Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Simplify user reset password by using routes, remove unused XML contr…
Browse files Browse the repository at this point in the history 
…ibs.
  • Loading branch information
@cdujeu
cdujeu committed Sep 9, 2016
1 parent 466249a commit f76b734
Show file tree
Hide file tree
Showing 10 changed files with 27 additions and 69 deletions.
1 change: 1 addition & 0 deletions core/src/core/src/pydio/Core/Http/Base.php
View file
Expand Up @@ -44,6 +44,7 @@ public static function handleRoute($base, $route, $additionalAttributes = []){
$server = new Wopi\RestWopiServer($base.$route, $additionalAttributes); $server = new Wopi\RestWopiServer($base.$route, $additionalAttributes);
} else if ($route === "/user") { } else if ($route === "/user") {
$_GET["get_action"] = "user_access_point"; $_GET["get_action"] = "user_access_point";
$_GET["key"] = $additionalAttributes["key"];
$server = new Server($base, $additionalAttributes); $server = new Server($base, $additionalAttributes);
} else if ($route == "/favicon"){ } else if ($route == "/favicon"){
$_GET["get_action"] = "serve_favicon"; $_GET["get_action"] = "serve_favicon";
Expand Down
4 changes: 2 additions & 2 deletions core/src/plugins/core.ajaxplorer/routes.json
View file
Expand Up @@ -16,9 +16,9 @@
"method": "handleRoute" "method": "handleRoute"
}, },
"/user":{ "/user":{
"methods": "*", "methods": "GET",
"routes": [ "routes": [
"/user[{optional:.+}]" "/user/reset-password/{key}"
], ],
"class": "Pydio\\Core\\Http\\Base", "class": "Pydio\\Core\\Http\\Base",
"method": "handleRoute" "method": "handleRoute"
Expand Down
52 changes: 13 additions & 39 deletions core/src/plugins/gui.user/UserGuiController.php
View file
Expand Up @@ -48,33 +48,6 @@
class UserGuiController extends Plugin class UserGuiController extends Plugin
{ {


/**
* Parse
* @param DOMNode $contribNode
*/
protected function parseSpecificContributions(ContextInterface $ctx, \DOMNode &$contribNode)
{
parent::parseSpecificContributions($ctx, $contribNode);
if (substr($_SERVER["REQUEST_URI"], 0, strlen('/user')) != '/user') {
if ($contribNode->nodeName == "client_configs") {
$children = $contribNode->childNodes;
foreach ($children as $child) {
if ($child->nodeType == XML_ELEMENT_NODE) $contribNode->removeChild($child);
}
} else if ($contribNode->nodeName == "actions") {
$children = $contribNode->childNodes;
foreach ($children as $child) {
if ($child->nodeType == XML_ELEMENT_NODE && $child->nodeName == "action" && $child->getAttribute("name") == "login") {
$contribNode->removeChild($child);
}
}

}
}

}


/** /**
* @param ServerRequestInterface $requestInterface * @param ServerRequestInterface $requestInterface
* @param ResponseInterface $responseInterface * @param ResponseInterface $responseInterface
Expand All @@ -90,19 +63,18 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
$context = $requestInterface->getAttribute("ctx"); $context = $requestInterface->getAttribute("ctx");


switch ($action) { switch ($action) {

case "user_access_point": case "user_access_point":
$setUrl = ConfService::getGlobalConf("SERVER_URL");
$realUri = "/"; $action = "reset-password";
if (!empty($setUrl)) { $key = InputFilter::sanitize($httpVars["key"], InputFilter::SANITIZE_ALPHANUM);
$realUri = parse_url(ConfService::getGlobalConf("SERVER_URL"), PHP_URL_PATH);
}
$requestURI = str_replace("//", "/", $_SERVER["REQUEST_URI"]);
$uri = trim(str_replace(rtrim($realUri, "/") . "/user", "", $requestURI), "/");
$uriParts = explode("/", $uri);
$action = array_shift($uriParts);
$key = ($action == "reset-password" && count($uriParts)) ? array_shift($uriParts) : "";
try { try {
$this->processSubAction($action, $uriParts);
$key = ConfService::getConfStorageImpl()->loadTemporaryKey("password-reset", $key);
if ($key == null || $key["user_id"] === false) {
throw new Exception("Invalid password reset key! Did you make sure to copy the correct link?");
}

