Password Reset + Bugfixes
This commit is contained in:
parent
db63b55a70
commit
0deb6fff52
@ -84,7 +84,7 @@ namespace Api {
|
|||||||
|
|
||||||
protected function getUser($id) {
|
protected function getUser($id) {
|
||||||
$sql = $this->user->getSQL();
|
$sql = $this->user->getSQL();
|
||||||
$res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at",
|
$res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at", "User.confirmed",
|
||||||
"Group.uid as groupId", "Group.name as groupName", "Group.color as groupColor")
|
"Group.uid as groupId", "Group.name as groupName", "Group.color as groupColor")
|
||||||
->from("User")
|
->from("User")
|
||||||
->leftJoin("UserGroup", "User.uid", "UserGroup.user_id")
|
->leftJoin("UserGroup", "User.uid", "UserGroup.user_id")
|
||||||
@ -254,7 +254,7 @@ namespace Api\User {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$sql = $this->user->getSQL();
|
$sql = $this->user->getSQL();
|
||||||
$res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at",
|
$res = $sql->select("User.uid as userId", "User.name", "User.email", "User.registered_at", "User.confirmed",
|
||||||
"Group.uid as groupId", "Group.name as groupName", "Group.color as groupColor")
|
"Group.uid as groupId", "Group.name as groupName", "Group.color as groupColor")
|
||||||
->from("User")
|
->from("User")
|
||||||
->leftJoin("UserGroup", "User.uid", "UserGroup.user_id")
|
->leftJoin("UserGroup", "User.uid", "UserGroup.user_id")
|
||||||
@ -278,6 +278,7 @@ namespace Api\User {
|
|||||||
"name" => $row["name"],
|
"name" => $row["name"],
|
||||||
"email" => $row["email"],
|
"email" => $row["email"],
|
||||||
"registered_at" => $row["registered_at"],
|
"registered_at" => $row["registered_at"],
|
||||||
|
"confirmed" => $sql->parseBool($row["confirmed"]),
|
||||||
"groups" => array(),
|
"groups" => array(),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@ -310,6 +311,7 @@ namespace Api\User {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$sql = $this->user->getSQL();
|
||||||
$id = $this->getParam("id");
|
$id = $this->getParam("id");
|
||||||
$user = $this->getUser($id);
|
$user = $this->getUser($id);
|
||||||
|
|
||||||
@ -322,6 +324,7 @@ namespace Api\User {
|
|||||||
"name" => $user[0]["name"],
|
"name" => $user[0]["name"],
|
||||||
"email" => $user[0]["email"],
|
"email" => $user[0]["email"],
|
||||||
"registered_at" => $user[0]["registered_at"],
|
"registered_at" => $user[0]["registered_at"],
|
||||||
|
"confirmed" => $sql->parseBool($user["0"]["confirmed"]),
|
||||||
"groups" => array()
|
"groups" => array()
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -450,6 +453,7 @@ namespace Api\User {
|
|||||||
'password' => new StringType('password'),
|
'password' => new StringType('password'),
|
||||||
'confirmPassword' => new StringType('confirmPassword'),
|
'confirmPassword' => new StringType('confirmPassword'),
|
||||||
));
|
));
|
||||||
|
$this->csrfTokenRequired = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function updateUser($uid, $password) {
|
private function updateUser($uid, $password) {
|
||||||
@ -783,7 +787,7 @@ namespace Api\User {
|
|||||||
|
|
||||||
private function checkToken($token) {
|
private function checkToken($token) {
|
||||||
$sql = $this->user->getSQL();
|
$sql = $this->user->getSQL();
|
||||||
$res = $sql->select("UserToken.token_type", "User.uid", "User.name", "User.email", "User.confirmed")
|
$res = $sql->select("UserToken.token_type", "User.uid", "User.name", "User.email")
|
||||||
->from("UserToken")
|
->from("UserToken")
|
||||||
->innerJoin("User", "UserToken.user_id", "User.uid")
|
->innerJoin("User", "UserToken.user_id", "User.uid")
|
||||||
->where(new Compare("UserToken.token", $token))
|
->where(new Compare("UserToken.token", $token))
|
||||||
@ -817,7 +821,6 @@ namespace Api\User {
|
|||||||
$this->result["user"] = array(
|
$this->result["user"] = array(
|
||||||
"name" => $tokenEntry["name"],
|
"name" => $tokenEntry["name"],
|
||||||
"email" => $tokenEntry["email"],
|
"email" => $tokenEntry["email"],
|
||||||
