zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-05-31 09:43:58 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fixed CP password reset

Browse source
This commit is contained in:
Pinga 2024-01-15 13:44:39 +02:00
parent fbc62d587f
commit af5bbacfe7
6 changed files with 77 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

10
cp/app/Auth/Auth.php
View file

@ -183,14 +183,16 @@ class Auth
* @param $email * @param $email
* @throws \Pinga\Auth\AuthError * @throws \Pinga\Auth\AuthError
*/ */
public static function forgotPassword($email){ public static function forgotPassword($email,$username){
$auth = self::$auth; $auth = self::$auth;
try { try {
$auth->forgotPassword($email, function ($selector, $token) use ($email) { $auth->forgotPassword($email, function ($selector, $token) use ($email,$username) {
$link = url('reset.password',[],['selector'=>urlencode($selector),'token'=>urlencode($token)]); $link = url('reset.password',[],['selector'=>urlencode($selector),'token'=>urlencode($token)]);
$message = file_get_contents(__DIR__.'/../../resources/views/auth/mail/reset-password.html'); $message = file_get_contents(__DIR__.'/../../resources/views/auth/mail/reset-password.html');
$message = str_replace(['{link}','{app_name}'],[$link,envi('APP_NAME')],$message); $placeholders = ['{user_first_name}', '{link}', '{app_name}'];
$subject = 'Reset Password'; $replacements = [ucfirst($username), $link, envi('APP_NAME')];
$message = str_replace($placeholders, $replacements, $message);
$subject = '[' . envi('APP_NAME') . '] Action Required: Reset Your Password';
$from = ['email'=>envi('MAIL_FROM_ADDRESS'), 'name'=>envi('MAIL_FROM_NAME')]; $from = ['email'=>envi('MAIL_FROM_ADDRESS'), 'name'=>envi('MAIL_FROM_NAME')];
$to = ['email'=>$email, 'name'=>'']; $to = ['email'=>$email, 'name'=>''];
// send message // send message

5
cp/app/Controllers/Auth/PasswordController.php
View file

@ -32,8 +32,11 @@ class PasswordController extends Controller
* @throws \Pinga\Auth\AuthError * @throws \Pinga\Auth\AuthError
*/ */
public function forgotPassword(Request $request, Response $response){ public function forgotPassword(Request $request, Response $response){
global $container;
$db = $container->get('db');
$data = $request->getParsedBody(); $data = $request->getParsedBody();
Auth::forgotPassword($data['email']); $username = $db->selectValue('SELECT username FROM users WHERE email = ?', [$data['email']]);
Auth::forgotPassword($data['email'],$username);
} }
/** /**

2
cp/composer.json
View file

@ -24,7 +24,7 @@
"php-di/php-di": "^7.0.6", "php-di/php-di": "^7.0.6",
"nyholm/psr7": "^1.8.1", "nyholm/psr7": "^1.8.1",
"nyholm/psr7-server": "^1.1.0", "nyholm/psr7-server": "^1.1.0",
"pinga/auth": "^0.3.3", "pinga/auth": "^0.3.4",
"filp/whoops": "^2.15.3", "filp/whoops": "^2.15.3",
"imefisto/psr-swoole-native": "^1.1.2", "imefisto/psr-swoole-native": "^1.1.2",
"chubbyphp/chubbyphp-static-file": "^1.2", "chubbyphp/chubbyphp-static-file": "^1.2",

33
cp/resources/views/auth/mail/reset-password.html
View file

@ -173,9 +173,9 @@
<table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:collapse;border-spacing:0px;"> <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="border-collapse:collapse;border-spacing:0px;">
<tbody> <tbody>
<tr> <tr>
<td style="width:64px;"> <td style="width:180px;">
<img height="auto" src="https://i.imgur.com/KO1vcE9.png" style="border:0;display:block;outline:none;text-decoration:none;width:100%;" width="64" /> <img height="auto" src="https://namingo.org/logo.png" style="border:0;display:block;outline:none;text-decoration:none;width:100%;" width="180" />
</td> </td>
</tr> </tr>
@ -189,7 +189,16 @@
<td align="center" style="font-size:0px;padding:10px 25px;padding-bottom:40px;word-break:break-word;"> <td align="center" style="font-size:0px;padding:10px 25px;padding-bottom:40px;word-break:break-word;">
<div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:18px;line-height:1;text-align:center;color:#555;"> <div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:18px;line-height:1;text-align:center;color:#555;">
Password reset request <p>Dear {user_first_name},</p>
<p>We received a request to reset the password for your account. If you did not initiate this request, please rest assured that your account remains secure and you can safely disregard this email.</p>
</div>
<div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:18px;line-height:1;text-align:center;color:#555;">
<p><strong>To Reset Your Password:</strong></p>
<ol>
<li>Click the button below within the next 24 hours. If the link expires, you can initiate a new password reset request.</li>
<li>Follow the instructions to create a new password.</li>
</ol>
</div> </div>
</td> </td>
@ -216,7 +225,23 @@
<td align="center" style="font-size:0px;padding:10px 25px;padding-bottom:40px;word-break:break-word;"> <td align="center" style="font-size:0px;padding:10px 25px;padding-bottom:40px;word-break:break-word;">
<div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:16px;line-height:20px;text-align:center;color:#7F8FA4;"> <div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:16px;line-height:20px;text-align:center;color:#7F8FA4;">
If you did not make this request, just ignore this email. Otherwise please click the button above to reset your password. <p>For your security, please ensure your new password:</p>
<ul>
<li>Is at least 8 characters long.</li>
<li>Contains a mix of letters, numbers, and symbols.</li>
<li>Is not used for any other accounts.</li>
</ul>
</div>
<div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:16px;line-height:20px;text-align:center;color:#7F8FA4;">
<p><strong>Didn't Request a Password Reset?</strong></p>
<p>If you did not request a password reset, no further action is required. However, it's a good practice to regularly update your password and review your account security settings.</p>
<p>Thank you for taking the time to keep your account secure.</p>
</div>
<div style="font-family:'Helvetica Neue',Arial,sans-serif;font-size:16px;line-height:20px;text-align:center;color:#7F8FA4;">
<p>Best regards,<br />
{app_name} Support Team</p>
</div> </div>
</td> </td>

