Password Reset + Bugfixes
Esse commit está contido em:
		
							pai
							
								
									db63b55a70
								
							
						
					
					
						commit
						0deb6fff52
					
				| @ -84,7 +84,7 @@ namespace Api { | ||||
| 
 | ||||
|     protected function getUser($id) { | ||||
|       $sql = $this->user->getSQL(); | ||||
|       $res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at", | ||||
|       $res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at", "User.confirmed", | ||||
|         "Group.uid as groupId", "Group.name as groupName", "Group.color as groupColor") | ||||
|         ->from("User") | ||||
|         ->leftJoin("UserGroup", "User.uid", "UserGroup.user_id") | ||||
| @ -254,7 +254,7 @@ namespace Api\User { | ||||
|       } | ||||
| 
 | ||||
|       $sql = $this->user->getSQL(); | ||||
|       $res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at", | ||||
|       $res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at", "User.confirmed", | ||||
|         "Group.uid as groupId", "Group.name as groupName", "Group.color as groupColor") | ||||
|         ->from("User") | ||||
|         ->leftJoin("UserGroup", "User.uid", "UserGroup.user_id") | ||||
| @ -278,6 +278,7 @@ namespace Api\User { | ||||
|               "name" => $row["name"], | ||||
|               "email" => $row["email"], | ||||
|               "registered_at" => $row["registered_at"], | ||||
|               "confirmed" => $sql->parseBool($row["confirmed"]), | ||||
|               "groups" => array(), | ||||
|             ); | ||||
|           } | ||||
| @ -310,6 +311,7 @@ namespace Api\User { | ||||
|         return false; | ||||
|       } | ||||
| 
 | ||||
|       $sql = $this->user->getSQL(); | ||||
|       $id = $this->getParam("id"); | ||||
|       $user = $this->getUser($id); | ||||
| 
 | ||||
| @ -322,6 +324,7 @@ namespace Api\User { | ||||
|             "name" => $user[0]["name"], | ||||
|             "email" => $user[0]["email"], | ||||
|             "registered_at" => $user[0]["registered_at"], | ||||
|             "confirmed" => $sql->parseBool($user["0"]["confirmed"]), | ||||
|             "groups" => array() | ||||
|           ); | ||||
| 
 | ||||
| @ -450,6 +453,7 @@ namespace Api\User { | ||||
|         'password' => new StringType('password'), | ||||
|         'confirmPassword' => new StringType('confirmPassword'), | ||||
|       )); | ||||
|       $this->csrfTokenRequired = false; | ||||
|     } | ||||
| 
 | ||||
|     private function updateUser($uid, $password) { | ||||
| @ -783,7 +787,7 @@ namespace Api\User { | ||||
| 
 | ||||
|     private function checkToken($token) { | ||||
|       $sql = $this->user->getSQL(); | ||||
|       $res = $sql->select("UserToken.token_type", "User.uid", "User.name", "User.email", "User.confirmed") | ||||
|       $res = $sql->select("UserToken.token_type", "User.uid", "User.name", "User.email") | ||||
|         ->from("UserToken") | ||||
|         ->innerJoin("User", "UserToken.user_id", "User.uid") | ||||
|         ->where(new Compare("UserToken.token", $token)) | ||||
| @ -817,7 +821,6 @@ namespace Api\User { | ||||
|           $this->result["user"] = array( | ||||
|             "name" => $tokenEntry["name"], | ||||
|             "email" => $tokenEntry["email"], | ||||
|             "confirmed" => $this->user->getSQL()->parseBool($tokenEntry["confirmed"]), | ||||
|             "uid" => $tokenEntry["uid"] | ||||
|           ); | ||||
|         } else { | ||||
| @ -837,6 +840,7 @@ namespace Api\User { | ||||
|         'email' => new Parameter('email', Parameter::TYPE_EMAIL, true, NULL), | ||||
|         'password' => new StringType('password', -1, true, NULL), | ||||
|         'groups' => new Parameter('groups', Parameter::TYPE_ARRAY, true, NULL), | ||||
|         'confirmed' => new Parameter('confirmed', Parameter::TYPE_BOOLEAN, true, NULL) | ||||
|       )); | ||||
| 
 | ||||
|       $this->loginRequired = true; | ||||
| @ -859,6 +863,7 @@ namespace Api\User { | ||||
|         $email = $this->getParam("email"); | ||||
|         $password = $this->getParam("password"); | ||||
|         $groups = $this->getParam("groups"); | ||||
|         $confirmed = $this->getParam("confirmed"); | ||||
| 
 | ||||
|         $email = (!is_null($email) && empty($email)) ? null : $email; | ||||
| 
 | ||||
| @ -896,6 +901,14 @@ namespace Api\User { | ||||
|         if ($emailChanged) $query->set("email", $email); | ||||
|         if (!is_null($password)) $query->set("password", $this->hashPassword($password)); | ||||
| 
 | ||||
|         if (!is_null($confirmed)) { | ||||
|           if ($id === $this->user->getId() && $confirmed === false) { | ||||
|             return $this->createError("Cannot make own account unconfirmed."); | ||||
|           } else { | ||||
|             $query->set("confirmed", $confirmed); | ||||
|           } | ||||
|         } | ||||
| 
 | ||||
|         if (!empty($query->getValues())) { | ||||
|           $query->where(new Compare("User.uid", $id)); | ||||
|           $res = $query->execute(); | ||||
| @ -957,7 +970,7 @@ namespace Api\User { | ||||
|     } | ||||
|   } | ||||
| 
 | ||||
|   class RequestResetPassword extends UserAPI { | ||||
|   class RequestPasswordReset extends UserAPI { | ||||
|     public function __construct(User $user, $externalCall = false) { | ||||
|       $parameters = array( | ||||
|         'email' => new Parameter('email', Parameter::TYPE_EMAIL), | ||||
| @ -969,6 +982,7 @@ namespace Api\User { | ||||
|       } | ||||
| 
 | ||||
|       parent::__construct($user, $externalCall, $parameters); | ||||
|       $this->csrfTokenRequired = false; | ||||
|     } | ||||
| 
 | ||||
|     public function execute($values = array()) { | ||||
| @ -1010,7 +1024,7 @@ namespace Api\User { | ||||
|         $siteName = htmlspecialchars($settings->getSiteName()); | ||||
| 
 | ||||
|         $replacements = array( | ||||
|           "link" => "$baseUrl/confirmEmail?token=$token", | ||||
|           "link" => "$baseUrl/resetPassword?token=$token", | ||||
|           "site_name" => $siteName, | ||||
|           "base_url" => $baseUrl, | ||||
|           "username" => htmlspecialchars($user["name"]) | ||||
| @ -1035,6 +1049,7 @@ namespace Api\User { | ||||
|     private function findUser($email) { | ||||
|       $sql = $this->user->getSQL(); | ||||
|       $res = $sql->select("User.uid", "User.name") | ||||
|         ->from("User") | ||||
|         ->where(new Compare("User.email", $email)) | ||||
|         ->where(new CondBool("User.confirmed")) | ||||
|         ->execute(); | ||||
| @ -1073,6 +1088,8 @@ namespace Api\User { | ||||
|         'password' => new StringType('password'), | ||||
|         'confirmPassword' => new StringType('confirmPassword'), | ||||
|       )); | ||||
| 
 | ||||
|       $this->csrfTokenRequired = false; | ||||
|     } | ||||
| 
 | ||||
|     private function updateUser($uid, $password) { | ||||
| @ -1108,7 +1125,7 @@ namespace Api\User { | ||||
|       } | ||||
| 
 | ||||
|       $result = $req->getResult(); | ||||
|       if (strcasecmp($result["token"]["type"], "reset_password") !== 0) { | ||||
|       if (strcasecmp($result["token"]["type"], "password_reset") !== 0) { | ||||
|         return $this->createError("Invalid token type"); | ||||
|       } else if (!$this->checkPasswordRequirements($password, $confirmPassword)) { | ||||
|         return false; | ||||
|  | ||||
| @ -6,7 +6,7 @@ namespace Documents { | ||||
|   use Elements\Document; | ||||
|   use Objects\User; | ||||
|   use Views\Admin\AdminDashboardBody; | ||||
