mirror of
https://github.com/snipe/snipe-it.git
synced 2025-01-13 15:01:02 -08:00
Use username instead of email address in password reset (#6382)
* Switch to use username instead of email * Fixed indenting * Updated password language * Updated blades to reflect username instead of email * Changed password/reset controllers to use username instead of email * Redirect to login page instead of repeating the password reset form
This commit is contained in:
parent
ce8d47b2b4
commit
ea91d59ffc
|
@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
|
||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
|
use App\Models\User;
|
||||||
|
|
||||||
class ForgotPasswordController extends Controller
|
class ForgotPasswordController extends Controller
|
||||||
{
|
{
|
||||||
|
@ -49,27 +50,28 @@ class ForgotPasswordController extends Controller
|
||||||
*/
|
*/
|
||||||
public function sendResetLinkEmail(Request $request)
|
public function sendResetLinkEmail(Request $request)
|
||||||
{
|
{
|
||||||
$this->validate($request, ['email' => 'required|email']);
|
$this->validate($request, ['username' => 'required'], ['username.required' => 'Please enter your username.']);
|
||||||
|
|
||||||
// We will send the password reset link to this user. Once we have attempted
|
|
||||||
// to send the link, we will examine the response then see the message we
|
// Make sure the user is active, and their password is not controlled via LDAP
|
||||||
// need to show to the user. Finally, we'll send out a proper response.
|
|
||||||
$response = $this->broker()->sendResetLink(
|
$response = $this->broker()->sendResetLink(
|
||||||
array_merge(
|
array_merge(
|
||||||
$request->only('email'),
|
$request->only('username'),
|
||||||
['activated' => '1']
|
['activated' => '1'],
|
||||||
|
['ldap_import' => '0']
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
if ($response === \Password::RESET_LINK_SENT) {
|
if ($response === \Password::RESET_LINK_SENT) {
|
||||||
return redirect()->route('login')->with('status', trans($response));
|
\Log::info('Password reset attempt: User '.$request->input('username').' found, password reset sent');
|
||||||
|
} else {
|
||||||
|
\Log::info('Password reset attempt: User '.$request->input('username').' not found or user is inactive');
|
||||||
}
|
}
|
||||||
|
|
||||||
// If an error was returned by the password broker, we will get this message
|
|
||||||
// translated so we can notify a user of the problem. We'll redirect back
|
|
||||||
// to where the users came from so they can attempt this process again.
|
// Regardless of response, we do not want to disclose the status of a user account,
|
||||||
return back()->withErrors(
|
// so we give them a generic "If this exists, we're TOTALLY gonna email you" response
|
||||||
['email' => trans($response)]
|
return redirect()->route('login')->with('success',trans('passwords.sent'));
|
||||||
);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,6 @@ namespace App\Http\Controllers\Auth;
|
||||||
|
|
||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
use Illuminate\Foundation\Auth\ResetsPasswords;
|
use Illuminate\Foundation\Auth\ResetsPasswords;
|
||||||
use App\Models\User;
|
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
|
|
||||||
|
|
||||||
|
@ -40,17 +39,36 @@ class ResetPasswordController extends Controller
|
||||||
$this->middleware('guest');
|
$this->middleware('guest');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function rules()
|
||||||
public function showSnipeResetForm(Request $request, $token = null)
|
|
||||||
{
|
{
|
||||||
// Check that the user is active
|
return [
|
||||||
if ($user = User::where('email', '=',$request->input('email'))->where('activated','=','1')->count() > 0) {
|
'token' => 'required',
|
||||||
return view('auth.passwords.reset')->with(
|
'username' => 'required',
|
||||||
['token' => $token, 'email' => $request->email]
|
'password' => 'required|confirmed|min:6',
|
||||||
);
|
];
|
||||||
|
|
||||||
}
|
}
|
||||||
return redirect()->route('password.request')->withErrors(['email' => 'No matching users']);
|
|
||||||
|
|
||||||
|
protected function credentials(Request $request)
|
||||||
|
{
|
||||||
|
return $request->only(
|
||||||
|
'username', 'password', 'password_confirmation', 'token'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function showResetForm(Request $request, $token = null)
|
||||||
|
{
|
||||||
|
return view('auth.passwords.reset')->with(
|
||||||
|
['token' => $token, 'username' => $request->input('username')]
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function sendResetFailedResponse(Request $request, $response)
|
||||||
|
{
|
||||||
|
return redirect()->back()
|
||||||
|
->withInput(['username'=>$request->input('username')])
|
||||||
|
->withErrors(['username' => trans($response)]);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,9 +29,5 @@ return array(
|
||||||
'success' => 'Your password has been successfully reset.',
|
'success' => 'Your password has been successfully reset.',
|
||||||
),
|
),
|
||||||
|
|
||||||
'activate' => array(
|
|
||||||
'error' => 'There was a problem while trying to activate your account, please try again.',
|
|
||||||
'success' => 'Your account has been successfully activated.',
|
|
||||||
),
|
|
||||||
|
|
||||||
);
|
);
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
return [
|
return [
|
||||||
'sent' => 'Your password link has been sent!',
|
'sent' => 'If a matching username and email address is found, a password reset link will be sent!',
|
||||||
'user' => 'No matching active user found with that email.',
|
'user' => 'No matching active user found.',
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -31,11 +31,11 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
|
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}">
|
||||||
|
|
||||||
<div class="col-md-12">
|
<div class="col-md-12">
|
||||||
<input type="email" class="form-control" name="email" value="{{ old('email') }}" placeholder="{{ trans('admin/users/table.email') }}">
|
<input type="text" class="form-control" name="username" value="{{ old('username') }}" placeholder="{{ trans('admin/users/table.username') }}">
|
||||||
{!! $errors->first('email', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
{!! $errors->first('username', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
@ -31,12 +31,12 @@
|
||||||
|
|
||||||
<input type="hidden" name="token" value="{{ $token }}">
|
<input type="hidden" name="token" value="{{ $token }}">
|
||||||
|
|
||||||
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
|
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}">
|
||||||
<label class="col-md-4 control-label">{{ trans('admin/users/table.email') }}</label>
|
<label class="col-md-4 control-label">{{ trans('admin/users/table.username') }}</label>
|
||||||
|
|
||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
<input type="email" class="form-control" name="email" value="{{ $email or old('email') }}">
|
<input type="text" class="form-control" name="username" value="{{ $username or old('username') }}">
|
||||||
{!! $errors->first('email', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
{!! $errors->first('username', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in a new issue