3 namespace dokuwiki\Action
;
5 use dokuwiki\Ui\UserResendPwd
;
6 use dokuwiki\Action\Exception\ActionAbort
;
7 use dokuwiki\Action\Exception\ActionDisabledException
;
8 use dokuwiki\Extension\AuthPlugin
;
14 * Handle password recovery
16 * @package dokuwiki\Action
18 class Resendpwd
extends AbstractAclAction
21 public function minimumPermission()
27 public function checkPreconditions()
29 parent
::checkPreconditions();
31 /** @var AuthPlugin $auth */
34 if (isset($conf['resendpasswd']) && !$conf['resendpasswd'])
35 throw new ActionDisabledException(); //legacy option
36 if (!$auth->canDo('modPass')) throw new ActionDisabledException();
40 public function preProcess()
42 if ($this->resendpwd()) {
43 throw new ActionAbort('login');
48 public function tplContent()
50 (new UserResendPwd())->show();
56 * This function handles both phases of the password reset:
58 * - handling the first request of password reset
59 * - validating the password reset auth token
61 * @author Benoit Chesneau <benoit@bchesneau.info>
62 * @author Chris Smith <chris@jalakai.co.uk>
63 * @author Andreas Gohr <andi@splitbrain.org>
64 * @fixme this should be split up into multiple methods
65 * @return bool true on success, false on any error
67 protected function resendpwd()
71 /* @var AuthPlugin $auth */
75 if (!actionOK('resendpwd')) {
76 msg($lang['resendna'], -1);
80 $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth'));
83 // we're in token phase - get user info from token
85 $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
86 if (!file_exists($tfile)) {
87 msg($lang['resendpwdbadauth'], -1);
88 $INPUT->remove('pwauth');
91 // token is only valid for 3 days
92 if ((time() - filemtime($tfile)) > (3 * 60 * 60 * 24)) {
93 msg($lang['resendpwdbadauth'], -1);
94 $INPUT->remove('pwauth');
99 $user = io_readfile($tfile);
100 $userinfo = $auth->getUserData($user, $requireGroups = false);
101 if (empty($userinfo['mail'])) {
102 msg($lang['resendpwdnouser'], -1);
106 if (!$conf['autopasswd']) { // we let the user choose a password
107 $pass = $INPUT->str('pass');
109 // password given correctly?
110 if (!$pass) return false;
111 if ($pass != $INPUT->str('passchk')) {
112 msg($lang['regbadpass'], -1);
117 if (!$auth->triggerUserMod('modify', [$user, ['pass' => $pass]])) {
118 msg($lang['proffail'], -1);
121 } else { // autogenerate the password and send by mail
122 $pass = auth_pwgen($user);
123 if (!$auth->triggerUserMod('modify', [$user, ['pass' => $pass]])) {
124 msg($lang['proffail'], -1);
128 if (auth_sendPassword($user, $pass)) {
129 msg($lang['resendpwdsuccess'], 1);
131 msg($lang['regmailfail'], -1);
138 // we're in request phase
140 if (!$INPUT->post
->bool('save')) return false;
142 if (!$INPUT->post
->str('login')) {
143 msg($lang['resendpwdmissing'], -1);
146 $user = trim($auth->cleanUser($INPUT->post
->str('login')));
149 $userinfo = $auth->getUserData($user, $requireGroups = false);
150 if (empty($userinfo['mail'])) {
151 msg($lang['resendpwdnouser'], -1);
155 // generate auth token
156 $token = md5(auth_randombytes(16)); // random secret
157 $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth';
158 $url = wl('', ['do' => 'resendpwd', 'pwauth' => $token], true, '&');
160 io_saveFile($tfile, $user);
162 $text = rawLocale('pwconfirm');
164 'FULLNAME' => $userinfo['name'],
169 $mail = new \
Mailer();
170 $mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>');
171 $mail->subject($lang['regpwmail']);
172 $mail->setBody($text, $trep);
174 msg($lang['resendpwdconfirm'], 1);
176 msg($lang['regmailfail'], -1);