This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
khosb/application/classes/Controller/Login.php
2013-05-15 13:58:50 +10:00

94 lines
2.7 KiB
PHP

<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides login capability
*
* @package OSB
* @category Controllers
* @author Deon George
* @copyright (c) 2009-2013 Open Source Billing
* @license http://dev.osbill.net/license.html
* @also [logout]
*/
class Controller_Login extends lnApp_Controller_Login {
/**
* Enable site registration
*
* @todo Needs to be written
*/
public function action_register() {
// If user already signed-in
if (Auth::instance()->logged_in())
HTTP::redirect('welcome/index');
HTTP::redirect('login');
}
/**
* Enable user password reset
*/
public function action_reset() {
// Minutes to keep our token
$token_expire = 15;
// If user already signed-in
if (Auth::instance()->logged_in())
HTTP::redirect('welcome/index');
// If the user posted their details to reset their password
if ($_POST) {
// If the username is correct, create a method token
if (! empty($_POST['username']) AND ($ao=ORM::factory('Account',array('username'=>$_POST['username']))) AND $ao->loaded()) {
$mmto = ORM::factory('Module_Method_Token')
->method(array('account','user_resetpassword'))
->account($ao)
->uses(2)
->expire(time()+$token_expire*60);
if ($mmto->generate()) {
// Send our email with the token
// @todo Need to provide an option if Email_Template is not installed/activited.
// @todo Need to provide an option if account_reset_password template doesnt exist.
$et = Email_Template::instance('account_reset_password');
$et->to = array('account'=>array($mmto->account_id));
$et->variables = array(
'SITE'=>URL::base(TRUE,TRUE),
'SITE_ADMIN'=>Company::instance()->admin(),
'SITE_NAME'=>Company::instance()->name(),
'TOKEN'=>$mmto->token,
'TOKEN_EXPIRE_MIN'=>$token_expire,
'USER_NAME'=>sprintf('%s %s',$mmto->account->first_name,$mmto->account->last_name),
);
$et->send();
// Log the password reset
$ao->log('Password reset token sent');
}
// Redirect to our password reset, the Auth will validate the token.
} elseif (! empty($_REQUEST['token'])) {
HTTP::redirect(URL::link('user','account/resetpassword?token='.$_REQUEST['token']));
}
// Show our token screen even if the email was invalid.
if (isset($_POST['username']))
Block::factory()
->body(View::factory('pages/login_reset_sent'));
else
HTTP::redirect('login');
} else {
Block::factory()
->body(View::factory('pages/login_reset'));
}
Style::factory()
->type('file')
->data('media/theme/baseadmin/css/pages/login.css');
$this->template->shownavbar = FALSE;
}
}
?>