diff options
author | Jonas Kohl | 2024-09-19 11:28:12 +0200 |
---|---|---|
committer | Jonas Kohl | 2024-09-19 11:28:12 +0200 |
commit | 35db6e71fc7196af1757be17d2a3919246476683 (patch) | |
tree | 07e7c6ddd3260cdbe7e662f434f1407a37c832d1 /src/application | |
parent | 01454544896827113e49db0d2848b5aab6ce14ae (diff) |
Add password reset
Diffstat (limited to 'src/application')
-rw-r--r-- | src/application/messages/de.msg | 40 | ||||
-rw-r--r-- | src/application/mystic/forum/orm/User.php | 2 | ||||
-rw-r--r-- | src/application/views/form_login.php | 3 | ||||
-rw-r--r-- | src/application/views/form_new_password.php | 38 | ||||
-rw-r--r-- | src/application/views/form_password_reset.php | 41 |
5 files changed, 124 insertions, 0 deletions
diff --git a/src/application/messages/de.msg b/src/application/messages/de.msg index 3a334a9..cac30e7 100644 --- a/src/application/messages/de.msg +++ b/src/application/messages/de.msg @@ -353,3 +353,43 @@ metadata({ : "Retype password:" = "Passwort wiederholen:" + +: "The password reset link is either invalid or it expired" += "Der Link zum Password Zurücksetzen ist entweder ungültig oder abgelaufen" + +: "Password reset successfully!" += "Passwort erfolgreich zurückgesetzt!" + +: "Forgot your password? No problem!" += "Passwort vergessen? Kein Problem!" + +: "If an account exists with the given email address, we will have sent a password reset link to that email address." += "Falls ein Nutzerkonto mit der angegebenen E-Mail-Adresse existiert haben wir dieser einen Link zum Password Zurücksetzen zugesandt." + +: "Hello, %user_display_name%!\n" + "\n" + "a password reset has been requested successfully! Please click the link below to set a new password:\n" + "%reset_link%\n" + "\n" + "If this wasn't you, you can safely ignore this email. The link will only be valid for one hour.\n" + "\n" + "Kind regards,\n" + "%forum_copyright%" += "Hallo, %user_display_name%!\n" + "\n" + "das Zurücksetzen Ihres Passwortes wurde erfolgreich angefragt. Bitte klicken Sie auf den untenstehenden Link, um Ihr Passwort zurückzusetzen:\n" + "%reset_link%\n" + "\n" + "Falls Sie dies nicht waren, können Sie diese E-Mail ignorieren. Der Link ist nur für eine Stunde gültig.\n" + "\n" + "Mit freundlichen Grüßen,\n" + "%forum_copyright%" + +: "Reset password" += "Passwort zurücksetzen" + +: "I forgot my password" += "Ich habe mein Passwort vergessen" + +: "I know my password and I want to %link%log in%/link%!" += "Ich kenne mein Passwort und möchte mich %link%anmelden%/link%!" diff --git a/src/application/mystic/forum/orm/User.php b/src/application/mystic/forum/orm/User.php index 97acbaf..1bf02f1 100644 --- a/src/application/mystic/forum/orm/User.php +++ b/src/application/mystic/forum/orm/User.php @@ -23,6 +23,8 @@ class User extends Entity { public bool $passwordResetRequired; public string $activationToken; public bool $activated; + #[Unique] public ?string $passwordResetToken; + public ?\DateTimeImmutable $passwordResetTokenCreated; #[Column(columnType: "bytea")] public ?string $profilePicture; public ?\DateTimeImmutable $nameLastChanged; diff --git a/src/application/views/form_login.php b/src/application/views/form_login.php index 1c4a9ea..acef1ff 100644 --- a/src/application/views/form_login.php +++ b/src/application/views/form_login.php @@ -21,6 +21,8 @@ if (($_formError = RequestUtils::getAndClearFormError("login")) !== null) { ?> <form action="<?= htmlentities($_SERVER["REQUEST_URI"]) ?>" method="post"> <input type="hidden" name="form_id" value="login"> +<input type="hidden" name="token" value="<?