From 47fa9993be9ad1d92b690c4ff2e65fba19ded31b Mon Sep 17 00:00:00 2001
From: Deon George <deon@leenooks.net>
Date: Sat, 12 Jan 2013 11:20:46 +1100
Subject: [PATCH] Fix for token password reset

---
 application/classes/Auth/OSB.php                       |  5 ++---
 application/classes/Model/Module/Method/Token.php      | 10 +++++++---
 .../modules/khemail/classes/{email.php => Email.php}   |  0
 modules/lnApp/classes/lnApp/Controller/Login.php       |  4 ++++
 4 files changed, 13 insertions(+), 6 deletions(-)
 rename includes/kohana/modules/khemail/classes/{email.php => Email.php} (100%)

diff --git a/application/classes/Auth/OSB.php b/application/classes/Auth/OSB.php
index c957a19f..eddee3bf 100644
--- a/application/classes/Auth/OSB.php
+++ b/application/classes/Auth/OSB.php
@@ -129,10 +129,9 @@ class Auth_OSB extends Auth_ORM {
 	public function get_user($tokenuser=TRUE) {
 		$user = parent::get_user();
 
-		// If we are not logged in, see if there is token for the usre
-		if ($tokenuser AND $user === FALSE AND $token=Session::instance()->get('token')) {
+		// If we are not logged in, see if there is token for the user
+		if ($tokenuser AND $user === NULL AND $token=Session::instance()->get('token'))
 			$user = $this->_get_token_user($token);
-		}
 
 		return $user;
 	}
diff --git a/application/classes/Model/Module/Method/Token.php b/application/classes/Model/Module/Method/Token.php
index 347ce546..749feaa9 100644
--- a/application/classes/Model/Module/Method/Token.php
+++ b/application/classes/Model/Module/Method/Token.php
@@ -94,9 +94,13 @@ class Model_Module_Method_Token extends ORM_OSB {
 			->find();
 
 		if ($mmto->loaded()) {
-			if ((is_null($mmto->date_expire) OR $mmto->date_expire > time()) AND (is_null($mmto->uses) OR $mmto->uses > 0))
-				return $mmto->token;
-			else
+			// Check that the token is still good
+			if ((is_null($mmto->date_expire) OR $mmto->date_expire > time()) AND (is_null($mmto->uses) OR $mmto->uses > 0)) {
+				$this->token = $mmto->token;
+				return $this->token;
+
+			// Token expired
+			} else
 				$mmto->delete();
 		}
 
diff --git a/includes/kohana/modules/khemail/classes/email.php b/includes/kohana/modules/khemail/classes/Email.php
similarity index 100%
rename from includes/kohana/modules/khemail/classes/email.php
rename to includes/kohana/modules/khemail/classes/Email.php
diff --git a/modules/lnApp/classes/lnApp/Controller/Login.php b/modules/lnApp/classes/lnApp/Controller/Login.php
index 377d9ad0..18260141 100644
--- a/modules/lnApp/classes/lnApp/Controller/Login.php
+++ b/modules/lnApp/classes/lnApp/Controller/Login.php
@@ -38,6 +38,10 @@ class lnApp_Controller_Login extends Controller_TemplateDefault {
 					HTTP::redirect('user/welcome/index');
 
 			} else {
+				// We are not successful logging in, so delete our session data
+				Session::instance()->delete(Kohana::$config->load('auth')->session_key);
+				Session::instance()->delete('password');
+
 				SystemMessage::add(array(
 					'title'=>_('Invalid username or password'),
 					'type'=>'error',