90 lines
2.9 KiB
PHP
90 lines
2.9 KiB
PHP
<?php
|
|
|
|
class AuthController extends Zend_Controller_Action
|
|
{
|
|
public function init()
|
|
{
|
|
|
|
}
|
|
|
|
public function passwordRestoreAction()
|
|
{
|
|
//uses separate layout without a navigation.
|
|
$this->_helper->layout->setLayout('bare');
|
|
|
|
$form = new Application_Form_PasswordRestore();
|
|
|
|
$request = $this->getRequest();
|
|
if ($request->isPost() && $form->isValid($request->getPost())) {
|
|
$user = CcSubjsQuery::create()
|
|
->filterByDbEmail($form->email->getValue())
|
|
->findOne();
|
|
|
|
if (!empty($user)) {
|
|
$auth = new Application_Model_Auth();
|
|
|
|
$auth->sendPasswordRestoreLink($user, $this->view);
|
|
$this->_helper->redirector('password-restore-after', 'auth');
|
|
}
|
|
else {
|
|
$form->email->addError($this->view->translate("Given email not found."));
|
|
}
|
|
}
|
|
|
|
$this->view->form = $form;
|
|
}
|
|
|
|
public function passwordRestoreAfterAction()
|
|
{
|
|
//uses separate layout without a navigation.
|
|
$this->_helper->layout->setLayout('bare');
|
|
}
|
|
|
|
public function passwordChangeAction()
|
|
{
|
|
//uses separate layout without a navigation.
|
|
$this->_helper->layout->setLayout('bare');
|
|
|
|
$request = $this->getRequest();
|
|
$token = $request->getParam("token", false);
|
|
$user_id = $request->getParam("user_id", 0);
|
|
|
|
$form = new Application_Form_PasswordChange();
|
|
$auth = new Application_Model_Auth();
|
|
$user = CcSubjsQuery::create()->findPK($user_id);
|
|
|
|
//check validity of token
|
|
if (!$auth->checkToken($user_id, $token, 'password.restore')) {
|
|
echo "token not valid";
|
|
//$this->_helper->redirector('index', 'login');
|
|
}
|
|
|
|
if ($request->isPost() && $form->isValid($request->getPost())) {
|
|
|
|
$user->setDbPass(md5($form->password->getValue()));
|
|
$user->save();
|
|
|
|
$auth->invalidateTokens($user, 'password.restore');
|
|
|
|
$zend_auth = Zend_Auth::getInstance();
|
|
$zend_auth->clearIdentity();
|
|
|
|
$authAdapter = Application_Model_Auth::getAuthAdapter();
|
|
$authAdapter->setIdentity($user->getDbLogin())
|
|
->setCredential($form->password->getValue());
|
|
|
|
$result = $zend_auth->authenticate($authAdapter);
|
|
|
|
//all info about this user from the login table omit only the password
|
|
$userInfo = $authAdapter->getResultRowObject(null, 'password');
|
|
|
|
//the default storage is a session with namespace Zend_Auth
|
|
$authStorage = $zend_auth->getStorage();
|
|
$authStorage->write($userInfo);
|
|
|
|
$this->_helper->redirector('index', 'nowplaying');
|
|
}
|
|
|
|
$this->view->form = $form;
|
|
}
|
|
} |