CC-3110 : Password reset

basic functionality password reset using sendmail
2011-12-21 16:01:29 -08:00 · 2011-12-21 16:01:29 -08:00 · 52b0e3c5f9
commit 52b0e3c5f9
parent ac50c279f7
26 changed files with 3024 additions and 23 deletions
--- a/airtime_mvc/application/controllers/AuthController.php
+++ b/airtime_mvc/application/controllers/AuthController.php
@ -0,0 +1,90 @@
+<?php
+
+class AuthController extends Zend_Controller_Action
+{
+    public function init()
+    {
+    
+    }
+    
+    public function passwordRestoreAction()
+    {
+    	//uses separate layout without a navigation.
+        $this->_helper->layout->setLayout('bare');
+    	
+    	$form = new Application_Form_PasswordRestore();
+
+        $request = $this->getRequest();
+        if ($request->isPost() && $form->isValid($request->getPost())) {
+            $user = CcSubjsQuery::create()
+                ->filterByDbEmail($form->email->getValue())
+                ->findOne();
+
+            if (!empty($user)) {
+                $auth = new Application_Model_Auth();
+                
+                $auth->sendPasswordRestoreLink($user, $this->view);
+                //$this->_helper->redirector('password-restore-after', 'auth');
+            } 
+            else {
+                $form->email->addError($this->view->translate("Given email not found."));
+            }
+        }
+
+        $this->view->form = $form;
+    }
+    
+    public function passwordRestoreAfterAction()
+    {
+        //uses separate layout without a navigation.
+        $this->_helper->layout->setLayout('bare');
+    }
+    
+    public function passwordChangeAction()
+    {
+    	//uses separate layout without a navigation.
+        $this->_helper->layout->setLayout('bare');
+        
+        $request = $this->getRequest();
+        $token = $request->getParam("token", false);
+        $user_id = $request->getParam("user_id", 0); 
+
+        $form = new Application_Form_PasswordChange();
+        $auth = new Application_Model_Auth();
+        $user = CcSubjsQuery::create()->findPK($user_id);
+        
+        //check validity of token
+        if (!$auth->checkToken($user_id, $token, 'password.restore')) {
+        	echo "token not valid";
+            //$this->_helper->redirector('index', 'login');
+        }
+        
+        if ($request->isPost() && $form->isValid($request->getPost())) {
+        	
+        	$user->setDbPass(md5($form->password->getValue()));
+        	$user->save();
+        	
+        	$auth->invalidateTokens($user, 'password.restore');
+            
+        	$zend_auth = Zend_Auth::getInstance();
+            $zend_auth->clearIdentity();
+            
+            $authAdapter = Application_Model_Auth::getAuthAdapter();
+            $authAdapter->setIdentity($user->getDbLogin())
+                        ->setCredential($form->password->getValue());
+                        
+            $result = $zend_auth->authenticate($authAdapter);
+                
+            //all info about this user from the login table omit only the password
+            $userInfo = $authAdapter->getResultRowObject(null, 'password');
+            
+            //the default storage is a session with namespace Zend_Auth
+            $authStorage = $zend_auth->getStorage();
+            $authStorage->write($userInfo);
+                
+            $this->_helper->redirector('index', 'nowplaying');     
+        }
+
+        $this->view->form = $form;
+    }
+}
--- a/airtime_mvc/application/controllers/LoginController.php
+++ b/airtime_mvc/application/controllers/LoginController.php
@ -43,7 +43,7 @@ class LoginController extends Zend_Controller_Action
                if(Application_Model_Subjects::getLoginAttempts($username) >= 3 && $form->getElement('captcha') == NULL){
                    $form->addRecaptcha();
                }else{
-                    $authAdapter = $this->getAuthAdapter();
+                    $authAdapter = Application_Model_Auth::getAuthAdapter();

                    //pass to the adapter the submitted username and password
                    $authAdapter->setIdentity($username)
@ -92,25 +92,6 @@ class LoginController extends Zend_Controller_Action
        Zend_Auth::getInstance()->clearIdentity();
        $this->_redirect('login/index');
    }
-
-	 /**
-     * Gets the adapter for authentication against a database table
-     *
-     * @return object
-     */
-    protected function getAuthAdapter()
-    {
-        $dbAdapter = Zend_Db_Table::getDefaultAdapter();
-        $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
-
-        $authAdapter->setTableName('cc_subjs')
-                    ->setIdentityColumn('login')
-                    ->setCredentialColumn('pass')
-                    ->setCredentialTreatment('MD5(?)');
-                    
-        return $authAdapter;
-    }
-
 }


--- a/airtime_mvc/application/controllers/plugins/Acl_plugin.php
+++ b/airtime_mvc/application/controllers/plugins/Acl_plugin.php
@ -110,8 +110,8 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
    {
 		$controller = strtolower($request->getControllerName());
 		
-		if ($controller == 'api'){
-
+		if (in_array($controller, array("api", "auth"))){
+            			
 			$this->setRoleName("G");	
 		} 
        else if (!Zend_Auth::getInstance()->hasIdentity()){