"confirmed" => $this->user->getSQL()->parseBool($tokenEntry["confirmed"]),
|
|
||||||
"uid" => $tokenEntry["uid"]
|
"uid" => $tokenEntry["uid"]
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
@ -837,6 +840,7 @@ namespace Api\User {
|
|||||||
'email' => new Parameter('email', Parameter::TYPE_EMAIL, true, NULL),
|
'email' => new Parameter('email', Parameter::TYPE_EMAIL, true, NULL),
|
||||||
'password' => new StringType('password', -1, true, NULL),
|
'password' => new StringType('password', -1, true, NULL),
|
||||||
'groups' => new Parameter('groups', Parameter::TYPE_ARRAY, true, NULL),
|
'groups' => new Parameter('groups', Parameter::TYPE_ARRAY, true, NULL),
|
||||||
|
'confirmed' => new Parameter('confirmed', Parameter::TYPE_BOOLEAN, true, NULL)
|
||||||
));
|
));
|
||||||
|
|
||||||
$this->loginRequired = true;
|
$this->loginRequired = true;
|
||||||
@ -859,6 +863,7 @@ namespace Api\User {
|
|||||||
$email = $this->getParam("email");
|
$email = $this->getParam("email");
|
||||||
$password = $this->getParam("password");
|
$password = $this->getParam("password");
|
||||||
$groups = $this->getParam("groups");
|
$groups = $this->getParam("groups");
|
||||||
|
$confirmed = $this->getParam("confirmed");
|
||||||
|
|
||||||
$email = (!is_null($email) && empty($email)) ? null : $email;
|
$email = (!is_null($email) && empty($email)) ? null : $email;
|
||||||
|
|
||||||
@ -896,6 +901,14 @@ namespace Api\User {
|
|||||||
if ($emailChanged) $query->set("email", $email);
|
if ($emailChanged) $query->set("email", $email);
|
||||||
if (!is_null($password)) $query->set("password", $this->hashPassword($password));
|
if (!is_null($password)) $query->set("password", $this->hashPassword($password));
|
||||||
|
|
||||||
|
if (!is_null($confirmed)) {
|
||||||
|
if ($id === $this->user->getId() && $confirmed === false) {
|
||||||
|
return $this->createError("Cannot make own account unconfirmed.");
|
||||||
|
} else {
|
||||||
|
$query->set("confirmed", $confirmed);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!empty($query->getValues())) {
|
if (!empty($query->getValues())) {
|
||||||
$query->where(new Compare("User.uid", $id));
|
$query->where(new Compare("User.uid", $id));
|
||||||
$res = $query->execute();
|
$res = $query->execute();
|
||||||
@ -957,7 +970,7 @@ namespace Api\User {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class RequestResetPassword extends UserAPI {
|
class RequestPasswordReset extends UserAPI {
|
||||||
public function __construct(User $user, $externalCall = false) {
|
public function __construct(User $user, $externalCall = false) {
|
||||||
$parameters = array(
|
$parameters = array(
|
||||||
'email' => new Parameter('email', Parameter::TYPE_EMAIL),
|
'email' => new Parameter('email', Parameter::TYPE_EMAIL),
|
||||||
@ -969,6 +982,7 @@ namespace Api\User {
|
|||||||
}
|
}
|
||||||
|
|
||||||
parent::__construct($user, $externalCall, $parameters);
|
parent::__construct($user, $externalCall, $parameters);
|
||||||
|
$this->csrfTokenRequired = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function execute($values = array()) {
|
public function execute($values = array()) {
|
||||||
@ -1010,7 +1024,7 @@ namespace Api\User {
|
|||||||
$siteName = htmlspecialchars($settings->getSiteName());
|
$siteName = htmlspecialchars($settings->getSiteName());
|
||||||
|
|
||||||
$replacements = array(
|
$replacements = array(
|
||||||
"link" => "$baseUrl/confirmEmail?token=$token",
|
"link" => "$baseUrl/resetPassword?token=$token",
|
||||||
"site_name" => $siteName,
|
"site_name" => $siteName,
|
||||||
"base_url" => $baseUrl,
|
"base_url" => $baseUrl,
|
||||||
"username" => htmlspecialchars($user["name"])
|
"username" => htmlspecialchars($user["name"])
|
||||||
@ -1035,6 +1049,7 @@ namespace Api\User {
|
|||||||
private function findUser($email) {
|
private function findUser($email) {
|
||||||
$sql = $this->user->getSQL();
|
$sql = $this->user->getSQL();
|
||||||
$res = $sql->select("User.uid", "User.name")
|
$res = $sql->select("User.uid", "User.name")
|
||||||
|
->from("User")
