML entities, might be the body of the mail */
+ "8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
);
@@ -26,4 +26,5 @@
"5" => "A reset password request has been sent to the email registered with your account. Click on the link in the email to recreate a password.",
"6" => "Thank you, you can now log in!",
"7" => "A password reset has been requested on the account associated to this email address. If you are not the author of this request, you can safely ignore this email. Otherwise click on the following link to reset your password:",
+ "8" => "Use the form below to reset your password. Please enter your login and the new password twice."
);
@@ -26,4 +26,5 @@
"5" => "Un courriel contenant une demande de réinitialisation du mot de passe a été envoyé à l'adresse courriel enregistrée dans votre compte. Cliquez sur le lien du courriel pour créer un nouveau mot de passe.",
"6" => "Merci, vous pouvez à présent vous connecter avec ce nouveau mot de passe!",
"7" => "Une demande de réinitialisation de mot de passe a été demandée pour le compte associé à ce courriel. Si vous n'en êtes pas l'auteur, vous pouvez ignorer ce courriel. Sinon cliquez sur le lien suivant :",
+ "8" => "Utilisez le formulaire pour remettre à zéro votre mot de passe. Entrez votre identifiant et votre nouveau mot de passe deux fois.",
);
@@ -26,4 +26,5 @@
"5" => "Una richiesta di reset password è stata inviata all'indirizzo mail associato al tuo account. Clicca sul link nella mail per creare una nuova password.",
"6" => "Grazie. Ora puoi autenticarti!",
"7" => "Il reset della password è stato richiesto dall'account associato a questo indirizzo mail. Se non sei l'autore di questa richiesta, puoi semplicemente ignorare questa mail. Altrimenti, clicca sul link seguente per reimpostare la tua password:",
+ "8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
);
@@ -26,4 +26,5 @@
"5" => "Запрос на сброс пароля будет послан на email, который указан в вашей учётной записи. Нажмите на ссылку в письме, чтобы пересоздать пароль.",
"6" => "Спасибо, теперь Вы можете зайти в систему!",
"7" => "Запрошен сброс пароля для учётной записи ассоциированной с этим email адресом. Если Вы не автор запроса просто проигнорируйте это письмо. Если Вы хотите сбросить пароль, то нажмите на ссылку:",
+ "8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
);
@@ -109,50 +109,27 @@
</clientCallback>
<clientForm id="reset-password"><![CDATA[
<div id="reset-password" box_width="320" style="font-size: 15px;">
+ <div class="dialogLegend" ajxp_message_id="gui.user.8">AJXP_MESSAGE[gui.user.8]</div>
<div class="SF_element">
- <div class="SF_label" ajxp_message_id="gui.user.4">AJXP_MESSAGE[gui.user.4] : </div><input id="user_id" value="" type="text" class="SF_input"/>
+ <div class="SF_label" ajxp_message_id="gui.user.4">AJXP_MESSAGE[gui.user.4] : </div><input style="width:90%;" id="user_id" value="" type="text" class="SF_input"/>
</div>
<div class="SF_element">
- <div class="SF_label" ajxp_message_id="198">AJXP_MESSAGE[198] : </div><input id="user_change_ownpass1" value="" type="password" class="SF_input"/>
+ <div class="SF_label" ajxp_message_id="198">AJXP_MESSAGE[198] : </div><input style="width:90%;" id="user_change_ownpass1" value="" type="password" class="SF_input"/>
</div>
<div class="SF_element">
- <div class="SF_label" ajxp_message_id="199">AJXP_MESSAGE[199] : </div><input id="user_change_ownpass2" value="" type="password" class="SF_input"/>
+ <div class="SF_label" ajxp_message_id="199">AJXP_MESSAGE[199] : </div><input style="width:90%;" id="user_change_ownpass2" value="" type="password" class="SF_input"/>
</div>
<div class="SF_element" id="pwd_strength_container"></div>
</div>
]]></clientForm>
<serverCallback methodName="processUserAccessPoint"/>
</processing>
</action>
- <action name="login">
- <processing></processing>
- </action>
</actions>
- <client_configs>
- <template element="ajxp_desktop" name="main_vision" position="top"><![CDATA[
- <div id="toolbars">
- <div id="global_toolbar" ajxpClass="LogoWidget"></div>
- </div>
- <div id="user-gui-controller" ajxpClass="AjxpPane" ajxpOptions='{}' style="background:url('plugins/gui.ajax/res/themes/vision/images/grid_t.png')"></div>
- <!--
- <div id="notifications" ajxpClass="FetchedResultPane" ajxpOptions='{"fit":"height", "fitParent": "window", "fixedDisplayMode":"thumb", "displayMode":"thumb", "selectable":"false", "nodeProviderProperties":{"get_action":"get_my_feed", "format":"xml", "connexion_discrete":true}}'></div>
- -->
- <script type="text/javascript">
- document.observe('ajaxplorer:loaded', function(){
- if(!ajaxplorer.UIG) {
- ResourcesManager.prototype.loadJSResource('plugins/gui.user/class.UserGuiController.js', 'UserGuiController', function(){
- ajaxplorer.UIG = new UserGuiController($('user-gui-controller'));
- }, true);
- }
- });
- pydio.UI.disableAllKeyBindings();
- </script>
- ]]></template>
- </client_configs>
</registry_contributions>
<dependencies>
- <activePlugin pluginName="gui.ajax|gui.mobile|gui.ios"/>
+ <activePlugin pluginName="gui.ajax|gui.mobile|gui.ios|core.auth"/>
</dependencies>
</ajxp_plugin>

0 comments on commit f76b734

Please sign in to comment.