mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-08-02 06:30:53 +02:00
Code Issues Releases Wiki Activity

Get login/forgot password working again

Browse Source
This commit is contained in:
Toby Zerner
2015-06-19 11:19:49 +09:30
parent 63ea9f0891
commit 1f2e16c4bb
5 changed files with 31 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
framework/core/src/Api/Actions/Users/ForgotAction.php → framework/core/src/Api/Actions/ForgotAction.php
View File

@@ -1,4 +1,4 @@
<?php namespace Flarum\Api\Actions\Users; <?php namespace Flarum\Api\Actions;
use Flarum\Api\Request; use Flarum\Api\Request;
use Flarum\Api\Actions\JsonApiAction; use Flarum\Api\Actions\JsonApiAction;

9
framework/core/src/Core/Handlers/Commands/RequestPasswordResetCommandHandler.php
View File

@@ -6,6 +6,7 @@ use Flarum\Core\Repositories\UserRepositoryInterface;
use Illuminate\Contracts\Mail\Mailer; use Illuminate\Contracts\Mail\Mailer;
use Illuminate\Database\Eloquent\ModelNotFoundException; use Illuminate\Database\Eloquent\ModelNotFoundException;
use Flarum\Core; use Flarum\Core;
use Flarum\Http\UrlGeneratorInterface;
class RequestPasswordResetCommandHandler class RequestPasswordResetCommandHandler
{ {
@@ -21,10 +22,11 @@ class RequestPasswordResetCommandHandler
*/ */
protected $mailer; protected $mailer;
public function __construct(UserRepositoryInterface $users, Mailer $mailer) public function __construct(UserRepositoryInterface $users, Mailer $mailer, UrlGeneratorInterface $url)
{ {
$this->users = $users; $this->users = $users;
$this->mailer = $mailer; $this->mailer = $mailer;
$this->url = $url;
} }
public function handle(RequestPasswordResetCommand $command) public function handle(RequestPasswordResetCommand $command)
@@ -38,9 +40,12 @@ class RequestPasswordResetCommandHandler
$token = PasswordToken::generate($user->id); $token = PasswordToken::generate($user->id);
$token->save(); $token->save();
// TODO: Need to use UrlGenerator, but since this is part of core we
// don't know that the forum routes will be loaded. Should the reset
// password route be part of core??
$data = [ $data = [
'username' => $user->username, 'username' => $user->username,
'url' => route('flarum.forum.resetPassword', ['token' => $token->id]), 'url' => Core::config('base_url').'/reset/'.$token->id,
'forumTitle' => Core::config('forum_title') 'forumTitle' => Core::config('forum_title')
]; ];

9
framework/core/src/Forum/Actions/LoginAction.php
View File

@@ -4,6 +4,7 @@ use Flarum\Api\Client;
use Flarum\Forum\Events\UserLoggedIn; use Flarum\Forum\Events\UserLoggedIn;
use Flarum\Core\Repositories\UserRepositoryInterface; use Flarum\Core\Repositories\UserRepositoryInterface;
use Psr\Http\Message\ServerRequestInterface as Request; use Psr\Http\Message\ServerRequestInterface as Request;
use Zend\Diactoros\Response;
class LoginAction extends BaseAction class LoginAction extends BaseAction
{ {
@@ -25,9 +26,12 @@ class LoginAction extends BaseAction
$data = $this->apiClient->send('Flarum\Api\Actions\TokenAction', $params); $data = $this->apiClient->send('Flarum\Api\Actions\TokenAction', $params);
// TODO: The client needs to pass through exceptions(?) or the whole
// response so we can look at the response code. For now if there isn't
// any useful data we just assume it's a 401.
if (isset($data->userId)) {
event(new UserLoggedIn($this->users->findOrFail($data->userId), $data->token)); event(new UserLoggedIn($this->users->findOrFail($data->userId), $data->token));
// TODO: The client needs to pass through exceptions
$response = $this->success(); $response = $this->success();
$response->getBody()->write(json_encode($data)); $response->getBody()->write(json_encode($data));
@@ -35,5 +39,8 @@ class LoginAction extends BaseAction
$response, $response,
$data->token $data->token
); );
} else {
return new Response('php://memory', 401);
}
} }
} }

12
framework/core/src/Forum/Actions/SavePasswordAction.php
View File

@@ -8,13 +8,15 @@ class SavePasswordAction extends BaseAction
{ {
public function handle(Request $request, $routeParams = []) public function handle(Request $request, $routeParams = [])
{ {
$token = PasswordToken::findOrFail($request->getAttribute('token')); $input = $request->getParsedBody();
$password = $request->getAttribute('password'); $token = PasswordToken::findOrFail(array_get($input, 'token'));
$confirmation = $request->getAttribute('password_confirmation');
$password = array_get($input, 'password');
$confirmation = array_get($input, 'password_confirmation');
if (! $password || $password !== $confirmation) { if (! $password || $password !== $confirmation) {
return $this->redirectTo(''); // TODO: Redirect back return $this->redirectTo('/reset/'.$token->id); // TODO: Use UrlGenerator
} }
$this->dispatch( $this->dispatch(
@@ -23,6 +25,6 @@ class SavePasswordAction extends BaseAction
$token->delete(); $token->delete();
return $this->redirectTo(''); return $this->redirectTo('/');
} }
} }

13
framework/core/views/reset.blade.php
View File

@@ -11,18 +11,7 @@
<body> <body>
<h1>Reset Your Password</h1> <h1>Reset Your Password</h1>
@if (count($errors) > 0) <form class="form-horizontal" role="form" method="POST" action="{{ app('Flarum\Http\UrlGeneratorInterface')->toRoute('flarum.forum.savePassword') }}">
<div class="alert alert-danger">
<strong>Whoops!</strong> There were some problems with your input.<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
<form class="form-horizontal" role="form" method="POST" action="{{ route('flarum.forum.savePassword') }}">
<input type="hidden" name="token" value="{{ $token }}"> <input type="hidden" name="token" value="{{ $token }}">
<div class="form-group"> <div class="form-group">