93 lines
2.7 KiB
PHP
93 lines
2.7 KiB
PHP
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
||
|
|
||
|
/**
|
||
|
* This class provides login capability
|
||
|
*
|
||
|
* @package OSB
|
||
|
* @category Controllers
|
||
|
* @author Deon George
|
||
|
* @copyright (c) 2009-2013 Open Source Billing
|
||
|
* @license http://dev.osbill.net/license.html
|
||
|
* @also [logout]
|
||
|
*/
|
||
|
class Controller_Login extends lnApp_Controller_Login {
|
||
|
/**
|
||
|
* Enable site registration
|
||
|
*
|
||
|
* @todo Needs to be written
|
||
|
*/
|
||
|
public function action_register() {
|
||
|
// If user already signed-in
|
||
|
if (Auth::instance()->logged_in())
|
||
|
HTTP::redirect('welcome/index');
|
||
|
|
||
|
HTTP::redirect('login');
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Enable user password reset
|
||
|
*/
|
||
|
public function action_reset() {
|
||
|
// Minutes to keep our token
|
||
|
$token_expire = 15;
|
||
|
|
||
|
// If user already signed-in
|
||
|
if (Auth::instance()->logged_in())
|
||
|
HTTP::redirect('welcome/index');
|
||
|
|
||
|
// If the user posted their details to reset their password
|
||
|
if ($_POST) {
|
||
|
// If the username is correct, create a method token
|
||
|
if (! empty($_POST['username']) AND ($ao=ORM::factory('Account',array('username'=>$_POST['username']))) AND $ao->loaded()) {
|
||
|
$mmto = ORM::factory('Module_Method_Token')
|
||
|
->method(array('account','user_resetpassword'))
|
||
|
->account($ao)
|
||
|
->uses(2)
|
||
|
->expire(time()+$token_expire*60);
|
||
|
|
||
|
if ($mmto->generate()) {
|
||
|
// Send our email with the token
|
||
|
// @todo Need to provide an option if Email_Template is not installed/activited.
|
||
|
// @todo Need to provide an option if account_reset_password template doesnt exist.
|
||
|
$et = Email_Template::instance('account_reset_password');
|
||
|
$et->to = array('account'=>array($mmto->account_id));
|
||
|
$et->variables = array(
|
||
|
'SITE'=>URL::base(TRUE,TRUE),
|
||
|
'SITE_ADMIN'=>Company::instance()->admin(),
|
||
|
'SITE_NAME'=>Company::instance()->name(),
|
||
|
'TOKEN'=>$mmto->token,
|
||
|
'TOKEN_EXPIRE_MIN'=>$token_expire,
|
||
|
'USER_NAME'=>sprintf('%s %s',$mmto->account->first_name,$mmto->account->last_name),
|
||
|
);
|
||
|
$et->send();
|
||
|
|
||
|
// Log the password reset
|
||
|
$ao->log('Password reset token sent');
|
||
|
}
|
||
|
|
||
|
// Redirect to our password reset, the Auth will validate the token.
|
||
|
} elseif (! empty($_REQUEST['token'])) {
|
||
|
HTTP::redirect(URL::link('user','account/resetpassword?token='.$_REQUEST['token']));
|
||
|
}
|
||
|
|
||
|
// Show our token screen even if the email was invalid.
|
||
|
if (isset($_POST['username']))
|
||
|
Block::add(array(
|
||
|
'title'=>_('Reset your password'),
|
||
|
'body'=>View::factory('login_reset_sent'),
|
||
|
'style'=>array('css/login.css'=>'screen'),
|
||
|
));
|
||
|
else
|
||
|
HTTP::redirect('login');
|
||
|
|
||
|
} else {
|
||
|
Block::add(array(
|
||
|
'title'=>_('Reset your password'),
|
||
|
'body'=>View::factory('login_reset'),
|
||
|
'style'=>array('css/login.css'=>'screen'),
|
||
|
));
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
?>
|