LoginControl: Fixed reset password

Venne · Oct 15, 2014 · f4b92da · f4b92da
1 parent e78a90e
commit f4b92da
Show file tree

Hide file tree

Showing 5 changed files with 63 additions and 25 deletions.
diff --git a/src/Security/Login/ConfirmFormService.php b/src/Security/Login/ConfirmFormService.php
@@ -15,8 +15,6 @@
 use Kdyby\Doctrine\Entities\BaseEntity;
 use Kdyby\DoctrineForms\EntityFormMapper;
 use Nette\Application\UI\Form;
-use Nette\Application\UI\Link;
-use Nette\Utils\Callback;
 use Venne\Forms\FormFactory;
 use Venne\Security\SecurityManager;
 use Venne\Security\User;
@@ -48,6 +46,7 @@ public function __construct(
 		SecurityManager $securityManager
 	) {
 		$this->formFactory = $formFactory;
+		$this->entityManager = $entityManager;
 		$this->userRepository = $entityManager->getRepository(User::class);
 		$this->securityManager = $securityManager;
 	}

diff --git a/src/Security/Login/LoginControl.php b/src/Security/Login/LoginControl.php
@@ -55,6 +55,9 @@ class LoginControl extends \Venne\System\UI\Control
 	 */
 	public $key;
 
+	/** @var \Venne\Security\User|null */
+	private $resetUser;
+
 	/** @var \Venne\System\AdminModule\LoginFormFactory */
 	private $loginFormFactory;
 
@@ -149,7 +152,7 @@ protected function createComponentResetForm()
 		$form = $this
 			->resetFormService
 			->getFormFactory(function ($key) {
-				return $this->link('this', array('key' => $key, 'reset' => null));
+				return $this->link('//this', array('key' => $key, 'reset' => null));
 			})->create();
 
 		$cancel = $form->addSubmit('cancel', 'Cancel');
@@ -172,13 +175,8 @@ protected function createComponentResetForm()
 	 */
 	protected function createComponentConfirmForm()
 	{
-		if (($user = $this->userRepository->findOneBy(array('resetKey' => $this->key))) === null) {
-			throw new BadRequestException;
-		}
-
-		$form = $this->formFactoryFactory
-			->create($this->confirmFormService)
-			->setEntity($user)
+		$form = $this->confirmFormService
+			->getFormFactory($this->key)
 			->create();
 
 		$form->onSuccess[] = $this->confirmFormSuccess;
@@ -219,11 +217,7 @@ public function providerFormSuccess(Form $form)
 
 	public function confirmFormSuccess()
 	{
-		if (($user = $this->userRepository->findOneBy(array('resetKey' => $this->key))) === null) {
-			throw new BadRequestException;
-		}
-
-		$this->securityManager->sendNewPassword($user);
+		$this->securityManager->sendNewPassword($this->resetUser);
 
 		$this->flashMessage($this->translator->translate('New password has been saved.'), 'success');
 		$this->redirect('this', array(
@@ -281,4 +275,17 @@ private function authenticate($provider, $parameters = null)
 		$this->redirect('this');
 	}
 
+	public function loadState(array $params)
+	{
+		parent::loadState($params);
+
+		if (isset($params['key'])) {
+			$this->resetUser = $this->userRepository->findOneBy(array('resetKey' => $params['key']));
+
+			if ($this->resetUser === null) {
+				$this->onError($this, new ResetKeyNotFoundException());
+			}
+		}
+	}
+
 }
diff --git a/src/Security/Login/ResetFormService.php b/src/Security/Login/ResetFormService.php
@@ -49,6 +49,7 @@ public function __construct(
 		SecurityManager $securityManager
 	) {
 		$this->formFactory = $formFactory;
+		$this->entityManager = $entityManager;
 		$this->userRepository = $entityManager->getRepository(User::class);
 		$this->securityManager = $securityManager;
 	}
@@ -93,8 +94,10 @@ protected function save(Form $form, $resetLinkCallback)
 
