diff options
| author | Bjoern Schiessle <bjoern@schiessle.org> | 2017-01-02 21:24:37 +0100 |
|---|---|---|
| committer | Bjoern Schiessle <bjoern@schiessle.org> | 2017-01-10 17:04:32 +0100 |
| commit | fcda3a20f455795b898161ec4ada0aeb500b9218 (patch) | |
| tree | d1819e6c04954377ede49bbf80ebc02335acf2a2 /core | |
| parent | 40239decb1b36f1daff53710e01d81e18c24f4fc (diff) | |
| download | nextcloud-server-fcda3a20f455795b898161ec4ada0aeb500b9218.tar.gz nextcloud-server-fcda3a20f455795b898161ec4ada0aeb500b9218.zip | |
create new encryption keys on password reset and backup the old one
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'core')
| -rw-r--r-- | core/Controller/LostController.php | 7 | ||||
| -rw-r--r-- | core/js/lostpassword.js | 2 |
2 files changed, 3 insertions, 6 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index b12abf38142..a0ef87e50d8 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -234,6 +234,8 @@ class LostController extends Controller { $this->checkPasswordResetToken($token, $userId); $user = $this->userManager->get($userId); + \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', array('uid' => $userId, 'password' => $password)); + if (!$user->setPassword($password)) { throw new \Exception(); } @@ -242,11 +244,6 @@ class LostController extends Controller { $this->config->deleteUserValue($userId, 'core', 'lostpassword'); @\OC_User::unsetMagicInCookie(); - } catch (PrivateKeyMissingException $e) { - // in this case it is OK if we couldn't reset the users private key - // They chose explicitely to continue at the password reset dialog - // (see $proceed flag) - return $this->success(); } catch (\Exception $e){ return $this->error($e->getMessage()); } diff --git a/core/js/lostpassword.js b/core/js/lostpassword.js index 30d7b98f4e8..6e18dcc1f8b 100644 --- a/core/js/lostpassword.js +++ b/core/js/lostpassword.js @@ -4,7 +4,7 @@ OC.Lostpassword = { sendSuccessMsg : t('core', 'The link to reset your password has been sent to your email. If you do not receive it within a reasonable amount of time, check your spam/junk folders.<br>If it is not there ask your local administrator.'), - encryptedMsg : t('core', "Your files are encrypted. If you haven't enabled the recovery key, there will be no way to get your data back after your password is reset.<br />If you are not sure what to do, please contact your administrator before you continue. <br />Do you really want to continue?") + encryptedMsg : t('core', "Your files are encrypted. There will be no way to get your data back after your password is reset.<br />If you are not sure what to do, please contact your administrator before you continue. <br />Do you really want to continue?") + ('<br /><input type="checkbox" id="encrypted-continue" value="Yes" />') + '<label for="encrypted-continue">' + t('core', 'I know what I\'m doing') |