|   use Views\LoginBody; | ||||
|   use Views\Admin\LoginBody; | ||||
| 
 | ||||
|   class Admin extends Document { | ||||
|     public function __construct(User $user, ?string $view = NULL) { | ||||
|  | ||||
| @ -10,7 +10,7 @@ class Link extends StaticView { | ||||
|   const FONTAWESOME = "/css/fontawesome.min.css"; | ||||
|   const BOOTSTRAP   = "/css/bootstrap.min.css"; | ||||
|   const CORE        = "/css/style.css"; | ||||
|   const ADMIN       = "/css/admin.css"; | ||||
|   const ACCOUNT       = "/css/account.css"; | ||||
| 
 | ||||
|   private string $type; | ||||
|   private string $rel; | ||||
|  | ||||
| @ -7,7 +7,6 @@ class Script extends StaticView { | ||||
|   const MIME_TEXT_JAVASCRIPT    = "text/javascript"; | ||||
| 
 | ||||
|   const CORE      = "/js/script.js"; | ||||
|   const ADMIN     = "/js/admin.js"; | ||||
|   const JQUERY    = "/js/jquery.min.js"; | ||||
|   const INSTALL   = "/js/install.js"; | ||||
|   const BOOTSTRAP = "/js/bootstrap.bundle.min.js"; | ||||
|  | ||||
| @ -7,15 +7,83 @@ namespace Views\Account; | ||||
| use Elements\Document; | ||||
| use Elements\View; | ||||
| 
 | ||||
| class AcceptInvite extends View { | ||||
| class AcceptInvite extends AccountView { | ||||
| 
 | ||||
|   private bool $success; | ||||
|   private string $message; | ||||
|   private array $invitedUser; | ||||
| 
 | ||||
|   public function __construct(Document $document, $loadView = true) { | ||||
|     parent::__construct($document, $loadView); | ||||
|     $this->title = "Invitation"; | ||||
|     $this->description = "Finnish your account registration by choosing a password."; | ||||
|     $this->icon = "user-check"; | ||||
|     $this->success = false; | ||||
|     $this->message = "No content"; | ||||
|     $this->invitedUser = array(); | ||||
|   } | ||||
| 
 | ||||
|   public function getCode() { | ||||
|     $html = parent::getCode(); | ||||
|   public function loadView() { | ||||
|     parent::loadView(); | ||||
| 
 | ||||
|     return $html; | ||||
|     if (isset($_GET["token"]) && is_string($_GET["token"]) && !empty($_GET["token"])) { | ||||
|       $req = new \Api\User\CheckToken($this->getDocument()->getUser()); | ||||
|       $this->success = $req->execute(array("token" => $_GET["token"])); | ||||
|       if ($this->success) { | ||||
|         if (strcmp($req->getResult()["token"]["type"], "invite") !== 0) { | ||||
|           $this->success = false; | ||||
|           $this->message = "The given token has a wrong type."; | ||||
|         } else { | ||||
|           $this->invitedUser = $req->getResult()["user"]; | ||||
|         } | ||||
|       } else { | ||||
|         $this->message = "Error confirming e-mail address: " . $req->getLastError(); | ||||
|       } | ||||
|     } else { | ||||
|       $this->success = false; | ||||
|       $this->message = "The link you visited is no longer valid"; | ||||
|     } | ||||
|   } | ||||
| 
 | ||||
|   protected function getAccountContent() { | ||||
|     if (!$this->success) { | ||||
|       return $this->createErrorText($this->message); | ||||
|     } | ||||
| 
 | ||||
|     $token = htmlspecialchars($_GET["token"], ENT_QUOTES); | ||||
|     $username = $this->invitedUser["name"]; | ||||
|     $emailAddress = $this->invitedUser["email"]; | ||||
| 
 | ||||
|     return "<h4 class=\"pb-4\">Please fill with your details</h4>
 | ||||
|       <form> | ||||
|         <input name='token' id='token' type='hidden' value='$token'/> | ||||
|         <div class=\"input-group\">
 | ||||
|           <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-hashtag\"></i></span>  
 | ||||
|           </div> | ||||
|           <input id=\"username\" name=\"username\" placeholder=\"Username\" class=\"form-control\" type=\"text\" maxlength=\"32\" value='$username' disabled>
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|          <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-at\"></i></span>
 | ||||
|           </div> | ||||
|           <input type=\"email\" name='email' id='email' class=\"form-control\" placeholder=\"Email\" maxlength=\"64\" value='$emailAddress' disabled>
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|           <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
 | ||||
|           </div> | ||||
|           <input type=\"password\" name='password' id='password' class=\"form-control\" placeholder=\"Password\">
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|           <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
 | ||||
|           </div> | ||||
|           <input type=\"password\" name='confirmPassword' id='confirmPassword' class=\"form-control\" placeholder=\"Confirm Password\">
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|           <button type=\"button\" class=\"btn btn-success\" id='btnAcceptInvite'>Submit</button>
 | ||||
|         </div> | ||||
|      </form>";
 | ||||
|   } | ||||
| } | ||||
| @ -3,9 +3,7 @@ | ||||
| 
 | ||||
| namespace Views\Account; | ||||
| 
 | ||||
| 
 | ||||
| use Elements\Document; | ||||
| use Elements\View; | ||||
| 
 | ||||
| class Register extends AccountView { | ||||
| 
 | ||||
|  | ||||
| @ -5,17 +5,83 @@ namespace Views\Account; | ||||
| 
 | ||||
| 
 | ||||
| use Elements\Document; | ||||
| use Elements\View; | ||||
| 
 | ||||
| class ResetPassword extends View { | ||||
| class ResetPassword extends AccountView { | ||||
| 
 | ||||
|   private bool $success; | ||||
|   private string $message; | ||||
|   private ?string $token; | ||||
| 
 | ||||
|   public function __construct(Document $document, $loadView = true) { | ||||
|     parent::__construct($document, $loadView); | ||||
|     $this->title = "Reset Password"; | ||||
|     $this->description = "Request a password reset, once you got the e-mail address, you can choose a new password"; | ||||
|     $this->icon = "user-lock"; | ||||
|     $this->success = true; | ||||
|     $this->message = ""; | ||||
|     $this->token = NULL; | ||||
|   } | ||||
| 
 | ||||
|   public function getCode() { | ||||
|     $html = parent::getCode(); | ||||
|   public function loadView() { | ||||
|     parent::loadView(); | ||||
| 
 | ||||
|     return $html; | ||||
|     if (isset($_GET["token"]) && is_string($_GET["token"]) && !empty($_GET["token"])) { | ||||
|       $this->token = $_GET["token"]; | ||||
|       $req = new \Api\User\CheckToken($this->getDocument()->getUser()); | ||||
|       $this->success = $req->execute(array("token" => $_GET["token"])); | ||||
|       if ($this->success) { | ||||
|         if (strcmp($req->getResult()["token"]["type"], "password_reset") !== 0) { | ||||
|           $this->success = false; | ||||
|           $this->message = "The given token has a wrong type."; | ||||
|         } | ||||
|       } else { | ||||
|         $this->message = "Error requesting password reset: " . $req->getLastError(); | ||||
|       } | ||||
|     } | ||||
|   } | ||||
| 
 | ||||
|   protected function getAccountContent() { | ||||
|     if (!$this->success) { | ||||
|       $html = $this->createErrorText($this->message); | ||||
|       if ($this->token !== null) { | ||||
|         $html .= "<a href='/resetPassword' class='btn btn-primary'>Go back</a>"; | ||||
|       } | ||||
|       return $html; | ||||
|     } | ||||
| 
 | ||||
|     if ($this->token === null) { | ||||
|       return  "<p class='lead'>Enter your E-Mail address, to receive a password reset token.</p>
 | ||||
|           <form> | ||||
|         <div class=\"input-group\">
 | ||||
