diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2017-04-05 09:12:41 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-05 09:12:41 +0200 |
| commit | 6bdd3a167d9872c315236a09233f4a161ae48797 (patch) | |
| tree | 038f59ad3b93b8a67d75fbc52eac58ac19e02c2b /core | |
| parent | ddd157a84ced582d781179a43cc25d40bc3ac803 (diff) | |
| parent | 4bae7ef96d1facebcaf74257e9e4add320516a3e (diff) | |
| download | nextcloud-server-6bdd3a167d9872c315236a09233f4a161ae48797.tar.gz nextcloud-server-6bdd3a167d9872c315236a09233f4a161ae48797.zip | |
Merge pull request #4123 from nextcloud/allow-password-reset-with-email
Allow to reset the password with the email as an input
Diffstat (limited to 'core')
| -rw-r--r-- | core/Controller/LostController.php | 39 |
1 files changed, 26 insertions, 13 deletions
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index 8a8a50343ed..4de1cf5eb00 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -39,6 +39,7 @@ use \OCP\IURLGenerator; use \OCP\IRequest; use \OCP\IL10N; use \OCP\IConfig; +use OCP\IUser; use OCP\IUserManager; use OCP\Mail\IMailer; use OCP\Security\ICrypto; @@ -253,16 +254,12 @@ class LostController extends Controller { } /** - * @param string $user + * @param string $input * @throws \Exception */ - protected function sendEmail($user) { - if (!$this->userManager->userExists($user)) { - throw new \Exception($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.')); - } - - $userObject = $this->userManager->get($user); - $email = $userObject->getEMailAddress(); + protected function sendEmail($input) { + $user = $this->findUserByIdOrMail($input); + $email = $user->getEMailAddress(); if (empty($email)) { throw new \Exception( @@ -281,11 +278,10 @@ class LostController extends Controller { ISecureRandom::CHAR_UPPER ); $tokenValue = $this->timeFactory->getTime() .':'. $token; - $mailAddress = !is_null($userObject->getEMailAddress()) ? $userObject->getEMailAddress() : ''; - $encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress.$this->config->getSystemValue('secret')); - $this->config->setUserValue($user, 'core', 'lostpassword', $encryptedValue); + $encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret')); + $this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue); - $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user, 'token' => $token)); + $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token)); $tmpl = new \OC_Template('core', 'lostpassword/email'); $tmpl->assign('link', $link); @@ -293,7 +289,7 @@ class LostController extends Controller { try { $message = $this->mailer->createMessage(); - $message->setTo([$email => $user]); + $message->setTo([$email => $user->getUID()]); $message->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()])); $message->setPlainBody($msg); $message->setFrom([$this->from => $this->defaults->getName()]); @@ -305,4 +301,21 @@ class LostController extends Controller { } } + /** + * @param string $input + * @return IUser + * @throws \Exception + */ + protected function findUserByIdOrMail($input) { + $user = $this->userManager->get($input); + if ($user instanceof IUser) { + return $user; + } + $users = $this->userManager->getByEmail($input); + if (count($users) === 1) { + return $users[0]; + } + + throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.')); + } } |