diff options
author | tobiasKaminsky <tobias@kaminsky.me> | 2016-11-23 19:50:58 +0100 |
---|---|---|
committer | Morris Jobke <hey@morrisjobke.de> | 2017-02-15 17:45:12 -0600 |
commit | 3c7755fc662b0fcedad261e2e12755faedb1c567 (patch) | |
tree | 962c0674bade27335e140c650dbc2df2f70d90f6 /settings/Controller | |
parent | 52ef851da32be72dcf7b2a0c7e1386581f9dfda6 (diff) | |
download | nextcloud-server-3c7755fc662b0fcedad261e2e12755faedb1c567.tar.gz nextcloud-server-3c7755fc662b0fcedad261e2e12755faedb1c567.zip |
send email to new user with password forgotten link to create own password
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'settings/Controller')
-rw-r--r-- | settings/Controller/UsersController.php | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php index 719b6eb68f6..f9be5468d35 100644 --- a/settings/Controller/UsersController.php +++ b/settings/Controller/UsersController.php @@ -49,7 +49,9 @@ use OCP\IUserManager; use OCP\IUserSession; use OCP\Mail\IMailer; use OCP\IAvatarManager; -use Punic\Exception; +use OCP\Security\ICrypto; +use OCP\Security\ISecureRandom; +use OC\AppFramework\Utility\TimeFactory; /** * @package OC\Settings\Controller @@ -85,6 +87,13 @@ class UsersController extends Controller { private $avatarManager; /** @var AccountManager */ private $accountManager; + /** @var ISecureRandom */ + private $secureRandom; + /** @var TimeFactory */ + private $timeFactory; + /** @var ICrypto */ + private $crypto; + /** * @param string $appName @@ -103,6 +112,9 @@ class UsersController extends Controller { * @param IAppManager $appManager * @param IAvatarManager $avatarManager * @param AccountManager $accountManager + * @param ISecureRandom $secureRandom + * @param TimeFactory $timeFactory + * @param ICrypto $crypto */ public function __construct($appName, IRequest $request, @@ -119,8 +131,10 @@ class UsersController extends Controller { IURLGenerator $urlGenerator, IAppManager $appManager, IAvatarManager $avatarManager, - AccountManager $accountManager -) { + AccountManager $accountManager, + ISecureRandom $secureRandom, + TimeFactory $timeFactory, + ICrypto $crypto) { parent::__construct($appName, $request); $this->userManager = $userManager; $this->groupManager = $groupManager; @@ -135,6 +149,9 @@ class UsersController extends Controller { $this->urlGenerator = $urlGenerator; $this->avatarManager = $avatarManager; $this->accountManager = $accountManager; + $this->secureRandom = $secureRandom; + $this->timeFactory = $timeFactory; + $this->crypto = $crypto; // check for encryption state - TODO see formatUserForIndex $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption'); @@ -394,10 +411,24 @@ class UsersController extends Controller { if($email !== '') { $user->setEMailAddress($email); + $token = $this->secureRandom->generate( + 21, + ISecureRandom::CHAR_DIGITS. + ISecureRandom::CHAR_LOWER. + ISecureRandom::CHAR_UPPER + ); + $tokenValue = $this->timeFactory->getTime() .':'. $token; + $mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : ''; + $encryptedValue = $this->crypto->encrypt($tokenValue, $mailAddress.$this->config->getSystemValue('secret')); + $this->config->setUserValue($username, 'core', 'lostpassword', $encryptedValue); + + $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $username, 'token' => $token)); + + // data for the mail template $mailData = array( 'username' => $username, - 'url' => $this->urlGenerator->getAbsoluteURL('/') + 'url' =>$link ); $mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank'); |