|           <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-at\"></i></span>  
 | ||||
|           </div> | ||||
|           <input id=\"email\" name=\"email\" placeholder=\"E-Mail address\" class=\"form-control\" type=\"email\" maxlength=\"64\" />
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-2\">
 | ||||
|           <button id='btnRequestPasswordReset' class='btn btn-primary'>Request</button> | ||||
|         </div> | ||||
|       ";
 | ||||
|     } else { | ||||
|       return "<h4 class=\"pb-4\">Choose a new password</h4>
 | ||||
|       <form> | ||||
|         <input name='token' id='token' type='hidden' value='$this->token'/> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|           <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
 | ||||
|           </div> | ||||
|           <input type=\"password\" name='password' id='password' class=\"form-control\" placeholder=\"Password\">
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|           <div class=\"input-group-append\">
 | ||||
|             <span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
 | ||||
|           </div> | ||||
|           <input type=\"password\" name='confirmPassword' id='confirmPassword' class=\"form-control\" placeholder=\"Confirm Password\">
 | ||||
|         </div> | ||||
|         <div class=\"input-group mt-3\">
 | ||||
|           <button type=\"button\" class=\"btn btn-success\" id='btnResetPassword'>Submit</button>
 | ||||
|         </div> | ||||
|      </form>";
 | ||||
|     } | ||||
|   } | ||||
| } | ||||
| @ -1,10 +1,11 @@ | ||||
| <?php | ||||
| 
 | ||||
| namespace Views; | ||||
| namespace Views\Admin; | ||||
| 
 | ||||
| use Elements\Body; | ||||
| use Elements\Link; | ||||
| use Elements\Script; | ||||
| use Views\LanguageFlags; | ||||
| 
 | ||||
| class LoginBody extends Body { | ||||
| 
 | ||||
| @ -19,8 +20,8 @@ class LoginBody extends Body { | ||||
|     $head->loadBootstrap(); | ||||
|     $head->addJS(Script::CORE); | ||||
|     $head->addCSS(Link::CORE); | ||||
|     $head->addJS(Script::ADMIN); | ||||
|     $head->addCSS(Link::ADMIN); | ||||
|     $head->addJS(Script::ACCOUNT); | ||||
|     $head->addCSS(Link::ACCOUNT); | ||||
|   } | ||||
| 
 | ||||
|   public function getCode() { | ||||
| @ -37,14 +38,6 @@ class LoginBody extends Body { | ||||
|     $domain = $_SERVER['HTTP_HOST']; | ||||
|     $protocol = getProtocol(); | ||||
| 
 | ||||
|     $accountCreated = ""; | ||||
|     if(isset($_GET["accountCreated"])) { | ||||
|       $accountCreated = | ||||
|         '<div class="alert alert-success mt-3" id="accountCreated"> | ||||
|           Your account was successfully created, you may now login with your credentials | ||||
|         </div>'; | ||||
|     } | ||||
| 
 | ||||
|     $html .= " | ||||
|       <body> | ||||
|         <div class=\"container mt-4\">
 | ||||
| @ -63,13 +56,12 @@ class LoginBody extends Body { | ||||
|                 <label class=\"form-check-label\" for=\"stayLoggedIn\">$stayLoggedIn</label>
 | ||||
|               </div> | ||||
|               <button class=\"btn btn-lg btn-primary btn-block\" id=\"btnLogin\" type=\"button\">$login</button>
 | ||||
|               <div class=\"alert alert-danger hidden\" role=\"alert\" id=\"loginError\"></div>
 | ||||
|               <div class=\"alert alert-danger\" style='display:none' role=\"alert\" id=\"alertMessage\"></div>
 | ||||
|               <span class=\"flags position-absolute\">$flags</span>
 | ||||
|             </form> | ||||
|             <div class=\"p-1\">
 | ||||
|               <a href=\"$protocol://$domain\">$iconBack $backToStartPage</a> | ||||
|             </div> | ||||
|             $accountCreated | ||||
|           </div> | ||||
|           </div> | ||||
|         </div> | ||||
							
