From e185dc68af19cc78ddb33fe3e16e6811cec44670 Mon Sep 17 00:00:00 2001 From: snipe Date: Thu, 19 Oct 2017 12:22:27 -0700 Subject: [PATCH] Fixes #4240 - allows admins to use custom password reset URL --- app/Http/Controllers/SettingsController.php | 1 + app/Models/Setting.php | 1 + ..._120002_add_custom_forgot_password_url.php | 32 +++++++++++++++++++ resources/lang/en/admin/settings/general.php | 4 +++ resources/views/auth/login.blade.php | 8 ++++- .../views/auth/passwords/email.blade.php | 7 ++++ resources/views/settings/ldap.blade.php | 19 ++++++++++- 7 files changed, 70 insertions(+), 2 deletions(-) create mode 100644 database/migrations/2017_10_19_120002_add_custom_forgot_password_url.php diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index 2cbf5cd289..1d1296c4cf 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -826,6 +826,7 @@ class SettingsController extends Controller $setting->is_ad = $request->input('is_ad', '0'); $setting->ldap_tls = $request->input('ldap_tls', '0'); $setting->ldap_pw_sync = $request->input('ldap_pw_sync', '0'); + $setting->custom_forgot_pass_url = $request->input('custom_forgot_pass_url'); if ($setting->save()) { return redirect()->route('settings.index') diff --git a/app/Models/Setting.php b/app/Models/Setting.php index 1404c4e1f5..b0d032da90 100755 --- a/app/Models/Setting.php +++ b/app/Models/Setting.php @@ -38,6 +38,7 @@ class Setting extends Model "pwd_secure_min" => "numeric|required|min:5", "audit_warning_days" => "numeric|nullable", "audit_interval" => "numeric|nullable", + "custom_forgot_pass_url" => "url|nullable", ]; protected $fillable = ['site_name','email_domain','email_format','username_format']; diff --git a/database/migrations/2017_10_19_120002_add_custom_forgot_password_url.php b/database/migrations/2017_10_19_120002_add_custom_forgot_password_url.php new file mode 100644 index 0000000000..7a1776e257 --- /dev/null +++ b/database/migrations/2017_10_19_120002_add_custom_forgot_password_url.php @@ -0,0 +1,32 @@ +string('custom_forgot_pass_url')->nullable()->default(null); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('settings', function (Blueprint $table) { + $table->dropColumn('custom_forgot_pass_url'); + }); + } +} diff --git a/resources/lang/en/admin/settings/general.php b/resources/lang/en/admin/settings/general.php index 1beed4ea5e..3dd1efe702 100644 --- a/resources/lang/en/admin/settings/general.php +++ b/resources/lang/en/admin/settings/general.php @@ -23,6 +23,8 @@ return array( 'confirm_purge_help' => 'Enter the text "DELETE" in the box below to purge your deleted records. This action cannot be undone.', 'custom_css' => 'Custom CSS', 'custom_css_help' => 'Enter any custom CSS overrides you would like to use. Do not include the <style></style> tags.', + 'custom_forgot_pass_url' => 'Custom Password Reset URL', + 'custom_forgot_pass_url_help' => 'This replaces the built-in forgotten password URL on the login screen, useful to direct people to internal or hosted LDAP password reset functionality. It will effectively disable local user forgotten password functionality.', 'default_currency' => 'Default Currency', 'default_eula_text' => 'Default EULA', 'default_language' => 'Default Language', @@ -44,6 +46,8 @@ return array( 'ldap_enabled' => 'LDAP enabled', 'ldap_integration' => 'LDAP Integration', 'ldap_settings' => 'LDAP Settings', + 'ldap_login_test_help' => 'Enter a valid LDAP username and password to test whether your LDAP login is configured correctly.', + 'ldap_login_sync_help' => 'This only tests that LDAP can sync correctly. If your LDAP Authentication query is not correct, users may still not be able to login.', 'ldap_server' => 'LDAP Server', 'ldap_server_help' => 'This should start with ldap:// (for unencrypted or TLS) or ldaps:// (for SSL)', 'ldap_server_cert' => 'LDAP SSL certificate validation', diff --git a/resources/views/auth/login.blade.php b/resources/views/auth/login.blade.php index e6d4316f4f..114ea6b21d 100755 --- a/resources/views/auth/login.blade.php +++ b/resources/views/auth/login.blade.php @@ -63,7 +63,13 @@
- {{ trans('auth/general.forgot_password') }} + @if ($snipeSettings->custom_forgot_pass_url) + {{ trans('auth/general.forgot_password') }} + @else + {{ trans('auth/general.forgot_password') }} + @endif + +
diff --git a/resources/views/auth/passwords/email.blade.php b/resources/views/auth/passwords/email.blade.php index 853b6e0108..d2e1cd344b 100644 --- a/resources/views/auth/passwords/email.blade.php +++ b/resources/views/auth/passwords/email.blade.php @@ -3,6 +3,11 @@ {{-- Page content --}} @section('content') + + @if ($snipeSettings->custom_forgot_pass_url) + {{ trans('auth/general.forgot_password') }} + @else +
{!! csrf_field() !!}
@@ -50,5 +55,7 @@
+ + @endif @stop diff --git a/resources/views/settings/ldap.blade.php b/resources/views/settings/ldap.blade.php index 705fdcafc9..10e4d919a2 100644 --- a/resources/views/settings/ldap.blade.php +++ b/resources/views/settings/ldap.blade.php @@ -377,12 +377,29 @@
-

Enter a valid LDAP username and password to test whether your LDAP login is configured correctly.

+

{{ trans('admin/settings/general.ldap_login_test_help') }}

@endif + +
+
+ {{ Form::label('custom_forgot_pass_url', trans('admin/settings/general.custom_forgot_pass_url')) }} +
+
+ @if (config('app.lock_passwords')===true) + {{ Form::text('custom_forgot_pass_url', Input::old('custom_forgot_pass_url', $setting->custom_forgot_pass_url), array('class' => 'form-control', 'disabled'=>'disabled','placeholder' => 'https://my.ldapserver-forgotpass.com')) }} + @else + {{ Form::text('custom_forgot_pass_url', Input::old('custom_forgot_pass_url', $setting->custom_forgot_pass_url), array('class' => 'form-control','placeholder' => 'https://my.ldapserver-forgotpass.com')) }} + @endif +

{{ trans('admin/settings/general.custom_forgot_pass_url_help') }}

+ {!! $errors->first('custom_forgot_pass_url', ':message') !!} +
+
+ +