logged_in()) HTTP::redirect('welcome/index'); HTTP::redirect('login'); } /** * Enable user password reset */ public function action_reset() { // Minutes to keep our token $token_expire = 15; // If user already signed-in if (Auth::instance()->logged_in()) HTTP::redirect('welcome/index'); // If the user posted their details to reset their password if ($_POST) { // If the username is correct, create a method token if (! empty($_POST['username']) AND ($ao=ORM::factory('Account',array('username'=>$_POST['username']))) AND $ao->loaded()) { $mmto = ORM::factory('Module_Method_Token') ->method(array('account','user:resetpassword')) ->account($ao) ->uses(2) ->expire(time()+$token_expire*60); if ($mmto->generate()) { // Send our email with the token // @todo Need to provide an option if Email_Template is not installed/activited. // @todo Need to provide an option if account_reset_password template doesnt exist. $et = Email_Template::instance('account_reset_password'); $et->to = array('account'=>array($mmto->account_id)); $et->variables = array( 'SITE'=>URL::base(TRUE,TRUE), 'SITE_ADMIN'=>Company::instance()->admin(), 'SITE_NAME'=>Company::instance()->name(), 'TOKEN'=>$mmto->token, 'TOKEN_EXPIRE_MIN'=>$token_expire, 'USER_NAME'=>sprintf('%s %s',$mmto->account->first_name,$mmto->account->last_name), ); $et->send(); // Log the password reset $ao->log('Password reset token sent'); } // Redirect to our password reset, the Auth will validate the token. } elseif (! empty($_REQUEST['token'])) { HTTP::redirect(URL::link('user','account/resetpassword?token='.$_REQUEST['token'])); } // Show our token screen even if the email was invalid. if (isset($_POST['username'])) $output = View::factory('pages/login_reset_sent'); else HTTP::redirect('login'); } else { $output = View::factory('pages/login_reset'); } Style::factory() ->type('file') ->data('media/theme/baseadmin/css/pages/login.css'); $this->template->content = $output; $this->template->shownavbar = FALSE; } } ?>