hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-24 02:13:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix mail link and returned hash

Browse Source
This commit is contained in:
aynsix
2020-03-03 11:41:15 +03:00
parent b5f6b5db9d
commit bb356e206f
1 changed files with 24 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
lib/Alchemy/Phrasea/Command/User/UserPasswordCommand.php
View File

@@ -36,7 +36,7 @@ class UserPasswordCommand extends Command
->addOption('user_id', null, InputOption::VALUE_REQUIRED, 'The id of user.') ->addOption('user_id', null, InputOption::VALUE_REQUIRED, 'The id of user.')
->addOption('generate', null, InputOption::VALUE_NONE, 'Generate and set with a random value') ->addOption('generate', null, InputOption::VALUE_NONE, 'Generate and set with a random value')
->addOption('password', null, InputOption::VALUE_OPTIONAL, 'Set the user password to the input value') ->addOption('password', null, InputOption::VALUE_OPTIONAL, 'Set the user password to the input value')
->addOption('send_mail_password', null, InputOption::VALUE_NONE, 'Send email link to user for password renewing, work only if --password or --generate are not define') ->addOption('send_renewal_email', null, InputOption::VALUE_NONE, 'Send email link to user for password renewing, work only if --password or --generate are not define')
->addOption('password_hash', null, InputOption::VALUE_OPTIONAL, 'Define a password hashed, work only with password_nonce') ->addOption('password_hash', null, InputOption::VALUE_OPTIONAL, 'Define a password hashed, work only with password_nonce')
->addOption('password_nonce', null, InputOption::VALUE_OPTIONAL, 'Define a password nonce, work only with password_hash') ->addOption('password_nonce', null, InputOption::VALUE_OPTIONAL, 'Define a password nonce, work only with password_hash')
->addOption('get_hash', null, InputOption::VALUE_NONE, 'Return the password hashed and nonce') ->addOption('get_hash', null, InputOption::VALUE_NONE, 'Return the password hashed and nonce')
@@ -57,7 +57,7 @@ class UserPasswordCommand extends Command
$user = $userRepository->find($input->getOption('user_id')); $user = $userRepository->find($input->getOption('user_id'));
$password = $input->getOption('password'); $password = $input->getOption('password');
$generate = $input->getOption('generate'); $generate = $input->getOption('generate');
$sendMailPassword = $input->getOption('send_mail_password'); $sendRenewalEmail = $input->getOption('send_renewal_email');
$getHash = $input->getOption('get_hash'); $getHash = $input->getOption('get_hash');
$passwordHash = $input->getOption('password_hash'); $passwordHash = $input->getOption('password_hash');
$passwordNonce = $input->getOption('password_nonce'); $passwordNonce = $input->getOption('password_nonce');
@@ -80,15 +80,23 @@ class UserPasswordCommand extends Command
return 0; return 0;
} }
if ($getHash) {
$oldHash = $user->getPassword();
$oldNonce = $user->getNonce();
}
if ($generate) { if ($generate) {
$oldHash = $user->getPassword();
$oldNonce = $user->getNonce();
$password = $this->container['random.medium']->generateString(64); $password = $this->container['random.medium']->generateString(64);
} else { } else {
if (!$password && $sendMailPassword) { if (!$password && $sendRenewalEmail) {
$this->sendPasswordSetupMail($user); $this->sendPasswordSetupMail($user);
$output->writeln('<info>email link sended for password renewing!</info>'); $output->writeln('<info>email link sended for password renewing!</info>');
return 0; return 0;
} elseif (!$password && !$sendMailPassword && ! $getHash) { } elseif (!$password && !$sendRenewalEmail && ! $getHash) {
$output->writeln('<error>choose one option to set a password!</error>'); $output->writeln('<error>choose one option to set a password!</error>');
return 0; return 0;
@@ -107,27 +115,21 @@ class UserPasswordCommand extends Command
return; return;
} }
} }
$oldHash = $user->getPassword();
$oldNonce = $user->getNonce();
$userManipulator->setPassword($user,$password); $userManipulator->setPassword($user,$password);
} }
if (($password || $generate || $getHash) && $user->getPassword()) { if (($password || $generate || $getHash) && $oldHash) {
if ($jsonformat) { if ($jsonformat) {
if ($password) { $hash['password_hash'] = $oldHash;
$hash['password'] = $password; $hash['nonce'] = $oldNonce;
}
$hash['password_hash'] = $user->getPassword();
$hash['nonce'] = $user->getNonce();
echo json_encode($hash); echo json_encode($hash);
} else { } else {
if ($password) { $output->writeln('<info>password_hash :</info>' . $oldHash);
$output->writeln('<info>password :</info>' .$password); $output->writeln('<info>nonce :</info>' . $oldNonce);
}
$output->writeln('<info>password_hash :</info>' .$user->getPassword());
$output->writeln('<info>nonce :</info>' .$user->getNonce());
} }
} elseif (is_null($password)) { } elseif (is_null($password)) {
@@ -147,11 +149,13 @@ class UserPasswordCommand extends Command
$receiver = Receiver::fromUser($user); $receiver = Receiver::fromUser($user);
$token = $this->container['manipulator.token']->createResetPasswordToken($user); $token = $this->container['manipulator.token']->createResetPasswordToken($user);
$url = $this->container['url_generator']->generate('login_renew_password', [ 'token' => $token->getValue() ], true);
$mail = MailRequestPasswordUpdate::create($this->container, $receiver); $mail = MailRequestPasswordUpdate::create($this->container, $receiver);
$servername = $this->container['conf']->get('servername'); $servername = $this->container['conf']->get('servername');
$mail->setButtonUrl('http://'.$servername.'/login/renew-password/?token='.$token->getValue()); $mail->setButtonUrl($url);
$mail->setLogin($user->getLogin()); $mail->setLogin($user->getLogin());
$mail->setExpiration(new \DateTime('+1 day'));
$this->deliver($mail); $this->deliver($mail);
} }