DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Addressed merge issue for reset password for #7997

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2020-04-30 17:45:05 -07:00
parent 82e02490fd
commit 8bb3c01f78
No known key found for this signature in database
GPG key ID: 10BFFDA3ED34B5AC
2 changed files with 9 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app/Http/Controllers/Auth/ForgotPasswordController.php
View file

@ -52,14 +52,15 @@ class ForgotPasswordController extends Controller
*/ */
public function sendResetLinkEmail(Request $request) public function sendResetLinkEmail(Request $request)
{ {
$this->validate($request, ['username' => 'required'], ['username.required' => 'Please enter your username.']);
/** /**
* Let's set a max character count here to prevent potential * Let's set a max character count here to prevent potential
* buffer overflow issues with attackers sending very large * buffer overflow issues with attackers sending very large
* payloads through. * payloads through.
*/ */
$this->validate($request, ['email' => 'required|email|max:250']); $this->validate($request->validate([
'email' => 'required|email|max:255']));
/** /**
* If we find a matching email with an activated user, we will * If we find a matching email with an activated user, we will
@ -70,16 +71,16 @@ class ForgotPasswordController extends Controller
*/ */
$response = $this->broker()->sendResetLink( $response = $this->broker()->sendResetLink(
array_merge( array_merge(
$request->only('username'), $request->only('email'),
['activated' => '1'], ['activated' => '1'],
['ldap_import' => '0'] ['ldap_import' => '0']
) )
); );
if ($response === \Password::RESET_LINK_SENT) { if ($response === \Password::RESET_LINK_SENT) {
\Log::info('Password reset attempt: User '.$request->input('username').' found, password reset sent'); \Log::info('Password reset attempt: User '.$request->input('email').' found, password reset sent');
} else { } else {
\Log::info('Password reset attempt: User '.$request->input('username').' not found or user is inactive'); \Log::info('Password reset attempt: User '.$request->input('email').' not found or user is inactive');
} }
@ -101,8 +102,5 @@ class ForgotPasswordController extends Controller
return redirect()->route('login')->with('success',trans('passwords.sent')); return redirect()->route('login')->with('success',trans('passwords.sent'));
} }
return back()->withErrors(
['email' => trans($response)]
);
}
} }

5
resources/views/auth/passwords/email.blade.php
View file

@ -31,12 +31,11 @@
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}"> <div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<div class="col-md-12"> <div class="col-md-12">
<input type="text" class="form-control" name="username" value="{{ old('username') }}" placeholder="{{ trans('admin/users/table.username') }}">
<input type="email" class="form-control" name="email" value="{{ old('email') }}" placeholder="{{ trans('admin/users/table.email') }}" aria-label="email"> <input type="email" class="form-control" name="email" value="{{ old('email') }}" placeholder="{{ trans('admin/users/table.email') }}" aria-label="email">
{!! $errors->first('username', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!} {!! $errors->first('email', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
</div> </div>
</div> </div>