summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortobiasKaminsky <tobias@kaminsky.me>2016-11-23 19:50:58 +0100
committerMorris Jobke <hey@morrisjobke.de>2017-02-15 17:45:12 -0600
commit3c7755fc662b0fcedad261e2e12755faedb1c567 (patch)
tree962c0674bade27335e140c650dbc2df2f70d90f6
parent52ef851da32be72dcf7b2a0c7e1386581f9dfda6 (diff)
downloadnextcloud-server-3c7755fc662b0fcedad261e2e12755faedb1c567.tar.gz
nextcloud-server-3c7755fc662b0fcedad261e2e12755faedb1c567.zip
send email to new user with password forgotten link to create own password
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
-rw-r--r--settings/Controller/UsersController.php39
1 files changed, 35 insertions, 4 deletions
diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php
index 719b6eb68f6..f9be5468d35 100644
--- a/settings/Controller/UsersController.php
+++ b/settings/Controller/UsersController.php
@@ -49,7 +49,9 @@ use OCP\IUserManager;
use OCP\IUserSession;
use OCP\Mail\IMailer;
use OCP\IAvatarManager;
-use Punic\Exception;
+use OCP\Security\ICrypto;
+use OCP\Security\ISecureRandom;
+use OC\AppFramework\Utility\TimeFactory;
/**
* @package OC\Settings\Controller
@@ -85,6 +87,13 @@ class UsersController extends Controller {
private $avatarManager;
/** @var AccountManager */
private $accountManager;
+ /** @var ISecureRandom */
+ private $secureRandom;
+ /** @var TimeFactory */
+ private $timeFactory;
+ /** @var ICrypto */
+ private $crypto;
+
/**
* @param string $appName
@@ -103,6 +112,9 @@ class UsersController extends Controller {
* @param IAppManager $appManager
* @param IAvatarManager $avatarManager
* @param AccountManager $accountManager
+ * @param ISecureRandom $secureRandom
+ * @param TimeFactory $timeFactory
+ * @param ICrypto $crypto
*/
public function __construct($appName,
IRequest $request,
@@ -119,8 +131,10 @@ class UsersController extends Controller {
IURLGenerator $urlGenerator,
IAppManager $appManager,
IAvatarManager $avatarManager,
- AccountManager $accountManager
-) {
+ AccountManager $accountManager,
+ ISecureRandom $secureRandom,
+ TimeFactory $timeFactory,
+ ICrypto $crypto) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->groupManager = $groupManager;
@@ -135,6 +149,9 @@ class UsersController extends Controller {
$this->urlGenerator = $urlGenerator;
$this->avatarManager = $avatarManager;
$this->accountManager = $accountManager;
+ $this->secureRandom = $secureRandom;
+ $this->timeFactory = $timeFactory;
+ $this->crypto = $crypto;
// check for encryption state - TODO see formatUserForIndex
$this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption');
@@ -394,10 +411,24 @@ class UsersController extends Controller {
if($email !== '') {
$user->setEMailAddress($email);
+ $token = $this->secureRandom->generate(
+ 21,
+ ISecureRandom::CHAR_DIGITS.
+ ISecureRandom::CHAR_LOWER.
+ ISecureRandom::CHAR_UPPER
+ );
+ $tokenValue = $this->timeFactory->getTime() .':'. $token;
+ $mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
+ $encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress.$this->config->getSystemValue('secret'));
+ $this->config->setUserValue($username, 'core', 'lostpassword', $encryptedValue);
+
+ $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $username, 'token' => $token));
+
+
// data for the mail template
$mailData = array(
'username' => $username,
- 'url' => $this->urlGenerator->getAbsoluteURL('/')
+ 'url' =>$link
);
$mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank');