Fix for token password reset

This commit is contained in:
Deon George 2013-01-12 11:20:46 +11:00
parent 788dbe5ef9
commit 47fa9993be
4 changed files with 13 additions and 6 deletions

View File

@ -129,10 +129,9 @@ class Auth_OSB extends Auth_ORM {
public function get_user($tokenuser=TRUE) {
$user = parent::get_user();
// If we are not logged in, see if there is token for the usre
if ($tokenuser AND $user === FALSE AND $token=Session::instance()->get('token')) {
// If we are not logged in, see if there is token for the user
if ($tokenuser AND $user === NULL AND $token=Session::instance()->get('token'))
$user = $this->_get_token_user($token);
}
return $user;
}

View File

@ -94,9 +94,13 @@ class Model_Module_Method_Token extends ORM_OSB {
->find();
if ($mmto->loaded()) {
if ((is_null($mmto->date_expire) OR $mmto->date_expire > time()) AND (is_null($mmto->uses) OR $mmto->uses > 0))
return $mmto->token;
else
// Check that the token is still good
if ((is_null($mmto->date_expire) OR $mmto->date_expire > time()) AND (is_null($mmto->uses) OR $mmto->uses > 0)) {
$this->token = $mmto->token;
return $this->token;
// Token expired
} else
$mmto->delete();
}

View File

@ -38,6 +38,10 @@ class lnApp_Controller_Login extends Controller_TemplateDefault {
HTTP::redirect('user/welcome/index');
} else {
// We are not successful logging in, so delete our session data
Session::instance()->delete(Kohana::$config->load('auth')->session_key);
Session::instance()->delete('password');
SystemMessage::add(array(
'title'=>_('Invalid username or password'),
'type'=>'error',