mirror of
https://github.com/pterodactyl/panel.git
synced 2024-11-22 09:02:28 +01:00
Fixes account creation and password reset abilities.
This commit is contained in:
parent
3dc286b511
commit
1c37a8fe1a
@ -25,6 +25,8 @@
|
||||
namespace Pterodactyl\Observers;
|
||||
|
||||
use DB;
|
||||
use Hash;
|
||||
use Carbon;
|
||||
use Pterodactyl\Events;
|
||||
use Pterodactyl\Models\User;
|
||||
use Pterodactyl\Notifications\AccountCreated;
|
||||
@ -52,12 +54,20 @@ class UserObserver
|
||||
{
|
||||
event(new Events\User\Created($user));
|
||||
|
||||
$token = DB::table('password_resets')->where('email', $user->email)->orderBy('created_at', 'desc')->first();
|
||||
$user->notify((new AccountCreated([
|
||||
if ($user->password === 'unset') {
|
||||
$token = hash_hmac('sha256', str_random(40), config('app.key'));
|
||||
DB::table('password_resets')->insert([
|
||||
'email' => $user->email,
|
||||
'token' => Hash::make($token),
|
||||
'created_at' => Carbon::now()->toDateTimeString(),
|
||||
]);
|
||||
}
|
||||
|
||||
$user->notify(new AccountCreated([
|
||||
'name' => $user->name_first,
|
||||
'username' => $user->username,
|
||||
'token' => (! is_null($token)) ? $token->token : null,
|
||||
])));
|
||||
'token' => (isset($token)) ? $token : null,
|
||||
]));
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -83,23 +83,12 @@ class UserRepository
|
||||
'username' => $data['username'],
|
||||
'name_first' => $data['name_first'],
|
||||
'name_last' => $data['name_last'],
|
||||
'password' => Hash::make((empty($data['password'])) ? str_random(30) : $data['password']),
|
||||
'password' => (empty($data['password'])) ? 'unset' : Hash::make($data['password']),
|
||||
'root_admin' => $data['root_admin'],
|
||||
'language' => Settings::get('default_language', 'en'),
|
||||
]);
|
||||
$user->save();
|
||||
|
||||
// Setup a Password Reset to use when they set a password.
|
||||
// Only used if no password is provided.
|
||||
if (empty($data['password'])) {
|
||||
$token = str_random(32);
|
||||
DB::table('password_resets')->insert([
|
||||
'email' => $user->email,
|
||||
'token' => $token,
|
||||
'created_at' => Carbon::now()->toDateTimeString(),
|
||||
]);
|
||||
}
|
||||
|
||||
DB::commit();
|
||||
|
||||
return $user;
|
||||
|
@ -93,7 +93,6 @@ return [
|
||||
'passwords' => [
|
||||
'users' => [
|
||||
'provider' => 'users',
|
||||
'email' => 'emails.password',
|
||||
'table' => 'password_resets',
|
||||
'expire' => 60,
|
||||
],
|
||||
|
@ -76,7 +76,7 @@
|
||||
<div class="col-xs-12">
|
||||
{!! csrf_field() !!}
|
||||
<input type="hidden" name="token" value="{{ $token }}">
|
||||
<button type="submit" class="btn btn-primary btn-block btn-flat">@lang('auth.reset_password')</button>
|
||||
<button type="submit" class="btn btn-primary btn-block btn-flat g-recaptcha" @if(config('recaptcha.enabled')) data-sitekey="{{ config('recaptcha.website_key') }}" data-callback='onSubmit' @endif>@lang('auth.reset_password')</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
|
Loading…
Reference in New Issue
Block a user