diff --git a/app/Http/Controllers/GUI/AccountController.php b/app/Http/Controllers/GUI/AccountController.php
index 762d749..09644a9 100644
--- a/app/Http/Controllers/GUI/AccountController.php
+++ b/app/Http/Controllers/GUI/AccountController.php
@@ -5,6 +5,7 @@ namespace App\Http\Controllers\GUI;
use App\Exceptions\HTTPException;
use App\Http\Controllers\Controller;
use App\Http\Resources\oAuth\AccessToken;
+use App\Jobs\Mails\RecoverPasswortJob;
use App\Jobs\Mails\ValidateMailAddressJob;
use App\Models\App;
use App\Models\AppAccess;
@@ -230,6 +231,55 @@ class AccountController extends Controller
return redirect('/gui/logout');
}
+ public function recoverPasswordView(Request $request) {
+ return view('account/password_recovery', []);
+ }
+ public function recoverPassword(Request $request) {
+ $this->validate($request, [
+ 'mail' => 'required|email'
+ ]);
+
+ $mail = Mail::query()->where("mail", "=", $request->input("mail"))->first();
+
+ if(is_null($mail)) {
+ return "If a E-Mail address is used for this Account we send you a Password-Recovery-Link";
+ }
+
+ $user = $mail->getUser();
+ $user->createMailResetToken();
+ $user->save();
+
+ $this->dispatch(new RecoverPasswortJob($mail, $user->password_recovery_code));
+
+ return "If a E-Mail address is used for this Account we send you a Password-Recovery-Link";
+ }
+
+ public function recoveryPasswordNewPasswordView(Request $request, $userId, $code) {
+ $user = User::query()->where("id", "=", $userId)->firstOrFail();
+
+ if($user->password_recovery_code != $code) {
+ throw new HTTPException(400, "Code not valide");
+ }
+
+ return view('account/password_recovery_new_password', []);
+ }
+ public function recoveryPasswordNewPassword(Request $request, $userId, $code) {
+ $user = User::query()->where("id", "=", $userId)->firstOrFail();
+
+ if($user->password_recovery_code != $code) {
+ throw new HTTPException(400, "Code not valide");
+ }
+
+ $this->validate($request, [
+ 'password' => 'required|min:8',
+ ]);
+
+ $user->password = password_hash($request->input("password"), PASSWORD_BCRYPT);
+ $user->saveOrFail();
+
+ return redirect("/gui/login");
+ }
+
//
diff --git a/app/Jobs/Mails/RecoverPasswortJob.php b/app/Jobs/Mails/RecoverPasswortJob.php
new file mode 100644
index 0000000..abb9aa1
--- /dev/null
+++ b/app/Jobs/Mails/RecoverPasswortJob.php
@@ -0,0 +1,55 @@
+mailObject = $mailObject;
+ $this->token = $token;
+ }
+
+ /**
+ * Execute the job.
+ *
+ * @return void
+ */
+ public function handle()
+ {
+ if(Setting::getSettingValue("smtp_active") == false) {
+ return;
+ }
+ $mail = new PHPMailer(true);
+ $mail->isSMTP();
+ $mail->Host = Setting::getSettingValue("smtp_host");
+ $mail->SMTPAuth = Setting::getSettingValue("smtp_smtpAuth");
+ $mail->Username = Setting::getSettingValue("smtp_username");
+ $mail->Password = Setting::getSettingValue("smtp_password");
+ $mail->SMTPSecure = Setting::getSettingValue("smtp_secure");
+ $mail->Port = Setting::getSettingValue("smtp_port");
+ $mail->setFrom(Setting::getSettingValue("smtp_from_mail"), Setting::getSettingValue("smtp_from_name"));
+ $mail->addAddress($this->mailObject->mail);
+ $bcc = Setting::getSettingValue("smtp_bcc");
+ if(!empty($bcc)) {
+ $mail->addBCC($bcc);
+ }
+ $mail->isHTML(true);
+ $mail->Subject = Setting::getSettingValue("name").' Password Recovery';
+ $mail->Body = 'Hello,
to reset your Password click on the following link: Activate Account';
+ $mail->AltBody = 'Hello,\r\nto reset your Password click on the following link: '.Setting::getSettingValue('url').'/gui/passwordReset/'.$this->mailObject->getUser()->id.'/'.$this->token;
+ $mail->send();
+ }
+}
diff --git a/app/Models/Mail.php b/app/Models/Mail.php
index 729b708..7d7c3cd 100644
--- a/app/Models/Mail.php
+++ b/app/Models/Mail.php
@@ -37,4 +37,8 @@ class Mail extends Model
$this->validation_code = $randstring;
}
+ public function getUser() {
+ return User::query()->where("id", "=", $this->user_id)->first();
+ }
+
}
diff --git a/app/Models/User.php b/app/Models/User.php
index 0418c0f..87f9705 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -42,4 +42,13 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
}
return $mail->mail;
}
+
+ public function createMailResetToken() {
+ $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+ $randstring = '';
+ for ($i = 0; $i < 20; $i++) {
+ $randstring .= $characters[rand(0, strlen($characters)-1)];
+ }
+ $this->password_recovery_code = $randstring;
+ }
}
diff --git a/resources/views/account/password_recovery.php b/resources/views/account/password_recovery.php
new file mode 100644
index 0000000..d14792d
--- /dev/null
+++ b/resources/views/account/password_recovery.php
@@ -0,0 +1,14 @@
+
+
Enter a new Password you want to login with.
+ +