#13 Recovery Password funktion

This commit is contained in:
Kekskurse 2019-05-02 12:47:41 +02:00
parent 2bd9707b74
commit 9f151d3285
7 changed files with 151 additions and 0 deletions

View file

@ -5,6 +5,7 @@ namespace App\Http\Controllers\GUI;
use App\Exceptions\HTTPException; use App\Exceptions\HTTPException;
use App\Http\Controllers\Controller; use App\Http\Controllers\Controller;
use App\Http\Resources\oAuth\AccessToken; use App\Http\Resources\oAuth\AccessToken;
use App\Jobs\Mails\RecoverPasswortJob;
use App\Jobs\Mails\ValidateMailAddressJob; use App\Jobs\Mails\ValidateMailAddressJob;
use App\Models\App; use App\Models\App;
use App\Models\AppAccess; use App\Models\AppAccess;
@ -230,6 +231,55 @@ class AccountController extends Controller
return redirect('/gui/logout'); return redirect('/gui/logout');
} }
public function recoverPasswordView(Request $request) {
return view('account/password_recovery', []);
}
public function recoverPassword(Request $request) {
$this->validate($request, [
'mail' => 'required|email'
]);
$mail = Mail::query()->where("mail", "=", $request->input("mail"))->first();
if(is_null($mail)) {
return "If a E-Mail address is used for this Account we send you a Password-Recovery-Link";
}
$user = $mail->getUser();
$user->createMailResetToken();
$user->save();
$this->dispatch(new RecoverPasswortJob($mail, $user->password_recovery_code));
return "If a E-Mail address is used for this Account we send you a Password-Recovery-Link";
}
public function recoveryPasswordNewPasswordView(Request $request, $userId, $code) {
$user = User::query()->where("id", "=", $userId)->firstOrFail();
if($user->password_recovery_code != $code) {
throw new HTTPException(400, "Code not valide");
}
return view('account/password_recovery_new_password', []);
}
public function recoveryPasswordNewPassword(Request $request, $userId, $code) {
$user = User::query()->where("id", "=", $userId)->firstOrFail();
if($user->password_recovery_code != $code) {
throw new HTTPException(400, "Code not valide");
}
$this->validate($request, [
'password' => 'required|min:8',
]);
$user->password = password_hash($request->input("password"), PASSWORD_BCRYPT);
$user->saveOrFail();
return redirect("/gui/login");
}
// //

View file

@ -0,0 +1,55 @@
<?php
namespace App\Jobs\Mails;
use App\Jobs\Job;
use App\Models\Mail;
use App\Models\Setting;
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
class RecoverPasswortJob extends Job
{
private $mailObject = null;
private $token = null;
/**
* Create a new job instance.
*
* @return void
*/
public function __construct(Mail $mailObject, $token)
{
$this->mailObject = $mailObject;
$this->token = $token;
}
/**
* Execute the job.
*
* @return void
*/
public function handle()
{
if(Setting::getSettingValue("smtp_active") == false) {
return;
}
$mail = new PHPMailer(true);
$mail->isSMTP();
$mail->Host = Setting::getSettingValue("smtp_host");
$mail->SMTPAuth = Setting::getSettingValue("smtp_smtpAuth");
$mail->Username = Setting::getSettingValue("smtp_username");
$mail->Password = Setting::getSettingValue("smtp_password");
$mail->SMTPSecure = Setting::getSettingValue("smtp_secure");
$mail->Port = Setting::getSettingValue("smtp_port");
$mail->setFrom(Setting::getSettingValue("smtp_from_mail"), Setting::getSettingValue("smtp_from_name"));
$mail->addAddress($this->mailObject->mail);
$bcc = Setting::getSettingValue("smtp_bcc");
if(!empty($bcc)) {
$mail->addBCC($bcc);
}
$mail->isHTML(true);
$mail->Subject = Setting::getSettingValue("name").' Password Recovery';
$mail->Body = 'Hello,<br>to reset your Password click on the following link: <a href="'.Setting::getSettingValue('url').'/gui/passwordReset/'.$this->mailObject->getUser()->id.'/'.$this->token.'">Activate Account</a>';
$mail->AltBody = 'Hello,\r\nto reset your Password click on the following link: '.Setting::getSettingValue('url').'/gui/passwordReset/'.$this->mailObject->getUser()->id.'/'.$this->token;
$mail->send();
}
}

View file

@ -37,4 +37,8 @@ class Mail extends Model
$this->validation_code = $randstring; $this->validation_code = $randstring;
} }
public function getUser() {
return User::query()->where("id", "=", $this->user_id)->first();
}
} }

View file

@ -42,4 +42,13 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
} }
return $mail->mail; return $mail->mail;
} }
public function createMailResetToken() {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randstring = '';
for ($i = 0; $i < 20; $i++) {
$randstring .= $characters[rand(0, strlen($characters)-1)];
}
$this->password_recovery_code = $randstring;
}
} }

View file

@ -0,0 +1,14 @@
<?php include(__DIR__."/../layout/top.php"); ?>
<div class="row">
<div class="col-md-12">
<h3>Reset Password</h3>
<form method="post" id="login">
<b>E-Mail Address</b>
<input class="form-control" name="mail" type="email">
<br>
<input type="submit" value="Send me a recovery Link" class="btn btn-success">
</form>
</div>
</div>
<?php include(__DIR__."/../layout/bottom.php"); ?>

View file

@ -0,0 +1,15 @@
<?php include(__DIR__."/../layout/top.php"); ?>
<div class="row">
<div class="col-md-12">
<h3>New Password</h3>
<p>Enter a new Password you want to login with.</p>
<form method="post" id="login">
<b>New Password</b>
<input class="form-control" name="password" type="password">
<br>
<input type="submit" value="Change Password" class="btn btn-success">
</form>
</div>
</div>
<?php include(__DIR__."/../layout/bottom.php"); ?>

View file

@ -58,6 +58,10 @@ $router->group(['prefix' => 'gui', 'middleware' => 'gui'], function () use ($rou
$router->post('/register', ['uses' => 'GUI\AccountController@register']); $router->post('/register', ['uses' => 'GUI\AccountController@register']);
$router->get('/invite', ['uses' => 'GUI\AccountController@inviteView']); $router->get('/invite', ['uses' => 'GUI\AccountController@inviteView']);
$router->get('/passwordReset', ['uses' => 'GUI\AccountController@recoverPasswordView']);
$router->post('/passwordReset', ['uses' => 'GUI\AccountController@recoverPassword']);
$router->get('/passwordReset/{userId}/{code}', ['uses' => 'GUI\AccountController@recoveryPasswordNewPasswordView']);
$router->post('/passwordReset/{userId}/{code}', ['uses' => 'GUI\AccountController@recoveryPasswordNewPassword']);
$router->get('/login', ['uses' => 'GUI\AccountController@loginView']); $router->get('/login', ['uses' => 'GUI\AccountController@loginView']);
$router->get('/logout', ['uses' => 'GUI\AccountController@logout']); $router->get('/logout', ['uses' => 'GUI\AccountController@logout']);