Moved the recovery functionality into its own controller and files

This commit is contained in:
Alex Tselegidis 2021-12-10 08:41:16 +01:00
parent 5c3336f214
commit 6ab32781ad
4 changed files with 127 additions and 114 deletions

View file

@ -0,0 +1,91 @@
<?php defined('BASEPATH') or exit('No direct script access allowed');
/* ----------------------------------------------------------------------------
* Easy!Appointments - Open Source Web Scheduler
*
* @package EasyAppointments
* @author A.Tselegidis <alextselegidis@gmail.com>
* @copyright Copyright (c) 2013 - 2020, Alex Tselegidis
* @license https://opensource.org/licenses/GPL-3.0 - GPLv3
* @link https://easyappointments.org
* @since v1.0.0
* ---------------------------------------------------------------------------- */
/**
* Recovery controller.
*
* Handles the recovery page functionality.
*
* @package Controllers
*/
class Recovery extends EA_Controller {
/**
* User constructor.
*/
public function __construct()
{
parent::__construct();
$this->load->library('accounts');
$this->load->library('email_messages');
}
/**
* Display the password recovery page.
*/
public function index()
{
$this->load->view('pages/recovery', [
'base_url' => config('base_url'),
'dest_url' => session('dest_url', site_url('backend')),
'company_name' => setting('company_name')
]);
}
/**
* Recover the user password and notify the user via email.
*/
public function perform()
{
try
{
$username = request('username');
if (empty($username))
{
throw new InvalidArgumentException('No username value provided.');
}
$email = request('email');
if (empty($email))
{
throw new InvalidArgumentException('No email value provided.');
}
$new_password = $this->accounts->regenerate_password(
$username,
$email
);
if ($new_password)
{
$settings = [
'company_name' => setting('company_name'),
'company_link' => setting('company_link'),
'company_email' => setting('company_email')
];
$this->email_messages->send_password($new_password, $email, $settings);
}
json_response([
'success' => TRUE
]);
}
catch (Throwable $e)
{
json_exception($e);
}
}
}

View file

@ -60,110 +60,11 @@ class User extends EA_Controller {
/** /**
* Display the password recovery page. * Display the password recovery page.
*
* @deprecated Since 1.5 Use the Logout controller instead.
*/ */
public function forgot_password() public function forgot_password()
{ {
$this->load->view('pages/account_recovery_page', [ redirect('recovery');
'base_url' => config('base_url'),
'company_name' => setting('company_name')
]);
}
/**
* Display the no-permissions page.
*/
public function no_permissions()
{
$this->load->view('pages/account_no_permissions_page', [
'base_url' => config('base_url'),
'company_name' => setting('company_name')
]);
}
/**
* Validate the login credentials and if successful, log the user in.
*/
public function ajax_check_login()
{
try
{
$username = request('username');
if (empty($username))
{
throw new InvalidArgumentException('No username value provided.');
}
$password = request('password');
if (empty($password))
{
throw new InvalidArgumentException('No password value provided.');
}
$user_data = $this->accounts->check_login($username, $password);
if (empty($user_data))
{
throw new InvalidArgumentException('Invalid credentials provided, please try again.');
}
session($user_data); // Save data in the session.
json_response([
'success' => TRUE,
]);
}
catch (Throwable $e)
{
json_exception($e);
}
}
/**
* Recover the user password and notify the user via email.
*/
public function ajax_forgot_password()
{
try
{
$username = request('username');
if (empty($username))
{
throw new InvalidArgumentException('No username value provided.');
}
$email = request('email');
if (empty($email))
{
throw new InvalidArgumentException('No email value provided.');
}
$new_password = $this->accounts->regenerate_password(
$username,
$email
);
if ($new_password)
{
$settings = [
'company_name' => setting('company_name'),
'company_link' => setting('company_link'),
'company_email' => setting('company_email')
];
$this->email_messages->send_password($new_password, $email, $settings);
}
json_response([
'success' => TRUE
]);
}
catch (Throwable $e)
{
json_exception($e);
}
} }
} }

View file

@ -33,3 +33,12 @@
</form> </form>
<?php section('content') ?> <?php section('content') ?>
<?php section('scripts') ?>
<script src="<?= asset_url('assets/vendor/@fortawesome-fontawesome-free/fontawesome.min.js') ?>"></script>
<script src="<?= asset_url('assets/vendor/@fortawesome-fontawesome-free/solid.min.js') ?>"></script>
<script src="<?= asset_url('assets/js/utils/general_functions.js') ?>"></script>
<script src="<?= asset_url('assets/js/pages/recovery.js') ?>"></script>
<?php section('scripts') ?>

View file

@ -1,7 +1,16 @@
$(function () { /* ----------------------------------------------------------------------------
'use strict'; * Easy!Appointments - Open Source Web Scheduler
*
* @package EasyAppointments
* @author A.Tselegidis <alextselegidis@gmail.com>
* @copyright Copyright (c) 2013 - 2020, Alex Tselegidis
* @license http://opensource.org/licenses/GPL-3.0 - GPLv3
* @link http://easyappointments.org
* @since v1.5.0
* ---------------------------------------------------------------------------- */
var $form = $('form'); (function () {
const $form = $('form');
/** /**
* Event: Login Button "Click" * Event: Login Button "Click"
@ -12,23 +21,26 @@ $(function () {
function onFormSubmit(event) { function onFormSubmit(event) {
event.preventDefault(); event.preventDefault();
var url = GlobalVariables.baseUrl + '/index.php/user/ajax_forgot_password'; const url = GlobalVariables.baseUrl + '/index.php/recovery/perform';
var data = { const data = {
'csrfToken': GlobalVariables.csrfToken, csrfToken: GlobalVariables.csrfToken,
'username': $('#username').val(), username: $('#username').val(),
'email': $('#email').val() email: $('#email').val()
}; };
var $alert = $('.alert'); const $alert = $('.alert');
$alert.addClass('d-none'); $alert.addClass('d-none');
$('#get-new-password').prop('disabled', true); $('#get-new-password').prop('disabled', true);
$.post(url, data).done(function (response) { $.post(url, data).done((response) => {
$alert.removeClass('d-none alert-danger alert-success'); $alert.removeClass('d-none alert-danger alert-success');
$('#get-new-password').prop('disabled', false); $('#get-new-password').prop('disabled', false);
if (response === GlobalVariables.AJAX_SUCCESS) {
if (response.success) {
$alert.addClass('alert-success'); $alert.addClass('alert-success');
$alert.text(EALang['new_password_sent_with_email']); $alert.text(EALang['new_password_sent_with_email']);
} else { } else {
@ -42,4 +54,4 @@ $(function () {
} }
$form.on('submit', onFormSubmit); $form.on('submit', onFormSubmit);
}); })();