@@ -0,0 +1,134 @@ | |||
OC.Lostpassword = { | |||
sendErrorMsg : t('core', 'Couldn’t send reset email. Please contact your administrator.'), | |||
sendSuccessMsg : t('core', 'The link to reset your password has been sent to your email. If you do not receive it within a reasonable amount of time, check your spam/junk folders.<br>If it is not there ask your local administrator.'), | |||
encryptedMsg : t('core', "Your files are encrypted. If you haven't enabled the recovery key, there will be no way to get your data back after your password is reset.<br />If you are not sure what to do, please contact your administrator before you continue. <br />Do you really want to continue?") | |||
+ ('<br /><input type="checkbox" id="encrypted-continue" value="Yes" />') | |||
+ '<label for="encrypted-continue">' | |||
+ t('core', 'I know what I\'m doing') | |||
+ '</label><br />' | |||
+ '<a id="lost-password-encryption" href>' | |||
+ t('core', 'Reset password') | |||
+ '</a>', | |||
resetErrorMsg : t('core', 'Password can not be changed. Please contact your administrator.'), | |||
init : function() { | |||
if ($('#lost-password-encryption').length){ | |||
$('#lost-password-encryption').click(OC.Lostpassword.sendLink); | |||
} else { | |||
$('#lost-password').click(OC.Lostpassword.sendLink); | |||
} | |||
$('#reset-password #submit').click(OC.Lostpassword.resetPassword); | |||
}, | |||
sendLink : function(event){ | |||
event.preventDefault(); | |||
if (!$('#user').val().length){ | |||
$('#submit').trigger('click'); | |||
} else { | |||
$.post( | |||
OC.filePath('core', 'ajax', 'password/lost'), | |||
{ | |||
user : $('#user').val(), | |||
proceed: $('#encrypted-continue').attr('checked') ? 'Yes' : 'No' | |||
}, | |||
OC.Lostpassword.sendLinkDone | |||
); | |||
} | |||
}, | |||
sendLinkDone : function(result){ | |||
if (result && result.status === 'success'){ | |||
OC.Lostpassword.sendLinkSuccess(); | |||
} else { | |||
if (result && result.msg){ | |||
var sendErrorMsg = result.msg; | |||
} else if (result && result.encryption) { | |||
var sendErrorMsg = OC.Lostpassword.encryptedMsg; | |||
} else { | |||
var sendErrorMsg = OC.Lostpassword.sendErrorMsg; | |||
} | |||
OC.Lostpassword.sendLinkError(sendErrorMsg); | |||
} | |||
}, | |||
sendLinkSuccess : function(msg){ | |||
var node = OC.Lostpassword.getSendStatusNode(); | |||
node.addClass('success').css({width:'auto'}); | |||
node.html(OC.Lostpassword.sendSuccessMsg); | |||
}, | |||
sendLinkError : function(msg){ | |||
var node = OC.Lostpassword.getSendStatusNode(); | |||
node.addClass('warning'); | |||
node.html(msg); | |||
OC.Lostpassword.init(); | |||
}, | |||
getSendStatusNode : function(){ | |||
if (!$('#lost-password').length){ | |||
$('<p id="lost-password"></p>').insertBefore($('#remember_login')); | |||
} else { | |||
$('#lost-password').replaceWith($('<p id="lost-password"></p>')); | |||
} | |||
return $('#lost-password'); | |||
}, | |||
resetPassword : function(event){ | |||
event.preventDefault(); | |||
if ($('#password').val()){ | |||
$.post( | |||
$('#password').parents('form').attr('action'), | |||
{ | |||
password : $('#password').val() | |||
}, | |||
OC.Lostpassword.resetDone | |||
); | |||
} | |||
}, | |||
resetDone : function(result){ | |||
if (result && result.status === 'success'){ | |||
$.post( | |||
OC.webroot + '/', | |||
{ | |||
user : window.location.href.split('/').pop(), | |||
password : $('#password').val() | |||
}, | |||
OC.Lostpassword.redirect | |||
); | |||
} else { | |||
if (result && result.msg){ | |||
var resetErrorMsg = result.msg; | |||
} else { | |||
var resetErrorMsg = OC.Lostpassword.resetErrorMsg; | |||
} | |||
OC.Lostpassword.resetError(resetErrorMsg); | |||
} | |||
}, | |||
redirect : function(msg){ | |||
window.location = OC.webroot; | |||
}, | |||
resetError : function(msg){ | |||