= htmlentities($token) ?>"> +<input type="hidden" name="sig" value="<?= htmlentities($signature) ?>"> <div class="form-group"> <label for="i_username"><?= __("Username:") ?></label> <input class="form-control" type="text" id="i_username" name="username" value="<?= htmlentities($lastForm["username"] ?? "") ?>" required autofocus> @@ -33,6 +35,7 @@ if (($_formError = RequestUtils::getAndClearFormError("login")) !== null) { <div class="form-group"> <button class="btn btn-primary" type="submit"><?= __("Log in") ?></button> + <a href="?_action=pwreset"><?= __("I forgot my password") ?></a> </div> <div class="form-group"> diff --git a/src/application/views/form_new_password.php b/src/application/views/form_new_password.php new file mode 100644 index 0000000..7431bd5 --- /dev/null +++ b/src/application/views/form_new_password.php @@ -0,0 +1,38 @@ +<?php + +use mystic\forum\utils\RequestUtils; + +$lastFormUri = ""; +$lastForm = RequestUtils::getLastForm($lastFormUri) ?? []; +if ($lastFormUri !== $_SERVER["REQUEST_URI"]) $lastForm = []; +RequestUtils::clearLastForm(); + +?> +<div class="page-header margin-top-0"> + <h1><?= __("Reset password") ?></h1> +</div> +<div class="col-md-4"></div> +<div class="well col-md-4"> +<?php +if (($_formError = RequestUtils::getAndClearFormError("pwnew")) !== null) { + _view("alert_error", ["message" => $_formError]); +} +?> +<form action="<?= htmlentities($_SERVER["REQUEST_URI"]) ?>" method="post"> +<input type="hidden" name="form_id" value="pwnew"> +<div class="form-group"> + <label for="i_new_password"><?= __("New password:") ?></label> + <input class="form-control" type="password" id="i_new_password" name="new_password" required autofocus> +</div> + +<div class="form-group"> + <label for="i_retype_password"><?= __("Retype password:") ?></label> + <input class="form-control" type="password" id="i_retype_password" name="retype_password" required> +</div> + +<div class="form-group"> + <button class="btn btn-primary" type="submit"><?= __("Set new password") ?></button> +</div> +</form> +</div> +<div class="col-md-4"></div> diff --git a/src/application/views/form_password_reset.php b/src/application/views/form_password_reset.php new file mode 100644 index 0000000..57d8ed2 --- /dev/null +++ b/src/application/views/form_password_reset.php @@ -0,0 +1,41 @@ +<?php + +use mystic\forum\Messaging; +use mystic\forum\utils\RequestUtils; + +$lastFormUri = ""; +$lastForm = RequestUtils::getLastForm($lastFormUri) ?? []; +if ($lastFormUri !== $_SERVER["REQUEST_URI"]) $lastForm = []; +RequestUtils::clearLastForm(); + +?> +<div class="page-header margin-top-0"> + <h1><?= __("Reset password") ?></h1> +</div> +<div class="col-md-4"></div> +<div class="well col-md-4"> +<?php +if (($_formError = RequestUtils::getAndClearFormError("pwreset")) !== null) { + _view("alert_error", ["message" => $_formError]); +} +?> +<form action="<?= htmlentities($_SERVER["REQUEST_URI"]) ?>" method="post"> +<input type="hidden" name="form_id" value="pwreset"> +<div class="form-group"> + <label for="i_username"><?= __("Email address:") ?></label> + <input class="form-control" type="email" id="i_email" name="email" value="<?= htmlentities($lastForm["email"] ?? "") ?>" required autofocus> +</div> + +<div class="form-group"> + <button class="btn btn-primary" type="submit"><?= __("Reset password") ?></button> +</div> + +<div class="form-group"> + <?= __("I know my password and I want to %link%log in%/link%!", [ + "link" => '<a href="?_action=auth">', + "/link" => '</a>', + ]) ?> +</div> +</form> +</div> +<div class="col-md-4"></div> |