mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-25 05:34:06 -08:00
Use username instead of email address in password reset (#6382)
* Switch to use username instead of email * Fixed indenting * Updated password language * Updated blades to reflect username instead of email * Changed password/reset controllers to use username instead of email * Redirect to login page instead of repeating the password reset form
This commit is contained in:
parent
ce8d47b2b4
commit
ea91d59ffc
|
@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
|
|||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
||||
use Illuminate\Http\Request;
|
||||
use App\Models\User;
|
||||
|
||||
class ForgotPasswordController extends Controller
|
||||
{
|
||||
|
@ -49,27 +50,28 @@ class ForgotPasswordController extends Controller
|
|||
*/
|
||||
public function sendResetLinkEmail(Request $request)
|
||||
{
|
||||
$this->validate($request, ['email' => 'required|email']);
|
||||
$this->validate($request, ['username' => 'required'], ['username.required' => 'Please enter your username.']);
|
||||
|
||||
// We will send the password reset link to this user. Once we have attempted
|
||||
// to send the link, we will examine the response then see the message we
|
||||
// need to show to the user. Finally, we'll send out a proper response.
|
||||
|
||||
// Make sure the user is active, and their password is not controlled via LDAP
|
||||
$response = $this->broker()->sendResetLink(
|
||||
array_merge(
|
||||
$request->only('email'),
|
||||
['activated' => '1']
|
||||
$request->only('username'),
|
||||
['activated' => '1'],
|
||||
['ldap_import' => '0']
|
||||
)
|
||||
);
|
||||
|
||||
if ($response === \Password::RESET_LINK_SENT) {
|
||||
return redirect()->route('login')->with('status', trans($response));
|
||||
\Log::info('Password reset attempt: User '.$request->input('username').' found, password reset sent');
|
||||
} else {
|
||||
\Log::info('Password reset attempt: User '.$request->input('username').' not found or user is inactive');
|
||||
}
|
||||
|
||||
// If an error was returned by the password broker, we will get this message
|
||||
// translated so we can notify a user of the problem. We'll redirect back
|
||||
// to where the users came from so they can attempt this process again.
|
||||
return back()->withErrors(
|
||||
['email' => trans($response)]
|
||||
);
|
||||
|
||||
|
||||
// Regardless of response, we do not want to disclose the status of a user account,
|
||||
// so we give them a generic "If this exists, we're TOTALLY gonna email you" response
|
||||
return redirect()->route('login')->with('success',trans('passwords.sent'));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,7 +4,6 @@ namespace App\Http\Controllers\Auth;
|
|||
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\ResetsPasswords;
|
||||
use App\Models\User;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
|
||||
|
@ -40,17 +39,36 @@ class ResetPasswordController extends Controller
|
|||
$this->middleware('guest');
|
||||
}
|
||||
|
||||
|
||||
public function showSnipeResetForm(Request $request, $token = null)
|
||||
protected function rules()
|
||||
{
|
||||
// Check that the user is active
|
||||
if ($user = User::where('email', '=',$request->input('email'))->where('activated','=','1')->count() > 0) {
|
||||
return view('auth.passwords.reset')->with(
|
||||
['token' => $token, 'email' => $request->email]
|
||||
return [
|
||||
'token' => 'required',
|
||||
'username' => 'required',
|
||||
'password' => 'required|confirmed|min:6',
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
protected function credentials(Request $request)
|
||||
{
|
||||
return $request->only(
|
||||
'username', 'password', 'password_confirmation', 'token'
|
||||
);
|
||||
|
||||
}
|
||||
return redirect()->route('password.request')->withErrors(['email' => 'No matching users']);
|
||||
|
||||
|
||||
public function showResetForm(Request $request, $token = null)
|
||||
{
|
||||
return view('auth.passwords.reset')->with(
|
||||
['token' => $token, 'username' => $request->input('username')]
|
||||
);
|
||||
}
|
||||
|
||||
protected function sendResetFailedResponse(Request $request, $response)
|
||||
{
|
||||
return redirect()->back()
|
||||
->withInput(['username'=>$request->input('username')])
|
||||
->withErrors(['username' => trans($response)]);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -29,9 +29,5 @@ return array(
|
|||
'success' => 'Your password has been successfully reset.',
|
||||
),
|
||||
|
||||
'activate' => array(
|
||||
'error' => 'There was a problem while trying to activate your account, please try again.',
|
||||
'success' => 'Your account has been successfully activated.',
|
||||
),
|
||||
|
||||
);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
'sent' => 'Your password link has been sent!',
|
||||
'user' => 'No matching active user found with that email.',
|
||||
'sent' => 'If a matching username and email address is found, a password reset link will be sent!',
|
||||
'user' => 'No matching active user found.',
|
||||
];
|
||||
|
||||
|
|
|
@ -31,11 +31,11 @@
|
|||
|
||||
|
||||
|
||||
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
|
||||
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}">
|
||||
|
||||
<div class="col-md-12">
|
||||
<input type="email" class="form-control" name="email" value="{{ old('email') }}" placeholder="{{ trans('admin/users/table.email') }}">
|
||||
{!! $errors->first('email', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||
<input type="text" class="form-control" name="username" value="{{ old('username') }}" placeholder="{{ trans('admin/users/table.username') }}">
|
||||
{!! $errors->first('username', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -31,12 +31,12 @@
|
|||
|
||||
<input type="hidden" name="token" value="{{ $token }}">
|
||||
|
||||
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
|
||||
<label class="col-md-4 control-label">{{ trans('admin/users/table.email') }}</label>
|
||||
<div class="form-group{{ $errors->has('username') ? ' has-error' : '' }}">
|
||||
<label class="col-md-4 control-label">{{ trans('admin/users/table.username') }}</label>
|
||||
|
||||
<div class="col-md-6">
|
||||
<input type="email" class="form-control" name="email" value="{{ $email or old('email') }}">
|
||||
{!! $errors->first('email', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||
<input type="text" class="form-control" name="username" value="{{ $username or old('username') }}">
|
||||
{!! $errors->first('username', '<span class="alert-msg"><i class="fa fa-times"></i> :message</span>') !!}
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in a new issue