var node = OC.Lostpassword.getResetStatusNode(); | |||
node.addClass('warning'); | |||
node.html(msg); | |||
}, | |||
getResetStatusNode : function (){ | |||
if (!$('#lost-password').length){ | |||
$('<p id="lost-password"></p>').insertAfter($('#submit')); | |||
} else { | |||
$('#lost-password').replaceWith($('<p id="lost-password"></p>')); | |||
} | |||
return $('#lost-password'); | |||
} | |||
}; | |||
$(document).ready(OC.Lostpassword.init); |
@@ -0,0 +1,45 @@ | |||
<?php | |||
/** | |||
* @author Victor Dubiniuk | |||
* @copyright 2013 Victor Dubiniuk victor.dubiniuk@gmail.com | |||
* | |||
* This file is licensed under the Affero General Public License version 3 or | |||
* later. | |||
* See the COPYING-README file. | |||
*/ | |||
namespace OC\Core\LostPassword; | |||
class AjaxController { | |||
public static function lost() { | |||
\OCP\JSON::callCheck(); | |||
try { | |||
Controller::sendEmail(@$_POST['user'], @$_POST['proceed']); | |||
\OCP\JSON::success(); | |||
} catch (EncryptedDataException $e){ | |||
\OCP\JSON::error( | |||
array('encryption' => '1') | |||
); | |||
} catch (\Exception $e){ | |||
\OCP\JSON::error( | |||
array('msg'=> $e->getMessage()) | |||
); | |||
} | |||
exit(); | |||
} | |||
public static function resetPassword($args) { | |||
\OCP\JSON::callCheck(); | |||
try { | |||
Controller::resetPassword($args); | |||
\OCP\JSON::success(); | |||
} catch (Exception $e){ | |||
\OCP\JSON::error( | |||
array('msg'=> $e->getMessage()) | |||
); | |||
} | |||
exit(); | |||
} | |||
} |
@@ -36,47 +36,37 @@ class Controller { | |||
return \OC_Preferences::getValue($user, 'owncloud', 'lostpassword') === hash('sha256', $token); | |||
} | |||
public static function index($args) { | |||
self::displayLostPasswordPage(false, false); | |||
} | |||
public static function sendEmail($args) { | |||
public static function sendEmail($user, $proceed) { | |||
$l = \OC_L10N::get('core'); | |||
$isEncrypted = \OC_App::isEnabled('files_encryption'); | |||
if(!$isEncrypted || isset($_POST['continue'])) { | |||
$continue = true; | |||
} else { | |||
$continue = false; | |||
if ($isEncrypted && $proceed !== 'Yes'){ | |||
throw new EncryptedDataException(); | |||
} | |||
if (\OC_User::userExists($_POST['user']) && $continue) { | |||
$token = hash('sha256', \OC_Util::generateRandomBytes(30).\OC_Config::getValue('passwordsalt', '')); | |||
\OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', | |||
hash('sha256', $token)); // Hash the token again to prevent timing attacks | |||
$email = \OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); | |||
if (!empty($email)) { | |||
$link = \OC_Helper::linkToRoute('core_lostpassword_reset', | |||
array('user' => $_POST['user'], 'token' => $token)); | |||
$link = \OC_Helper::makeURLAbsolute($link); | |||
if (!\OC_User::userExists($user)) { | |||
throw new \Exception($l->t('Couldn’t send reset email. Please make sure your username is correct.')); | |||
} | |||
$token = hash('sha256', \OC_Util::generateRandomBytes(30).\OC_Config::getValue('passwordsalt', '')); | |||
\OC_Preferences::setValue($user, 'owncloud', 'lostpassword', | |||
hash('sha256', $token)); // Hash the token again to prevent timing attacks | |||
$email = \OC_Preferences::getValue($user, 'settings', 'email', ''); | |||
if (empty($email)) { | |||
throw new \Exception($l->t('Couldn’t send reset email because there is no email address for this username. Please contact your administrator.')); | |||
} | |||
$link = \OC_Helper::linkToRoute('core_lostpassword_reset', | |||
array('user' => $user, 'token' => $token)); | |||
$link = \OC_Helper::makeURLAbsolute($link); | |||
$tmpl = new \OC_Template('core/lostpassword', 'email'); | |||
$tmpl->assign('link', $link, false); | |||
$msg = $tmpl->fetchPage(); | |||
$l = \OC_L10N::get('core'); | |||