|
||||||
->where(new Compare("User.email", $email))
|
->where(new Compare("User.email", $email))
|
||||||
->where(new CondBool("User.confirmed"))
|
->where(new CondBool("User.confirmed"))
|
||||||
->execute();
|
->execute();
|
||||||
@ -1073,6 +1088,8 @@ namespace Api\User {
|
|||||||
'password' => new StringType('password'),
|
'password' => new StringType('password'),
|
||||||
'confirmPassword' => new StringType('confirmPassword'),
|
'confirmPassword' => new StringType('confirmPassword'),
|
||||||
));
|
));
|
||||||
|
|
||||||
|
$this->csrfTokenRequired = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function updateUser($uid, $password) {
|
private function updateUser($uid, $password) {
|
||||||
@ -1108,7 +1125,7 @@ namespace Api\User {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$result = $req->getResult();
|
$result = $req->getResult();
|
||||||
if (strcasecmp($result["token"]["type"], "reset_password") !== 0) {
|
if (strcasecmp($result["token"]["type"], "password_reset") !== 0) {
|
||||||
return $this->createError("Invalid token type");
|
return $this->createError("Invalid token type");
|
||||||
} else if (!$this->checkPasswordRequirements($password, $confirmPassword)) {
|
} else if (!$this->checkPasswordRequirements($password, $confirmPassword)) {
|
||||||
return false;
|
return false;
|
||||||
|
@ -6,7 +6,7 @@ namespace Documents {
|
|||||||
use Elements\Document;
|
use Elements\Document;
|
||||||
use Objects\User;
|
use Objects\User;
|
||||||
use Views\Admin\AdminDashboardBody;
|
use Views\Admin\AdminDashboardBody;
|
||||||
use Views\LoginBody;
|
use Views\Admin\LoginBody;
|
||||||
|
|
||||||
class Admin extends Document {
|
class Admin extends Document {
|
||||||
public function __construct(User $user, ?string $view = NULL) {
|
public function __construct(User $user, ?string $view = NULL) {
|
||||||
|
@ -10,7 +10,7 @@ class Link extends StaticView {
|
|||||||
const FONTAWESOME = "/css/fontawesome.min.css";
|
const FONTAWESOME = "/css/fontawesome.min.css";
|
||||||
const BOOTSTRAP = "/css/bootstrap.min.css";
|
const BOOTSTRAP = "/css/bootstrap.min.css";
|
||||||
const CORE = "/css/style.css";
|
const CORE = "/css/style.css";
|
||||||
const ADMIN = "/css/admin.css";
|
const ACCOUNT = "/css/account.css";
|
||||||
|
|
||||||
private string $type;
|
private string $type;
|
||||||
private string $rel;
|
private string $rel;
|
||||||
|
@ -7,7 +7,6 @@ class Script extends StaticView {
|
|||||||
const MIME_TEXT_JAVASCRIPT = "text/javascript";
|
const MIME_TEXT_JAVASCRIPT = "text/javascript";
|
||||||
|
|
||||||
const CORE = "/js/script.js";
|
const CORE = "/js/script.js";
|
||||||
const ADMIN = "/js/admin.js";
|
|
||||||
const JQUERY = "/js/jquery.min.js";
|
const JQUERY = "/js/jquery.min.js";
|
||||||
const INSTALL = "/js/install.js";
|
const INSTALL = "/js/install.js";
|
||||||
const BOOTSTRAP = "/js/bootstrap.bundle.min.js";
|
const BOOTSTRAP = "/js/bootstrap.bundle.min.js";
|
||||||
|
@ -7,15 +7,83 @@ namespace Views\Account;
|
|||||||
use Elements\Document;
|
use Elements\Document;
|
||||||
use Elements\View;
|
use Elements\View;
|
||||||
|
|
||||||
class AcceptInvite extends View {
|
class AcceptInvite extends AccountView {
|
||||||
|
|
||||||
|
private bool $success;
|
||||||
|
private string $message;
|
||||||
|
private array $invitedUser;
|
||||||
|
|
||||||
public function __construct(Document $document, $loadView = true) {
|
public function __construct(Document $document, $loadView = true) {
|
||||||
parent::__construct($document, $loadView);
|
parent::__construct($document, $loadView);
|
||||||
|
$this->title = "Invitation";
|
||||||
|
$this->description = "Finnish your account registration by choosing a password.";
|
||||||
|
$this->icon = "user-check";
|
||||||
|
$this->success = false;
|
||||||
|
$this->message = "No content";
|
||||||
|
$this->invitedUser = array();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getCode() {
|
public function loadView() {
|
||||||
$html = parent::getCode();
|
parent::loadView();
|
||||||
|
|
||||||
return $html;
|
