mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 17:39:06 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added an setting to disable password reset mechanism.

Browse source 
By default the pw reset is disabled, when no email server is configured.
This commit is contained in:
Jan Böhmer 2019-12-01 12:48:59 +01:00
parent 4f70d8b1da
commit 12b3107188
6 changed files with 105 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

24
src/Controller/SecurityController.php
View file

@ -30,8 +30,10 @@ use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Mailer\MailerInterface;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\NotBlank;
@ -40,10 +42,12 @@ use Symfony\Contracts\Translation\TranslatorInterface;
class SecurityController extends AbstractController
{
protected $translator;
protected $allow_email_pw_reset;
public function __construct(TranslatorInterface $translator)
public function __construct(TranslatorInterface $translator, bool $allow_email_pw_reset)
{
$this->translator = $translator;
$this->allow_email_pw_reset = $allow_email_pw_reset;
}
/**
@ -68,6 +72,14 @@ class SecurityController extends AbstractController
*/
public function requestPwReset(PasswordResetManager $passwordReset, Request $request)
{
if (!$this->allow_email_pw_reset) {
throw new AccessDeniedHttpException("The password reset via email is disabled!");
}
if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
throw new AccessDeniedHttpException("You are already logged in, so you can not reset your password!");
}
$builder = $this->createFormBuilder();
$builder->add('user', TextType::class, [
'label' => $this->translator->trans('pw_reset.user_or_password'),
@ -88,7 +100,7 @@ class SecurityController extends AbstractController
if ($form->isSubmitted() && $form->isValid()) {
$passwordReset->request($form->getData()['user']);
$this->addFlash('success', $this->translator->trans('pw_reset.request.success'));
//return $this->redirectToRoute('login');
return $this->redirectToRoute('login');
}
return $this->render('security/pw_reset_request.html.twig', [
@ -101,6 +113,14 @@ class SecurityController extends AbstractController
*/
public function pwResetNewPw(PasswordResetManager $passwordReset, Request $request, string $user = null, string $token = null)
{
if (!$this->allow_email_pw_reset) {
throw new AccessDeniedHttpException("The password reset via email is disabled!");
}
if ($this->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
throw new AccessDeniedHttpException("You are already logged in, so you can not reset your password!");
}
$data = ['username' => $user, 'token' => $token];
$builder = $this->createFormBuilder($data);
$builder->add('username', TextType::class, [