								
								
									
										106
									
								
								js/account.js
									
									
									
									
									
								
							
							
								
								
								
								
								
									
									
								
							
						
						
									
										106
									
								
								js/account.js
									
									
									
									
									
								
							| @ -11,6 +11,30 @@ $(document).ready(function () { | ||||
|         $("#alertMessage").hide(); | ||||
|     } | ||||
| 
 | ||||
|     // Login
 | ||||
|     $("#btnLogin").click(function() { | ||||
|         const username = $("#username").val(); | ||||
|         const password = $("#password").val(); | ||||
|         const createdDiv = $("#accountCreated"); | ||||
|         const stayLoggedIn = $("#stayLoggedIn").is(":checked"); | ||||
|         const btn = $(this); | ||||
| 
 | ||||
|         hideAlert(); | ||||
|         btn.prop("disabled", true); | ||||
|         btn.html("Logging in… <i class=\"fa fa-spin fa-circle-notch\"></i>"); | ||||
|         jsCore.apiCall("/user/login", {"username": username, "password": password, "stayLoggedIn": stayLoggedIn }, function(res) { | ||||
|             if (res.success) { | ||||
|                 document.location.reload(); | ||||
|             } else { | ||||
|                 btn.html("Login"); | ||||
|                 btn.prop("disabled", false); | ||||
|                 $("#password").val(""); | ||||
|                 createdDiv.hide(); | ||||
|                 showAlert(res.msg); | ||||
|             } | ||||
|         }); | ||||
|     }); | ||||
| 
 | ||||
|     $("#btnRegister").click(function (e) { | ||||
|         e.preventDefault(); | ||||
|         e.stopPropagation(); | ||||
| @ -43,4 +67,86 @@ $(document).ready(function () { | ||||
|             }); | ||||
|         } | ||||
|     }); | ||||
| 
 | ||||
|     $("#btnAcceptInvite").click(function (e) { | ||||
|         e.preventDefault(); | ||||
|         e.stopPropagation(); | ||||
| 
 | ||||
|         let btn = $(this); | ||||
|         let token = $("#token").val(); | ||||
|         let password = $("#password").val(); | ||||
|         let confirmPassword = $("#confirmPassword").val(); | ||||
| 
 | ||||
|         if(password !== confirmPassword) { | ||||
|             showAlert("danger", "Your passwords did not match."); | ||||
|         } else { | ||||
|             let textBefore = btn.text(); | ||||
|             let params = { token: token, password: password, confirmPassword: confirmPassword }; | ||||
| 
 | ||||
|             btn.prop("disabled", true); | ||||
|             btn.html("Submitting… <i class='fas fa-spin fa-spinner'></i>") | ||||
|             jsCore.apiCall("user/acceptInvite", params, (res) => { | ||||
|                 btn.prop("disabled", false); | ||||
|                 btn.text(textBefore); | ||||
|                 if (!res.success) { | ||||
|                     showAlert("danger", res.msg); | ||||
|                 } else { | ||||
|                     showAlert("success", "Account successfully created. You may now login."); | ||||
|                     $("input").val(""); | ||||
|                 } | ||||
|             }); | ||||
|         } | ||||
|     }); | ||||
| 
 | ||||
|     $("#btnRequestPasswordReset").click(function (e) { | ||||
|         e.preventDefault(); | ||||
|         e.stopPropagation(); | ||||
| 
 | ||||
|         let btn = $(this); | ||||
|         let email = $("#email").val(); | ||||
| 
 | ||||
|         let textBefore = btn.text(); | ||||
|         btn.prop("disabled", true); | ||||
|         btn.html("Submitting… <i class='fas fa-spin fa-spinner'></i>") | ||||
|         jsCore.apiCall("user/requestPasswordReset", { email: email }, (res) => { | ||||
|             btn.prop("disabled", false); | ||||
|             btn.text(textBefore); | ||||
|             if (!res.success) { | ||||
|                 showAlert("danger", res.msg); | ||||
|             } else { | ||||
|                 showAlert("success", "If the e-mail address exists and is linked to a account, you will receive a password reset token."); | ||||
|                 $("input").val(""); | ||||
|             } | ||||
|         }); | ||||
|     }); | ||||
| 
 | ||||
|     $("#btnResetPassword").click(function (e) { | ||||
|         e.preventDefault(); | ||||
|         e.stopPropagation(); | ||||
| 
 | ||||
|         let btn = $(this); | ||||
|         let token = $("#token").val(); | ||||
|         let password = $("#password").val(); | ||||
|         let confirmPassword = $("#confirmPassword").val(); | ||||
| 
 | ||||
|         if(password !== confirmPassword) { | ||||
|             showAlert("danger", "Your passwords did not match."); | ||||
|         } else { | ||||
|             let textBefore = btn.text(); | ||||
|             let params = { token: token, password: password, confirmPassword: confirmPassword }; | ||||
| 
 | ||||
|             btn.prop("disabled", true); | ||||
|             btn.html("Submitting… <i class='fas fa-spin fa-spinner'></i>") | ||||
|             jsCore.apiCall("user/resetPassword", params, (res) => { | ||||
|                 btn.prop("disabled", false); | ||||
|                 btn.text(textBefore); | ||||
|                 if (!res.success) { | ||||
|                     showAlert("danger", res.msg); | ||||
|                 } else { | ||||
|                     showAlert("success", "Your password was successfully changed. You may now login."); | ||||
|                     $("input").val(""); | ||||
|                 } | ||||
|             }); | ||||
|         } | ||||
|     }); | ||||
| }); | ||||
							
