| Server IP : 49.231.201.246 / Your IP : 216.73.216.149 Web Server : Apache/2.4.18 (Ubuntu) System : Linux 246 4.4.0-210-generic #242-Ubuntu SMP Fri Apr 16 09:57:56 UTC 2021 x86_64 User : root ( 0) PHP Version : 7.0.33-0ubuntu0.16.04.16 Disable Function : exec,passthru,shell_exec,system,proc_open,popen,pcntl_exec MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/html/water/vendor/dektrium/yii2-user/controllers/ |
Upload File : |
<?php
/*
* This file is part of the Dektrium project.
*
* (c) Dektrium project <http://github.com/dektrium/>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace dektrium\user\controllers;
use dektrium\user\Finder;
use dektrium\user\models\RecoveryForm;
use dektrium\user\models\Token;
use dektrium\user\traits\AjaxValidationTrait;
use dektrium\user\traits\EventTrait;
use yii\filters\AccessControl;
use yii\web\Controller;
use yii\web\NotFoundHttpException;
/**
* RecoveryController manages password recovery process.
*
* @property \dektrium\user\Module $module
*
* @author Dmitry Erofeev <dmeroff@gmail.com>
*/
class RecoveryController extends Controller
{
use AjaxValidationTrait;
use EventTrait;
/**
* Event is triggered before requesting password reset.
* Triggered with \dektrium\user\events\FormEvent.
*/
const EVENT_BEFORE_REQUEST = 'beforeRequest';
/**
* Event is triggered after requesting password reset.
* Triggered with \dektrium\user\events\FormEvent.
*/
const EVENT_AFTER_REQUEST = 'afterRequest';
/**
* Event is triggered before validating recovery token.
* Triggered with \dektrium\user\events\ResetPasswordEvent. May not have $form property set.
*/
const EVENT_BEFORE_TOKEN_VALIDATE = 'beforeTokenValidate';
/**
* Event is triggered after validating recovery token.
* Triggered with \dektrium\user\events\ResetPasswordEvent. May not have $form property set.
*/
const EVENT_AFTER_TOKEN_VALIDATE = 'afterTokenValidate';
/**
* Event is triggered before resetting password.
* Triggered with \dektrium\user\events\ResetPasswordEvent.
*/
const EVENT_BEFORE_RESET = 'beforeReset';
/**
* Event is triggered after resetting password.
* Triggered with \dektrium\user\events\ResetPasswordEvent.
*/
const EVENT_AFTER_RESET = 'afterReset';
/** @var Finder */
protected $finder;
/**
* @param string $id
* @param \yii\base\Module $module
* @param Finder $finder
* @param array $config
*/
public function __construct($id, $module, Finder $finder, $config = [])
{
$this->finder = $finder;
parent::__construct($id, $module, $config);
}
/** @inheritdoc */
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
['allow' => true, 'actions' => ['request', 'reset'], 'roles' => ['?']],
],
],
];
}
/**
* Shows page where user can request password recovery.
*
* @return string
* @throws \yii\web\NotFoundHttpException
*/
public function actionRequest()
{
if (!$this->module->enablePasswordRecovery) {
throw new NotFoundHttpException();
}
/** @var RecoveryForm $model */
$model = \Yii::createObject([
'class' => RecoveryForm::className(),
'scenario' => RecoveryForm::SCENARIO_REQUEST,
]);
$event = $this->getFormEvent($model);
$this->performAjaxValidation($model);
$this->trigger(self::EVENT_BEFORE_REQUEST, $event);
if ($model->load(\Yii::$app->request->post()) && $model->sendRecoveryMessage()) {
$this->trigger(self::EVENT_AFTER_REQUEST, $event);
return $this->render('/message', [
'title' => \Yii::t('user', 'Recovery message sent'),
'module' => $this->module,
]);
}
return $this->render('request', [
'model' => $model,
]);
}
/**
* Displays page where user can reset password.
*
* @param int $id
* @param string $code
*
* @return string
* @throws \yii\web\NotFoundHttpException
*/
public function actionReset($id, $code)
{
if (!$this->module->enablePasswordRecovery) {
throw new NotFoundHttpException();
}
/** @var Token $token */
$token = $this->finder->findToken(['user_id' => $id, 'code' => $code, 'type' => Token::TYPE_RECOVERY])->one();
if (empty($token) || ! $token instanceof Token) {
throw new NotFoundHttpException();
}
$event = $this->getResetPasswordEvent($token);
$this->trigger(self::EVENT_BEFORE_TOKEN_VALIDATE, $event);
if ($token === null || $token->isExpired || $token->user === null) {
$this->trigger(self::EVENT_AFTER_TOKEN_VALIDATE, $event);
\Yii::$app->session->setFlash(
'danger',
\Yii::t('user', 'Recovery link is invalid or expired. Please try requesting a new one.')
);
return $this->render('/message', [
'title' => \Yii::t('user', 'Invalid or expired link'),
'module' => $this->module,
]);
}
/** @var RecoveryForm $model */
$model = \Yii::createObject([
'class' => RecoveryForm::className(),
'scenario' => RecoveryForm::SCENARIO_RESET,
]);
$event->setForm($model);
$this->performAjaxValidation($model);
$this->trigger(self::EVENT_BEFORE_RESET, $event);
if ($model->load(\Yii::$app->getRequest()->post()) && $model->resetPassword($token)) {
$this->trigger(self::EVENT_AFTER_RESET, $event);
return $this->render('/message', [
'title' => \Yii::t('user', 'Password has been changed'),
'module' => $this->module,
]);
}
return $this->render('reset', [
'model' => $model,
]);
}
}