if (isset($_GET["token"]) && is_string($_GET["token"]) && !empty($_GET["token"])) {
|
||||||
|
$req = new \Api\User\CheckToken($this->getDocument()->getUser());
|
||||||
|
$this->success = $req->execute(array("token" => $_GET["token"]));
|
||||||
|
if ($this->success) {
|
||||||
|
if (strcmp($req->getResult()["token"]["type"], "invite") !== 0) {
|
||||||
|
$this->success = false;
|
||||||
|
$this->message = "The given token has a wrong type.";
|
||||||
|
} else {
|
||||||
|
$this->invitedUser = $req->getResult()["user"];
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->message = "Error confirming e-mail address: " . $req->getLastError();
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->success = false;
|
||||||
|
$this->message = "The link you visited is no longer valid";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function getAccountContent() {
|
||||||
|
if (!$this->success) {
|
||||||
|
return $this->createErrorText($this->message);
|
||||||
|
}
|
||||||
|
|
||||||
|
$token = htmlspecialchars($_GET["token"], ENT_QUOTES);
|
||||||
|
$username = $this->invitedUser["name"];
|
||||||
|
$emailAddress = $this->invitedUser["email"];
|
||||||
|
|
||||||
|
return "<h4 class=\"pb-4\">Please fill with your details</h4>
|
||||||
|
<form>
|
||||||
|
<input name='token' id='token' type='hidden' value='$token'/>
|
||||||
|
<div class=\"input-group\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-hashtag\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input id=\"username\" name=\"username\" placeholder=\"Username\" class=\"form-control\" type=\"text\" maxlength=\"32\" value='$username' disabled>
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-at\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input type=\"email\" name='email' id='email' class=\"form-control\" placeholder=\"Email\" maxlength=\"64\" value='$emailAddress' disabled>
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input type=\"password\" name='password' id='password' class=\"form-control\" placeholder=\"Password\">
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input type=\"password\" name='confirmPassword' id='confirmPassword' class=\"form-control\" placeholder=\"Confirm Password\">
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<button type=\"button\" class=\"btn btn-success\" id='btnAcceptInvite'>Submit</button>
|
||||||
|
</div>
|
||||||
|
</form>";
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -3,9 +3,7 @@
|
|||||||
|
|
||||||
namespace Views\Account;
|
namespace Views\Account;
|
||||||
|
|
||||||
|
|
||||||
use Elements\Document;
|
use Elements\Document;
|
||||||
use Elements\View;
|
|
||||||
|
|
||||||
class Register extends AccountView {
|
class Register extends AccountView {
|
||||||
|
|
||||||
|
@ -5,17 +5,83 @@ namespace Views\Account;
|
|||||||
|
|
||||||
|
|
||||||
use Elements\Document;
|
use Elements\Document;
|
||||||
use Elements\View;
|
|
||||||
|
|
||||||
class ResetPassword extends View {
|
class ResetPassword extends AccountView {
|
||||||
|
|
||||||
|
private bool $success;
|
||||||
|
private string $message;
|
||||||
|
private ?string $token;
|
||||||
|
|
||||||
public function __construct(Document $document, $loadView = true) {
|
public function __construct(Document $document, $loadView = true) {
|
||||||
parent::__construct($document, $loadView);
|
parent::__construct($document, $loadView);
|
||||||
|
$this->title = "Reset Password";
|
||||||
|
$this->description = "Request a password reset, once you got the e-mail address, you can choose a new password";
|
||||||
|
$this->icon = "user-lock";
|
||||||
|
$this->success = true;
|
||||||
|
$this->message = "";
|
||||||
|
$this->token = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getCode() {
|
public function loadView() {
|
||||||
$html = parent::getCode();
|
parent::loadView();
|
||||||
|
|
||||||
return $html;
|
if (isset($_GET["token"]) && is_string($_GET["token"]) && !empty($_GET["token"])) {
|
||||||
|
$this->token = $_GET["token"];
|
||||||
|
$req = new \Api\User\CheckToken($this->getDocument()->getUser());