$from = \OCP\Util::getDefaultEmailAddress('lostpassword-noreply'); | |||
try { | |||
$defaults = new \OC_Defaults(); | |||
\OC_Mail::send($email, $_POST['user'], $l->t('%s password reset', array($defaults->getName())), $msg, $from, $defaults->getName()); | |||
} catch (Exception $e) { | |||
\OC_Template::printErrorPage( $l->t('A problem has occurred whilst sending the email, please contact your administrator.') ); | |||
} | |||
self::displayLostPasswordPage(false, true); | |||
} else { | |||
self::displayLostPasswordPage(true, false); | |||
} | |||
} else { | |||
self::displayLostPasswordPage(true, false); | |||
$tmpl = new \OC_Template('core/lostpassword', 'email'); | |||
$tmpl->assign('link', $link, false); | |||
$msg = $tmpl->fetchPage(); | |||
$from = \OCP\Util::getDefaultEmailAddress('lostpassword-noreply'); | |||
try { | |||
$defaults = new \OC_Defaults(); | |||
\OC_Mail::send($email, $user, $l->t('%s password reset', array($defaults->getName())), $msg, $from, $defaults->getName()); | |||
} catch (\Exception $e) { | |||
throw new \Exception( $l->t('Couldn’t send reset email. Please contact your administrator.')); | |||
} | |||
} | |||
@@ -0,0 +1,14 @@ | |||
<?php | |||
/** | |||
* @author Victor Dubiniuk | |||
* @copyright 2013 Victor Dubiniuk victor.dubiniuk@gmail.com | |||
* | |||
* This file is licensed under the Affero General Public License version 3 or | |||
* later. | |||
* See the COPYING-README file. | |||
*/ | |||
namespace OC\Core\LostPassword; | |||
class EncryptedDataException extends \Exception{ | |||
} |
@@ -8,7 +8,7 @@ OCP\Util::addStyle('lostpassword', 'lostpassword'); | |||
?> | |||
</p></div> | |||
<?php else: ?> | |||
<form action="<?php print_unescaped(OC_Helper::linkToRoute('core_lostpassword_send_email')) ?>" method="post"> | |||
<form action="<?php //print_unescaped(OC_Helper::linkToRoute('core_lostpassword_send_email')) ?>" method="post"> | |||
<fieldset> | |||
<?php if ($_['error']): ?> | |||
<div class="error"><p> |
@@ -70,18 +70,15 @@ $this->create('core_ajax_preview', '/core/preview') | |||
->actionInclude('core/ajax/preview.php'); | |||
$this->create('core_ajax_preview', '/core/preview.png') | |||
->actionInclude('core/ajax/preview.php'); | |||
$this->create('core_lostpassword_index', '/lostpassword/') | |||
->get() | |||
->action('OC\Core\LostPassword\Controller', 'index'); | |||
$this->create('core_lostpassword_send_email', '/lostpassword/') | |||
$this->create('core_ajax_password_lost', '/core/ajax/password/lost') | |||
->post() | |||
->action('OC\Core\Lostpassword\AjaxController', 'lost'); | |||
$this->create('core_ajax_password_reset', '/core/ajax/password/reset/{token}/{user}') | |||
->post() | |||
->action('OC\Core\LostPassword\Controller', 'sendEmail'); | |||
->action('OC\Core\LostPassword\AjaxController', 'resetPassword'); | |||
$this->create('core_lostpassword_reset', '/lostpassword/reset/{token}/{user}') | |||
->get() | |||
->action('OC\Core\LostPassword\Controller', 'reset'); | |||
$this->create('core_lostpassword_reset_password', '/lostpassword/reset/{token}/{user}') | |||
->post() | |||
->action('OC\Core\LostPassword\Controller', 'resetPassword'); | |||
// Avatar routes | |||
$this->create('core_avatar_get_tmp', '/avatar/tmp') |
@@ -46,8 +46,8 @@ | |||
</p> | |||
<?php if (isset($_['invalidpassword']) && ($_['invalidpassword'])): ?> | |||
<a class="warning" href="<?php print_unescaped(OC_Helper::linkToRoute('core_lostpassword_index')) ?>"> | |||
<?php p($l->t('Lost your password?')); ?> | |||
<a id="lost-password" class="warning" href=""> | |||
<?php p($l->t('Forgot your password? Reset it!')); ?> | |||
</a> | |||
<?php endif; ?> | |||
<?php if ($_['rememberLoginAllowed'] === true) : ?> | |||
@@ -74,4 +74,4 @@ | |||
<?php | |||
OCP\Util::addscript('core', 'visitortimezone'); | |||
OCP\Util::addScript('core', 'lostpassword'); |