 		$key = $user->resetPassword();
 		$url = Callback::invoke($resetLinkCallback, $key);
-		$this->securityManager->sendRecoveryUrl($user, $url);
+
+		$this->entityManager->persist($user);
 		$this->entityManager->flush($user);
+		$this->securityManager->sendRecoveryUrl($user, $url);
 	}
 
 }
diff --git a/src/Security/Login/ResetKeyNotFoundException.php b/src/Security/Login/ResetKeyNotFoundException.php
@@ -0,0 +1,20 @@
+<?php
+
+/**
+ * This file is part of the Venne:CMS (https://github.com/Venne)
+ *
+ * Copyright (c) 2011, 2012 Josef Kříž (http://www.josef-kriz.cz)
+ *
+ * For the full copyright and license information, please view
+ * the file license.txt that was distributed with this source code.
+ */
+
+namespace Venne\Security\Login;
+
+/**
+ * @author Josef Kříž <[email protected]>
+ */
+class ResetKeyNotFoundException extends \Nette\InvalidArgumentException
+{
+
+}
diff --git a/src/System/AdminModule/LoginPresenter.php b/src/System/AdminModule/LoginPresenter.php
@@ -13,9 +13,11 @@
 
 use Doctrine\ORM\EntityManager;
 use Nette\Application\UI\Multiplier;
+use Nette\Security\AuthenticationException;
 use Venne\Forms\Form;
 use Venne\Security\Login\ILoginControlFactory;
 use Venne\Security\Login\LoginControl;
+use Venne\Security\Login\ResetKeyNotFoundException;
 use Venne\Security\Registration\IRegistrationControlFactory;
 use Venne\Security\Registration\RegistrationControl;
 use Venne\Security\Role;
@@ -39,7 +41,7 @@ class LoginPresenter extends \Nette\Application\UI\Presenter
 	public $backlink;
 
 	/** @var Callback */
-	private $form;
+	private $loginControlFactory;
 
 	/** @var string */
 	private $autologin;
@@ -70,7 +72,7 @@ class LoginPresenter extends \Nette\Application\UI\Presenter
 
 	public function __construct(
 		EntityManager $entityManager,
-		ILoginControlFactory $form,
+		ILoginControlFactory $loginControlFactory,
 		IRegistrationControlFactory $registrationControlFactory,
 		SecurityManager $securityManager
 	) {
@@ -79,7 +81,7 @@ public function __construct(
 		$this->roleRepository = $entityManager->getRepository(Role::class);
 		$this->registrationRepository = $entityManager->getRepository(Registration::class);
 		$this->invitationRepository = $entityManager->getRepository(Invitation::class);
-		$this->form = $form;
+		$this->loginControlFactory = $loginControlFactory;
 		$this->registrationControlFactory = $registrationControlFactory;
 		$this->securityManager = $securityManager;
 	}
@@ -146,7 +148,8 @@ public function renderDefault()
 	 */
 	protected function createComponentSignInForm()
 	{
-		$form = $this->form->create();
+		$form = $this->loginControlFactory->create();
+
 		$form->onSuccess[] = $this->formSuccess;
 		$form->onError[] = $this->formError;
 
@@ -172,13 +175,19 @@ public function formSuccess()
 	 */
 	public function formError(LoginControl $control, $message)
 	{
-		if ($this->autoregistration) {
-			$registration = str_replace(' ', '_', $this->autoregistration);
-			$this->redirect('this', array('do' => 'registration-' . $registration . '-load', 'registration-' . $registration . '-name' => $this->autologin));
+		if ($message instanceof AuthenticationException) {
+			if ($this->autoregistration) {
+				$registration = str_replace(' ', '_', $this->autoregistration);
+				$this->redirect('this', array('do' => 'registration-' . $registration . '-load', 'registration-' . $registration . '-name' => $this->autologin));
+			}
+
+			$this->flashMessage($this->translator->translate($message), 'warning');
+			$this->redirect('this');
 		}
 
-		$this->flashMessage($this->translator->translate($message), 'warning');
-		$this->redirect('this');
+		if ($message instanceof ResetKeyNotFoundException) {
+			$this->error();
+		}
 	}
 
 	/**