|
||||||
|
$this->success = $req->execute(array("token" => $_GET["token"]));
|
||||||
|
if ($this->success) {
|
||||||
|
if (strcmp($req->getResult()["token"]["type"], "password_reset") !== 0) {
|
||||||
|
$this->success = false;
|
||||||
|
$this->message = "The given token has a wrong type.";
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->message = "Error requesting password reset: " . $req->getLastError();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function getAccountContent() {
|
||||||
|
if (!$this->success) {
|
||||||
|
$html = $this->createErrorText($this->message);
|
||||||
|
if ($this->token !== null) {
|
||||||
|
$html .= "<a href='/resetPassword' class='btn btn-primary'>Go back</a>";
|
||||||
|
}
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->token === null) {
|
||||||
|
return "<p class='lead'>Enter your E-Mail address, to receive a password reset token.</p>
|
||||||
|
<form>
|
||||||
|
<div class=\"input-group\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-at\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input id=\"email\" name=\"email\" placeholder=\"E-Mail address\" class=\"form-control\" type=\"email\" maxlength=\"64\" />
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-2\">
|
||||||
|
<button id='btnRequestPasswordReset' class='btn btn-primary'>Request</button>
|
||||||
|
</div>
|
||||||
|
";
|
||||||
|
} else {
|
||||||
|
return "<h4 class=\"pb-4\">Choose a new password</h4>
|
||||||
|
<form>
|
||||||
|
<input name='token' id='token' type='hidden' value='$this->token'/>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input type=\"password\" name='password' id='password' class=\"form-control\" placeholder=\"Password\">
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<div class=\"input-group-append\">
|
||||||
|
<span class=\"input-group-text\"><i class=\"fas fa-key\"></i></span>
|
||||||
|
</div>
|
||||||
|
<input type=\"password\" name='confirmPassword' id='confirmPassword' class=\"form-control\" placeholder=\"Confirm Password\">
|
||||||
|
</div>
|
||||||
|
<div class=\"input-group mt-3\">
|
||||||
|
<button type=\"button\" class=\"btn btn-success\" id='btnResetPassword'>Submit</button>
|
||||||
|
</div>
|
||||||
|
</form>";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -1,10 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
namespace Views;
|
namespace Views\Admin;
|
||||||
|
|
||||||
use Elements\Body;
|
use Elements\Body;
|
||||||
use Elements\Link;
|
use Elements\Link;
|
||||||
use Elements\Script;
|
use Elements\Script;
|
||||||
|
use Views\LanguageFlags;
|
||||||
|
|
||||||
class LoginBody extends Body {
|
class LoginBody extends Body {
|
||||||
|
|
||||||
@ -19,8 +20,8 @@ class LoginBody extends Body {
|
|||||||
$head->loadBootstrap();
|
$head->loadBootstrap();
|
||||||
$head->addJS(Script::CORE);
|
$head->addJS(Script::CORE);
|
||||||
$head->addCSS(Link::CORE);
|
$head->addCSS(Link::CORE);
|
||||||
$head->addJS(Script::ADMIN);
|
$head->addJS(Script::ACCOUNT);
|
||||||
$head->addCSS(Link::ADMIN);
|
$head->addCSS(Link::ACCOUNT);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getCode() {
|
public function getCode() {
|
||||||
@ -37,14 +38,6 @@ class LoginBody extends Body {
|
|||||||
$domain = $_SERVER['HTTP_HOST'];
|
$domain = $_SERVER['HTTP_HOST'];
|
||||||
$protocol = getProtocol();
|
$protocol = getProtocol();
|
||||||
|
|
||||||
$accountCreated = "";
|
|
||||||
if(isset($_GET["accountCreated"])) {
|
|
||||||
$accountCreated =
|
|
||||||
'<div class="alert alert-success mt-3" id="accountCreated">
|
|
||||||
Your account was successfully created, you may now login with your credentials
|
|
||||||
</div>';
|
|
||||||
}
|
|
||||||
|
|
||||||
$html .= "
|
$html .= "
|
||||||
<body>
|
<body>
|
||||||
<div class=\"container mt-4\">
|
<div class=\"container mt-4\">
|
||||||
@ -63,13 +56,12 @@ class LoginBody extends Body {
|
|||||||
<label class=\"form-check-label\" for=\"stayLoggedIn\">$stayLoggedIn</label>
|
<label class=\"form-check-label\" for=\"stayLoggedIn\">$stayLoggedIn</label>