								
								
									
										28
									
								
								js/admin.js
									
									
									
									
									
								
							
							
								
								
								
								
								
									
									
								
							
						
						
									
										28
									
								
								js/admin.js
									
									
									
									
									
								
							| @ -1,28 +0,0 @@ | ||||
| $(document).ready(function() { | ||||
| 
 | ||||
|   // Login
 | ||||
|   $("#username").keypress(function(e) { if(e.which === 13) $("#password").focus(); }); | ||||
|   $("#password").keypress(function(e) { if(e.which === 13) $("#btnLogin").click(); }); | ||||
|   $("#btnLogin").click(function() { | ||||
|     const username = $("#username").val(); | ||||
|     const password = $("#password").val(); | ||||
|     const errorDiv = $("#loginError"); | ||||
|     const createdDiv = $("#accountCreated"); | ||||
|     const stayLoggedIn = $("#stayLoggedIn").is(":checked"); | ||||
|     const btn = $(this); | ||||
| 
 | ||||
|     errorDiv.hide(); | ||||
|     btn.prop("disabled", true); | ||||
|     btn.html("Logging in… <i class=\"fa fa-spin fa-circle-notch\"></i>"); | ||||
|     jsCore.apiCall("/user/login", {"username": username, "password": password, "stayLoggedIn": stayLoggedIn }, function(data) { | ||||
|       document.location.reload(); | ||||
|     }, function(err) { | ||||
|       btn.html("Login"); | ||||
|       btn.prop("disabled", false); | ||||
|       $("#password").val(""); | ||||
|       createdDiv.hide(); | ||||
|       errorDiv.html(err); | ||||
|       errorDiv.show(); | ||||
|     }); | ||||
|   }); | ||||
| }); | ||||
							
								
								
									
										6
									
								
								js/admin.min.js
									
									
									
									
										externo
									
									
								
							
							
								
								
								
								
								
									
									
								
							
						
						
									
										6
									
								
								js/admin.min.js
									
									
									
									
										externo
									
									
								
							
										
											
												Diff do arquivo suprimido porque uma ou mais linhas são muito longas
											
										
									