$_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array( $_SESSION['OVERRIDE_GUI_START_PARAMETERS'] = array(
"REBASE" => "../../", "REBASE" => "../../",
"USER_GUI_ACTION" => $action, "USER_GUI_ACTION" => $action,
Expand All @@ -118,6 +90,7 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
unset($_SESSION['OVERRIDE_GUI_START_PARAMETERS']); unset($_SESSION['OVERRIDE_GUI_START_PARAMETERS']);


break; break;

case "reset-password-ask": case "reset-password-ask":


// This is a reset password request, generate a token and store it. // This is a reset password request, generate a token and store it.
Expand All @@ -133,7 +106,7 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
$mailer = PluginsService::getInstance($context)->getUniqueActivePluginForType("mailer"); $mailer = PluginsService::getInstance($context)->getUniqueActivePluginForType("mailer");
if ($mailer !== false) { if ($mailer !== false) {
$mess = LocaleService::getMessages(); $mess = LocaleService::getMessages();
$link = ApplicationState::detectServerURL() . "/user/reset-password/" . $uuid; $link = ApplicationState::detectServerURL(true) . "/user/reset-password/" . $uuid;
$mailer->sendMail($context, array($email), $mess["gui.user.1"], $mess["gui.user.7"] . "<a href=\"$link\">$link</a>"); $mailer->sendMail($context, array($email), $mess["gui.user.1"], $mess["gui.user.7"] . "<a href=\"$link\">$link</a>");
} else { } else {
echo 'ERROR: There is no mailer configured, please contact your administrator'; echo 'ERROR: There is no mailer configured, please contact your administrator';
Expand All @@ -146,6 +119,7 @@ public function processUserAccessPoint(ServerRequestInterface &$requestInterface
echo "SUCCESS"; echo "SUCCESS";


break; break;

case "reset-password": case "reset-password":


ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20); ConfService::getConfStorageImpl()->pruneTemporaryKeys("password-reset", 20);
Expand Down
1 change: 1 addition & 0 deletions core/src/plugins/gui.user/i18n/cs.php
View file
Expand Up @@ -26,4 +26,5 @@
"5" => "Požadavek na změnu hesla byl zaslán na emailovou adresu registrovanou s vaším uživatelským účtem. Klikněte na odkaz v emailu pro provedení změny hesla.", "5" => "Požadavek na změnu hesla byl zaslán na emailovou adresu registrovanou s vaším uživatelským účtem. Klikněte na odkaz v emailu pro provedení změny hesla.",
"6" => "Děkujeme, nyní se můžete přihlásit!", "6" => "Děkujeme, nyní se můžete přihlásit!",
"7" => "Byla vyžádána změna hesla pro účet vedený pod touto emailovou adresou. Pokud jste tento požadavek nevyžádali vy, můžete tento email ignorovat. Jinak klikněte na následující odkaz pro reset svého hesla:", "7" => "Byla vyžádána změna hesla pro účet vedený pod touto emailovou adresou. Pokud jste tento požadavek nevyžádali vy, můžete tento email ignorovat. Jinak klikněte na následující odkaz pro reset svého hesla:",
"8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
); );
1 change: 1 addition & 0 deletions core/src/plugins/gui.user/i18n/de.php
View file
Expand Up @@ -31,4 +31,5 @@
"5" => "E-Mail erfolgreich versendet. Klicken Sie auf den Link in der Nachricht, um ein neues Passwort zu vergeben.", "5" => "E-Mail erfolgreich versendet. Klicken Sie auf den Link in der Nachricht, um ein neues Passwort zu vergeben.",
"6" => "Vielen Dank. Sie k&ouml;nnen sich jetzt anmelden.", "6" => "Vielen Dank. Sie k&ouml;nnen sich jetzt anmelden.",
"7" => "Für das Konto mit dieser E-Mail-Adresse wurde eine Anfrage zum Zurücksetzen des Passwortes angefordert. Wenn Sie dieses Anfrage nicht gemacht haben, können Sie die E-Mail ignorieren. Ansonsten klicken Sie auf folgenden Link, um Ihr Passwort zurückzusetzen:", /* No HTML entities, might be the body of the mail */ "7" => "Für das Konto mit dieser E-Mail-Adresse wurde eine Anfrage zum Zurücksetzen des Passwortes angefordert. Wenn Sie dieses Anfrage nicht gemacht haben, können Sie die E-Mail ignorieren. Ansonsten klicken Sie auf folgenden Link, um Ihr Passwort zurückzusetzen:", /* No HTML entities, might be the body of the mail */
"8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
); );
1 change: 1 addition & 0 deletions core/src/plugins/gui.user/i18n/en.php
View file
Expand Up @@ -26,4 +26,5 @@
"5" => "A reset password request has been sent to the email registered with your account. Click on the link in the email to recreate a password.", "5" => "A reset password request has been sent to the email registered with your account. Click on the link in the email to recreate a password.",
"6" => "Thank you, you can now log in!", "6" => "Thank you, you can now log in!",
"7" => "A password reset has been requested on the account associated to this email address. If you are not the author of this request, you can safely ignore this email. Otherwise click on the following link to reset your password:", "7" => "A password reset has been requested on the account associated to this email address. If you are not the author of this request, you can safely ignore this email. Otherwise click on the following link to reset your password:",
"8" => "Use the form below to reset your password. Please enter your login and the new password twice."
); );
1 change: 1 addition & 0 deletions core/src/plugins/gui.user/i18n/fr.php
View file
Expand Up @@ -26,4 +26,5 @@
"5" => "Un courriel contenant une demande de réinitialisation du mot de passe a été envoyé à l'adresse courriel enregistrée dans votre compte. Cliquez sur le lien du courriel pour créer un nouveau mot de passe.", "5" => "Un courriel contenant une demande de réinitialisation du mot de passe a été envoyé à l'adresse courriel enregistrée dans votre compte. Cliquez sur le lien du courriel pour créer un nouveau mot de passe.",
"6" => "Merci, vous pouvez à présent vous connecter avec ce nouveau mot de passe!", "6" => "Merci, vous pouvez à présent vous connecter avec ce nouveau mot de passe!",
"7" => "Une demande de réinitialisation de mot de passe a été demandée pour le compte associé à ce courriel. Si vous n'en êtes pas l'auteur, vous pouvez ignorer ce courriel. Sinon cliquez sur le lien suivant :", "7" => "Une demande de réinitialisation de mot de passe a été demandée pour le compte associé à ce courriel. Si vous n'en êtes pas l'auteur, vous pouvez ignorer ce courriel. Sinon cliquez sur le lien suivant :",
"8" => "Utilisez le formulaire pour remettre à zéro votre mot de passe. Entrez votre identifiant et votre nouveau mot de passe deux fois.",
); );
1 change: 1 addition & 0 deletions core/src/plugins/gui.user/i18n/it.php
View file
Expand Up @@ -26,4 +26,5 @@
"5" => "Una richiesta di reset password è stata inviata all'indirizzo mail associato al tuo account. Clicca sul link nella mail per creare una nuova password.", "5" => "Una richiesta di reset password è stata inviata all'indirizzo mail associato al tuo account. Clicca sul link nella mail per creare una nuova password.",
