RenewPasswordController.php 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2017 Roger Szabo <roger.szabo@web.de>
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Roger Szabo <roger.szabo@web.de>
  7. *
  8. * @license GNU AGPL version 3 or any later version
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as
  12. * published by the Free Software Foundation, either version 3 of the
  13. * License, or (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. */
  24. namespace OCA\User_LDAP\Controller;
  25. use OCP\AppFramework\Controller;
  26. use OCP\AppFramework\Http\RedirectResponse;
  27. use OCP\AppFramework\Http\TemplateResponse;
  28. use OCP\HintException;
  29. use OCP\IConfig;
  30. use OCP\IL10N;
  31. use OCP\IRequest;
  32. use OCP\ISession;
  33. use OCP\IURLGenerator;
  34. use OCP\IUser;
  35. use OCP\IUserManager;
  36. class RenewPasswordController extends Controller {
  37. /** @var IUserManager */
  38. private $userManager;
  39. /** @var IConfig */
  40. private $config;
  41. /** @var IL10N */
  42. protected $l10n;
  43. /** @var ISession */
  44. private $session;
  45. /** @var IURLGenerator */
  46. private $urlGenerator;
  47. /**
  48. * @param string $appName
  49. * @param IRequest $request
  50. * @param IUserManager $userManager
  51. * @param IConfig $config
  52. * @param IURLGenerator $urlGenerator
  53. */
  54. public function __construct($appName, IRequest $request, IUserManager $userManager,
  55. IConfig $config, IL10N $l10n, ISession $session, IURLGenerator $urlGenerator) {
  56. parent::__construct($appName, $request);
  57. $this->userManager = $userManager;
  58. $this->config = $config;
  59. $this->l10n = $l10n;
  60. $this->session = $session;
  61. $this->urlGenerator = $urlGenerator;
  62. }
  63. /**
  64. * @PublicPage
  65. * @NoCSRFRequired
  66. *
  67. * @return RedirectResponse
  68. */
  69. public function cancel() {
  70. return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
  71. }
  72. /**
  73. * @PublicPage
  74. * @NoCSRFRequired
  75. * @UseSession
  76. *
  77. * @param string $user
  78. *
  79. * @return TemplateResponse|RedirectResponse
  80. */
  81. public function showRenewPasswordForm($user) {
  82. if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') {
  83. return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
  84. }
  85. $parameters = [];
  86. $renewPasswordMessages = $this->session->get('renewPasswordMessages');
  87. $errors = [];
  88. $messages = [];
  89. if (is_array($renewPasswordMessages)) {
  90. [$errors, $messages] = $renewPasswordMessages;
  91. }
  92. $this->session->remove('renewPasswordMessages');
  93. foreach ($errors as $value) {
  94. $parameters[$value] = true;
  95. }
  96. $parameters['messages'] = $messages;
  97. $parameters['user'] = $user;
  98. $parameters['canResetPassword'] = true;
  99. $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
  100. if (!$parameters['resetPasswordLink']) {
  101. $userObj = $this->userManager->get($user);
  102. if ($userObj instanceof IUser) {
  103. $parameters['canResetPassword'] = $userObj->canChangePassword();
  104. }
  105. }
  106. $parameters['cancelLink'] = $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm');
  107. return new TemplateResponse(
  108. $this->appName, 'renewpassword', $parameters, 'guest'
  109. );
  110. }
  111. /**
  112. * @PublicPage
  113. * @UseSession
  114. *
  115. * @param string $user
  116. * @param string $oldPassword
  117. * @param string $newPassword
  118. *
  119. * @return RedirectResponse
  120. */
  121. public function tryRenewPassword($user, $oldPassword, $newPassword) {
  122. if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') {
  123. return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
  124. }
  125. $args = !is_null($user) ? ['user' => $user] : [];
  126. $loginResult = $this->userManager->checkPassword($user, $oldPassword);
  127. if ($loginResult === false) {
  128. $this->session->set('renewPasswordMessages', [
  129. ['invalidpassword'], []
  130. ]);
  131. return new RedirectResponse($this->urlGenerator->linkToRoute('user_ldap.renewPassword.showRenewPasswordForm', $args));
  132. }
  133. try {
  134. if (!is_null($newPassword) && \OC_User::setPassword($user, $newPassword)) {
  135. $this->session->set('loginMessages', [
  136. [], [$this->l10n->t("Please login with the new password")]
  137. ]);
  138. $this->config->setUserValue($user, 'user_ldap', 'needsPasswordReset', 'false');
  139. return new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
  140. } else {
  141. $this->session->set('renewPasswordMessages', [
  142. ['internalexception'], []
  143. ]);
  144. }
  145. } catch (HintException $e) {
  146. $this->session->set('renewPasswordMessages', [
  147. [], [$e->getHint()]
  148. ]);
  149. }
  150. return new RedirectResponse($this->urlGenerator->linkToRoute('user_ldap.renewPassword.showRenewPasswordForm', $args));
  151. }
  152. /**
  153. * @PublicPage
  154. * @NoCSRFRequired
  155. * @UseSession
  156. *
  157. * @return RedirectResponse
  158. */
  159. public function showLoginFormInvalidPassword($user) {
  160. $args = !is_null($user) ? ['user' => $user] : [];
  161. $this->session->set('loginMessages', [
  162. ['invalidpassword'], []
  163. ]);
  164. return new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
  165. }
  166. }