								
							| @ -35,8 +35,8 @@ export default class API { | ||||
|         return data && data.success && data.loggedIn; | ||||
|     } | ||||
| 
 | ||||
|     async editUser(id, username, email, password, groups) { | ||||
|         return this.apiCall("user/edit", { "id": id, "username": username, "email": email, "password": password, "groups": groups }); | ||||
|     async editUser(id, username, email, password, groups, confirmed) { | ||||
|         return this.apiCall("user/edit", { id: id, username: username, email: email, password: password, groups: groups, confirmed: confirmed }); | ||||
|     } | ||||
| 
 | ||||
|     async logout() { | ||||
|  | ||||
| @ -43,7 +43,8 @@ export default class EditUser extends React.Component { | ||||
|                         name: res.user.name, | ||||
|                         email: res.user.email || "", | ||||
|                         groups: res.user.groups, | ||||
|                         password: "" | ||||
|                         password: "", | ||||
|                         confirmed: res.user.confirmed | ||||
|                     } | ||||
|                 }); | ||||
|                 this.parent.api.fetchGroups(1, 50).then((res) => { | ||||
| @ -61,11 +62,15 @@ export default class EditUser extends React.Component { | ||||
| 
 | ||||
|     onChangeInput(event) { | ||||
|         const target = event.target; | ||||
|         const value = target.value; | ||||
|         let value = target.value; | ||||
|         const name = target.name; | ||||
| 
 | ||||
|         if (target.type === "checkbox") { | ||||
|             value = !!target.checked; | ||||
|         } | ||||
| 
 | ||||
|         if (name === "search") { | ||||
|             this.setState({ ...this.state, searchString: value }); | ||||
|             this.setState({...this.state, searchString: value}); | ||||
|         } else { | ||||
|             this.setState({ ...this.state, user: { ...this.state.user, [name]: value } }); | ||||
|         } | ||||
| @ -85,9 +90,10 @@ export default class EditUser extends React.Component { | ||||
|         const email = this.state.user["email"]; | ||||
|         let password = this.state.user["password"].length > 0 ? this.state.user["password"] : null; | ||||
|         let groups = Object.keys(this.state.user.groups); | ||||
|         let confirmed = this.state.user["confirmed"]; | ||||
| 
 | ||||
|         this.setState({ ...this.state, isSaving: true}); | ||||
|         this.parent.api.editUser(id, username, email, password, groups).then((res) => { | ||||
|         this.parent.api.editUser(id, username, email, password, groups, confirmed).then((res) => { | ||||
|             let alerts = this.state.alerts.slice(); | ||||
| 
 | ||||
|             if (res.success) { | ||||
| @ -262,6 +268,15 @@ export default class EditUser extends React.Component { | ||||
|                     </span> | ||||
|                 </div> | ||||
| 
 | ||||
|                 <div className={"form-check"}> | ||||
|                     <input type={"checkbox"} className={"form-check-input"} | ||||
|                            onChange={this.onChangeInput.bind(this)} | ||||
|                            id={"confirmed"} name={"confirmed"} checked={this.state.user.confirmed}/> | ||||
|                     <label className={"form-check-label"} htmlFor={"confirmed"}> | ||||
|                         Confirmed | ||||
|                     </label> | ||||
|                 </div> | ||||
| 
 | ||||
|                 <Link to={"/admin/users"} className={"btn btn-info mt-2 mr-2"}> | ||||
|                     <Icon icon={"arrow-left"}/> | ||||
|                      Back | ||||
|  | ||||
| @ -167,6 +167,8 @@ export default class UserOverview extends React.Component { | ||||
|             } | ||||
| 
 | ||||
|             let user = this.state.users.data[uid]; | ||||
|             let confirmedIcon = <Icon icon={user["confirmed"] ? "check" : "times"}/>; | ||||
| 
 | ||||
|             let groups = []; | ||||
| 
 | ||||
|             for (let groupId in user.groups) { | ||||
| @ -193,6 +195,7 @@ export default class UserOverview extends React.Component { | ||||
|                             {getPeriodString(user["registered_at"])} | ||||
|                         </span> | ||||
|                     </td> | ||||
|                     <td className={"text-center"}>{confirmedIcon}</td> | ||||
|                     <td> | ||||
|                         <Link to={"/admin/user/edit/" + uid} className={"text-reset"}> | ||||
|                             <Icon icon={"pencil-alt"} data-effect={"solid"} | ||||
| @ -212,6 +215,7 @@ export default class UserOverview extends React.Component { | ||||
|                     <td/> | ||||
|                     <td/> | ||||
|                     <td/> | ||||
|                     <td/> | ||||
|                 </tr> | ||||
|             ); | ||||
|         } | ||||
| @ -251,6 +255,7 @@ export default class UserOverview extends React.Component { | ||||
|                         <th>Email</th> | ||||
|                         <th>Groups</th> | ||||
|                         <th>Registered</th> | ||||
|                         <th className={"text-center"}>Confirmed</th> | ||||
|                         <th><Icon icon={"tools"} /></th> | ||||
|                     </tr> | ||||
|                     </thead> | ||||
|  | ||||
		Carregando…
	
		Referência em uma nova issue
	
	Block a user