|
||||||
</div>
|
</div>
|
||||||
<button class=\"btn btn-lg btn-primary btn-block\" id=\"btnLogin\" type=\"button\">$login</button>
|
<button class=\"btn btn-lg btn-primary btn-block\" id=\"btnLogin\" type=\"button\">$login</button>
|
||||||
<div class=\"alert alert-danger hidden\" role=\"alert\" id=\"loginError\"></div>
|
<div class=\"alert alert-danger\" style='display:none' role=\"alert\" id=\"alertMessage\"></div>
|
||||||
<span class=\"flags position-absolute\">$flags</span>
|
<span class=\"flags position-absolute\">$flags</span>
|
||||||
</form>
|
</form>
|
||||||
<div class=\"p-1\">
|
<div class=\"p-1\">
|
||||||
<a href=\"$protocol://$domain\">$iconBack $backToStartPage</a>
|
<a href=\"$protocol://$domain\">$iconBack $backToStartPage</a>
|
||||||
</div>
|
</div>
|
||||||
$accountCreated
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
106
js/account.js
106
js/account.js
@ -11,6 +11,30 @@ $(document).ready(function () {
|
|||||||
$("#alertMessage").hide();
|
$("#alertMessage").hide();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Login
|
||||||
|
$("#btnLogin").click(function() {
|
||||||
|
const username = $("#username").val();
|
||||||
|
const password = $("#password").val();
|
||||||
|
const createdDiv = $("#accountCreated");
|
||||||
|
const stayLoggedIn = $("#stayLoggedIn").is(":checked");
|
||||||
|
const btn = $(this);
|
||||||
|
|
||||||
|
hideAlert();
|
||||||
|
btn.prop("disabled", true);
|
||||||
|
btn.html("Logging in… <i class=\"fa fa-spin fa-circle-notch\"></i>");
|
||||||
|
jsCore.apiCall("/user/login", {"username": username, "password": password, "stayLoggedIn": stayLoggedIn }, function(res) {
|
||||||
|
if (res.success) {
|
||||||
|
document.location.reload();
|
||||||
|
} else {
|
||||||
|
btn.html("Login");
|
||||||
|
btn.prop("disabled", false);
|
||||||
|
$("#password").val("");
|
||||||
|
createdDiv.hide();
|
||||||
|
showAlert(res.msg);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
$("#btnRegister").click(function (e) {
|
$("#btnRegister").click(function (e) {
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
e.stopPropagation();
|
e.stopPropagation();
|
||||||
@ -43,4 +67,86 @@ $(document).ready(function () {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
$("#btnAcceptInvite").click(function (e) {
|
||||||
|
e.preventDefault();
|
||||||
|
e.stopPropagation();
|
||||||
|
|
||||||
|
let btn = $(this);
|
||||||
|
let token = $("#token").val();
|
||||||
|
let password = $("#password").val();
|
||||||
|
let confirmPassword = $("#confirmPassword").val();
|
||||||
|
|
||||||
|
if(password !== confirmPassword) {
|
||||||
|
showAlert("danger", "Your passwords did not match.");
|
||||||
|
} else {
|
||||||
|
let textBefore = btn.text();
|
||||||
|
let params = { token: token, password: password, confirmPassword: confirmPassword };
|
||||||
|
|
||||||
|
btn.prop("disabled", true);
|
||||||
|
btn.html("Submitting… <i class='fas fa-spin fa-spinner'></i>")
|
||||||
|
jsCore.apiCall("user/acceptInvite", params, (res) => {
|
||||||
|
btn.prop("disabled", false);
|
||||||
|
btn.text(textBefore);
|
||||||
|
if (!res.success) {
|
||||||
|
showAlert("danger", res.msg);
|
||||||
|
} else {
|
||||||
|
showAlert("success", "Account successfully created. You may now login.");
|
||||||
|
$("input").val("");
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
$("#btnRequestPasswordReset").click(function (e) {
|
||||||
|
e.preventDefault();
|
||||||
|
e.stopPropagation();
|
||||||
|
|
||||||
|
let btn = $(this);
|
||||||
|
let email = $("#email").val();
|
||||||
|
|
||||||
|
let textBefore = btn.text();
|
||||||
|
btn.prop("disabled", true);
|
||||||
|
btn.html("Submitting… <i class='fas fa-spin fa-spinner'></i>")
|
||||||
|
jsCore.apiCall("user/requestPasswordReset", { email: email }, (res) => {
|
||||||
|
btn.prop("disabled", false);
|
||||||
|
btn.text(textBefore);
|
||||||
|
if (!res.success) {
|
||||||
|
showAlert("danger", res.msg);
|
||||||
|
} else {
|
||||||
|
showAlert("success", "If the e-mail address exists and is linked to a account, you will receive a password reset token.");
