From fcda3a20f455795b898161ec4ada0aeb500b9218 Mon Sep 17 00:00:00 2001
From: Bjoern Schiessle <bjoern@schiessle.org>
Date: Mon, 2 Jan 2017 21:24:37 +0100
Subject: create new encryption keys on password reset and backup the old one

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
---
 core/Controller/LostController.php | 7 ++-----
 core/js/lostpassword.js            | 2 +-
 2 files changed, 3 insertions(+), 6 deletions(-)

(limited to 'core')

diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index b12abf38142..a0ef87e50d8 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -234,6 +234,8 @@ class LostController extends Controller {
 			$this->checkPasswordResetToken($token, $userId);
 			$user = $this->userManager->get($userId);
 
+			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', array('uid' => $userId, 'password' => $password));
+
 			if (!$user->setPassword($password)) {
 				throw new \Exception();
 			}
@@ -242,11 +244,6 @@ class LostController extends Controller {
 
 			$this->config->deleteUserValue($userId, 'core', 'lostpassword');
 			@\OC_User::unsetMagicInCookie();
-		} catch (PrivateKeyMissingException $e) {
-			// in this case it is OK if we couldn't reset the users private key
-			// They chose explicitely to continue at the password reset dialog
-			// (see $proceed flag)
-			return $this->success();
 		} catch (\Exception $e){
 			return $this->error($e->getMessage());
 		}
diff --git a/core/js/lostpassword.js b/core/js/lostpassword.js
index 30d7b98f4e8..6e18dcc1f8b 100644
--- a/core/js/lostpassword.js
+++ b/core/js/lostpassword.js
@@ -4,7 +4,7 @@ OC.Lostpassword = {
 
 	sendSuccessMsg : t('core', 'The link to reset your password has been sent to your email. If you do not receive it within a reasonable amount of time, check your spam/junk folders.<br>If it is not there ask your local administrator.'),
 
-	encryptedMsg : t('core', "Your files are encrypted. If you haven't enabled the recovery key, there will be no way to get your data back after your password is reset.<br />If you are not sure what to do, please contact your administrator before you continue. <br />Do you really want to continue?")
+	encryptedMsg : t('core', "Your files are encrypted. There will be no way to get your data back after your password is reset.<br />If you are not sure what to do, please contact your administrator before you continue. <br />Do you really want to continue?")
 			+ ('<br /><input type="checkbox" id="encrypted-continue" value="Yes" />')
 			+ '<label for="encrypted-continue">'
 			+ t('core', 'I know what I\'m doing')
-- 
cgit v1.2.3