1
cp/resources/views/auth/password/forgot-password.twig
View file

@ -23,7 +23,6 @@
</div> </div>
<div class="form-footer"> <div class="form-footer">
<button type="submit" class="btn btn-primary w-100"> <button type="submit" class="btn btn-primary w-100">
<!-- Download SVG icon from http://tabler-icons.io/i/mail -->
<svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><rect x="3" y="5" width="18" height="14" rx="2" /><polyline points="3 7 12 13 21 7" /></svg> <svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><rect x="3" y="5" width="18" height="14" rx="2" /><polyline points="3 7 12 13 21 7" /></svg>
Send me new password Send me new password
</button> </button>

62
cp/resources/views/auth/password/update-password.twig
View file

@ -1,29 +1,41 @@
{% extends "layouts/auth.twig" %} {% extends "layouts/auth.twig" %}
{% block title %}Update Password{% endblock %} {% block title %}Reset Password{% endblock %}
{% block content %} {% block content %}
<form action="{{route('update.password')}}" name="register" method="post"> <div class="page page-center">
{{ csrf.field | raw }} <div class="container container-tight py-4">
<input type="hidden" name="selector" value="{{selector}}"> <div class="text-center mb-4">
<input type="hidden" name="token" value="{{token}}"> <a href="." class="navbar-brand navbar-brand-autodark"><img src="./static/logo-bw.svg" height="36" alt=""></a>
<div class="row d-flex align-items-center justify-content-center"> {% include 'partials/flash.twig' %}
<div class="col-md-6"> </div>
<div class="card px-5 py-5"> <form class="card card-md" action="{{route('update.password')}}" name="register" method="post" autocomplete="off">
<h5 class="mt-3">Reset Password</h5> {{ csrf.field | raw }}
<div class="form-input{{ errors.password ? ' has-error' : '' }}"> <input type="hidden" name="selector" value="{{selector}}">
<i class="fa fa-lock"></i> <input type="password" name="password" class="form-control" placeholder="Enter password"> <input type="hidden" name="token" value="{{token}}">
{% if errors.password %} <div class="card-body">
<span class="hel-block">{{ errors.password | first }}</span> <h2 class="card-title text-center mb-4">Reset Password</h2>
{% endif %} <p class="text-muted mb-4">You're just a step away from resetting your password. Please enter your new password below. Make sure it's strong and unique to keep your account secure.</p>
</div> <div class="mb-3 form-input{{ errors.password ? ' has-error' : '' }}">
<div class="form-input"> <i class="fa fa-lock"></i> <input type="password" name="password" class="form-control" placeholder="Enter password">
<i class="fa fa-lock"></i> <input type="password" name="password2" class="form-control" placeholder="Re-enter password"> {% if errors.password %}
</div> <span class="hel-block">{{ errors.password | first }}</span>
<button type="submit" class="btn btn-primary mt-4 signup">Reset Password</button> {% endif %}
</div> </div>
</div> <div class="form-input">
</div> <i class="fa fa-lock"></i> <input type="password" name="password2" class="form-control" placeholder="Re-enter password">
</form> </div>
{% endblock %} <div class="form-footer">
<button type="submit" class="btn btn-primary w-100">
<svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M20 11a8.1 8.1 0 0 0 -15.5 -2m-.5 -4v4h4" /><path d="M4 13a8.1 8.1 0 0 0 15.5 2m.5 4v-4h-4" /></svg>
Reset Password
</button>
</div>
</div>
</form>
<div class="text-center text-muted mt-3">
Forget it, <a href="{{route('login')}}">send me back</a> to the sign in screen.
</div>
</div>
</div>
{% endblock %}