|
||||||
|
$("input").val("");
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
$("#btnResetPassword").click(function (e) {
|
||||||
|
e.preventDefault();
|
||||||
|
e.stopPropagation();
|
||||||
|
|
||||||
|
let btn = $(this);
|
||||||
|
let token = $("#token").val();
|
||||||
|
let password = $("#password").val();
|
||||||
|
let confirmPassword = $("#confirmPassword").val();
|
||||||
|
|
||||||
|
if(password !== confirmPassword) {
|
||||||
|
showAlert("danger", "Your passwords did not match.");
|
||||||
|
} else {
|
||||||
|
let textBefore = btn.text();
|
||||||
|
let params = { token: token, password: password, confirmPassword: confirmPassword };
|
||||||
|
|
||||||
|
btn.prop("disabled", true);
|
||||||
|
btn.html("Submitting… <i class='fas fa-spin fa-spinner'></i>")
|
||||||
|
jsCore.apiCall("user/resetPassword", params, (res) => {
|
||||||
|
btn.prop("disabled", false);
|
||||||
|
btn.text(textBefore);
|
||||||
|
if (!res.success) {
|
||||||
|
showAlert("danger", res.msg);
|
||||||
|
} else {
|
||||||
|
showAlert("success", "Your password was successfully changed. You may now login.");
|
||||||
|
$("input").val("");
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
});
|
});
|
28
js/admin.js
28
js/admin.js
@ -1,28 +0,0 @@
|
|||||||
$(document).ready(function() {
|
|
||||||
|
|
||||||
// Login
|
|
||||||
$("#username").keypress(function(e) { if(e.which === 13) $("#password").focus(); });
|
|
||||||
$("#password").keypress(function(e) { if(e.which === 13) $("#btnLogin").click(); });
|
|
||||||
$("#btnLogin").click(function() {
|
|
||||||
const username = $("#username").val();
|
|
||||||
const password = $("#password").val();
|
|
||||||
const errorDiv = $("#loginError");
|
|
||||||
const createdDiv = $("#accountCreated");
|
|
||||||
const stayLoggedIn = $("#stayLoggedIn").is(":checked");
|
|
||||||
const btn = $(this);
|
|
||||||
|
|
||||||
errorDiv.hide();
|
|
||||||
btn.prop("disabled", true);
|
|
||||||
btn.html("Logging in… <i class=\"fa fa-spin fa-circle-notch\"></i>");
|
|
||||||
jsCore.apiCall("/user/login", {"username": username, "password": password, "stayLoggedIn": stayLoggedIn }, function(data) {
|
|
||||||
document.location.reload();
|
|
||||||
}, function(err) {
|
|
||||||
btn.html("Login");
|
|
||||||
btn.prop("disabled", false);
|
|
||||||
$("#password").val("");
|
|
||||||
createdDiv.hide();
|
|
||||||
errorDiv.html(err);
|
|
||||||
errorDiv.show();
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
6
js/admin.min.js
vendored
6
js/admin.min.js
vendored
File diff suppressed because one or more lines are too long
@ -35,8 +35,8 @@ export default class API {
|
|||||||
return data && data.success && data.loggedIn;
|
return data && data.success && data.loggedIn;
|
||||||
}
|
}
|
||||||
|
|
||||||
async editUser(id, username, email, password, groups) {
|
async editUser(id, username, email, password, groups, confirmed) {
|
||||||
return this.apiCall("user/edit", { "id": id, "username": username, "email": email, "password": password, "groups": groups });
|
return this.apiCall("user/edit", { id: id, username: username, email: email, password: password, groups: groups, confirmed: confirmed });
|
||||||
}
|
}
|
||||||
|
|
||||||
async logout() {
|
async logout() {
|
||||||
|
@ -43,7 +43,8 @@ export default class EditUser extends React.Component {
|
|||||||
name: res.user.name,
|
name: res.user.name,
|
||||||
email: res.user.email || "",
|
email: res.user.email || "",
|
||||||
groups: res.user.groups,
|
groups: res.user.groups,
|
||||||
password: ""
|
password: "",
|
||||||
|
confirmed: res.user.confirmed
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
this.parent.api.fetchGroups(1, 50).then((res) => {
|
this.parent.api.fetchGroups(1, 50).then((res) => {
|
||||||
@ -61,11 +62,15 @@ export default class EditUser extends React.Component {
|
|||||||
|
|
||||||
onChangeInput(event) {
|
onChangeInput(event) {
|
||||||
const target = event.target;
|
const target = event.target;
|
||||||
const value = target.value;
|