"6" => "Grazie. Ora puoi autenticarti!", "6" => "Grazie. Ora puoi autenticarti!",
"7" => "Il reset della password è stato richiesto dall'account associato a questo indirizzo mail. Se non sei l'autore di questa richiesta, puoi semplicemente ignorare questa mail. Altrimenti, clicca sul link seguente per reimpostare la tua password:", "7" => "Il reset della password è stato richiesto dall'account associato a questo indirizzo mail. Se non sei l'autore di questa richiesta, puoi semplicemente ignorare questa mail. Altrimenti, clicca sul link seguente per reimpostare la tua password:",
"8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
); );
1 change: 1 addition & 0 deletions core/src/plugins/gui.user/i18n/ru.php
View file
Expand Up @@ -26,4 +26,5 @@
"5" => "Запрос на сброс пароля будет послан на email, который указан в вашей учётной записи. Нажмите на ссылку в письме, чтобы пересоздать пароль.", "5" => "Запрос на сброс пароля будет послан на email, который указан в вашей учётной записи. Нажмите на ссылку в письме, чтобы пересоздать пароль.",
"6" => "Спасибо, теперь Вы можете зайти в систему!", "6" => "Спасибо, теперь Вы можете зайти в систему!",
"7" => "Запрошен сброс пароля для учётной записи ассоциированной с этим email адресом. Если Вы не автор запроса просто проигнорируйте это письмо. Если Вы хотите сбросить пароль, то нажмите на ссылку:", "7" => "Запрошен сброс пароля для учётной записи ассоциированной с этим email адресом. Если Вы не автор запроса просто проигнорируйте это письмо. Если Вы хотите сбросить пароль, то нажмите на ссылку:",
"8" => "Use the form below to reset your password. Please enter your login and the new password twice.",
); );
33 changes: 5 additions & 28 deletions core/src/plugins/gui.user/manifest.xml
View file
Expand Up @@ -109,50 +109,27 @@
</clientCallback> </clientCallback>
<clientForm id="reset-password"><![CDATA[ <clientForm id="reset-password"><![CDATA[
<div id="reset-password" box_width="320" style="font-size: 15px;"> <div id="reset-password" box_width="320" style="font-size: 15px;">
<div class="dialogLegend" ajxp_message_id="gui.user.8">AJXP_MESSAGE[gui.user.8]</div>
<div class="SF_element"> <div class="SF_element">
<div class="SF_label" ajxp_message_id="gui.user.4">AJXP_MESSAGE[gui.user.4] : </div><input id="user_id" value="" type="text" class="SF_input"/> <div class="SF_label" ajxp_message_id="gui.user.4">AJXP_MESSAGE[gui.user.4] : </div><input style="width:90%;" id="user_id" value="" type="text" class="SF_input"/>
</div> </div>
<div class="SF_element"> <div class="SF_element">
<div class="SF_label" ajxp_message_id="198">AJXP_MESSAGE[198] : </div><input id="user_change_ownpass1" value="" type="password" class="SF_input"/> <div class="SF_label" ajxp_message_id="198">AJXP_MESSAGE[198] : </div><input style="width:90%;" id="user_change_ownpass1" value="" type="password" class="SF_input"/>
</div> </div>
<div class="SF_element"> <div class="SF_element">
<div class="SF_label" ajxp_message_id="199">AJXP_MESSAGE[199] : </div><input id="user_change_ownpass2" value="" type="password" class="SF_input"/> <div class="SF_label" ajxp_message_id="199">AJXP_MESSAGE[199] : </div><input style="width:90%;" id="user_change_ownpass2" value="" type="password" class="SF_input"/>
</div> </div>
<div class="SF_element" id="pwd_strength_container"></div> <div class="SF_element" id="pwd_strength_container"></div>
</div> </div>
]]></clientForm> ]]></clientForm>
<serverCallback methodName="processUserAccessPoint"/> <serverCallback methodName="processUserAccessPoint"/>
</processing> </processing>
</action> </action>
<action name="login">
<processing></processing>
</action>
</actions> </actions>
<client_configs>
<template element="ajxp_desktop" name="main_vision" position="top"><![CDATA[
<div id="toolbars">
<div id="global_toolbar" ajxpClass="LogoWidget"></div>
</div>
<div id="user-gui-controller" ajxpClass="AjxpPane" ajxpOptions='{}' style="background:url('plugins/gui.ajax/res/themes/vision/images/grid_t.png')"></div>
<!--
<div id="notifications" ajxpClass="FetchedResultPane" ajxpOptions='{"fit":"height", "fitParent": "window", "fixedDisplayMode":"thumb", "displayMode":"thumb", "selectable":"false", "nodeProviderProperties":{"get_action":"get_my_feed", "format":"xml", "connexion_discrete":true}}'></div>
-->
<script type="text/javascript">
document.observe('ajaxplorer:loaded', function(){
if(!ajaxplorer.UIG) {
ResourcesManager.prototype.loadJSResource('plugins/gui.user/class.UserGuiController.js', 'UserGuiController', function(){
ajaxplorer.UIG = new UserGuiController($('user-gui-controller'));
}, true);
}
});
pydio.UI.disableAllKeyBindings();
</script>
]]></template>
</client_configs>
</registry_contributions> </registry_contributions>


<dependencies> <dependencies>
<activePlugin pluginName="gui.ajax|gui.mobile|gui.ios"/> <activePlugin pluginName="gui.ajax|gui.mobile|gui.ios|core.auth"/>
</dependencies> </dependencies>


</ajxp_plugin> </ajxp_plugin>

0 comments on commit f76b734

Please sign in to comment.