let value = target.value;
|
||||||
const name = target.name;
|
const name = target.name;
|
||||||
|
|
||||||
|
if (target.type === "checkbox") {
|
||||||
|
value = !!target.checked;
|
||||||
|
}
|
||||||
|
|
||||||
if (name === "search") {
|
if (name === "search") {
|
||||||
this.setState({ ...this.state, searchString: value });
|
this.setState({...this.state, searchString: value});
|
||||||
} else {
|
} else {
|
||||||
this.setState({ ...this.state, user: { ...this.state.user, [name]: value } });
|
this.setState({ ...this.state, user: { ...this.state.user, [name]: value } });
|
||||||
}
|
}
|
||||||
@ -85,9 +90,10 @@ export default class EditUser extends React.Component {
|
|||||||
const email = this.state.user["email"];
|
const email = this.state.user["email"];
|
||||||
let password = this.state.user["password"].length > 0 ? this.state.user["password"] : null;
|
let password = this.state.user["password"].length > 0 ? this.state.user["password"] : null;
|
||||||
let groups = Object.keys(this.state.user.groups);
|
let groups = Object.keys(this.state.user.groups);
|
||||||
|
let confirmed = this.state.user["confirmed"];
|
||||||
|
|
||||||
this.setState({ ...this.state, isSaving: true});
|
this.setState({ ...this.state, isSaving: true});
|
||||||
this.parent.api.editUser(id, username, email, password, groups).then((res) => {
|
this.parent.api.editUser(id, username, email, password, groups, confirmed).then((res) => {
|
||||||
let alerts = this.state.alerts.slice();
|
let alerts = this.state.alerts.slice();
|
||||||
|
|
||||||
if (res.success) {
|
if (res.success) {
|
||||||
@ -262,6 +268,15 @@ export default class EditUser extends React.Component {
|
|||||||
</span>
|
</span>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div className={"form-check"}>
|
||||||
|
<input type={"checkbox"} className={"form-check-input"}
|
||||||
|
onChange={this.onChangeInput.bind(this)}
|
||||||
|
id={"confirmed"} name={"confirmed"} checked={this.state.user.confirmed}/>
|
||||||
|
<label className={"form-check-label"} htmlFor={"confirmed"}>
|
||||||
|
Confirmed
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
<Link to={"/admin/users"} className={"btn btn-info mt-2 mr-2"}>
|
<Link to={"/admin/users"} className={"btn btn-info mt-2 mr-2"}>
|
||||||
<Icon icon={"arrow-left"}/>
|
<Icon icon={"arrow-left"}/>
|
||||||
Back
|
Back
|
||||||
|
@ -167,6 +167,8 @@ export default class UserOverview extends React.Component {
|
|||||||
}
|
}
|
||||||
|
|
||||||
let user = this.state.users.data[uid];
|
let user = this.state.users.data[uid];
|
||||||
|
let confirmedIcon = <Icon icon={user["confirmed"] ? "check" : "times"}/>;
|
||||||
|
|
||||||
let groups = [];
|
let groups = [];
|
||||||
|
|
||||||
for (let groupId in user.groups) {
|
for (let groupId in user.groups) {
|
||||||
@ -193,6 +195,7 @@ export default class UserOverview extends React.Component {
|
|||||||
{getPeriodString(user["registered_at"])}
|
{getPeriodString(user["registered_at"])}
|
||||||
</span>
|
</span>
|
||||||
</td>
|
</td>
|
||||||
|
<td className={"text-center"}>{confirmedIcon}</td>
|
||||||
<td>
|
<td>
|
||||||
<Link to={"/admin/user/edit/" + uid} className={"text-reset"}>
|
<Link to={"/admin/user/edit/" + uid} className={"text-reset"}>
|
||||||
<Icon icon={"pencil-alt"} data-effect={"solid"}
|
<Icon icon={"pencil-alt"} data-effect={"solid"}
|
||||||
@ -212,6 +215,7 @@ export default class UserOverview extends React.Component {
|
|||||||
<td/>
|
<td/>
|
||||||
<td/>
|
<td/>
|
||||||
<td/>
|
<td/>
|
||||||
|
<td/>
|
||||||
</tr>
|
</tr>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@ -251,6 +255,7 @@ export default class UserOverview extends React.Component {
|
|||||||
<th>Email</th>
|
<th>Email</th>
|
||||||
<th>Groups</th>
|
<th>Groups</th>
|
||||||
<th>Registered</th>
|
<th>Registered</th>
|
||||||
|
<th className={"text-center"}>Confirmed</th>
|
||||||
<th><Icon icon={"tools"} /></th>
|
<th><Icon icon={"tools"} /></th>
|
||||||
</tr>
|
</tr>
|
||||||
</thead>
|
</thead>
|
||||||
|
Loading…
Reference in New Issue
Block a user