mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-08 20:22:42 +01:00
Fix client password reset
This commit is contained in:
parent
4fcf275255
commit
b838dad1e8
@ -4,7 +4,9 @@ namespace App\Http\Controllers\ClientAuth;
|
||||
|
||||
use Password;
|
||||
use Config;
|
||||
use Utils;
|
||||
use App\Models\Contact;
|
||||
use App\Models\Account;
|
||||
use Illuminate\Http\Request;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
|
||||
@ -45,10 +47,6 @@ class ForgotPasswordController extends Controller
|
||||
'clientauth' => true,
|
||||
];
|
||||
|
||||
if (! session('contact_key')) {
|
||||
return \Redirect::to('/client/session_expired');
|
||||
}
|
||||
|
||||
return view('clientauth.passwords.email')->with($data);
|
||||
}
|
||||
|
||||
@ -61,15 +59,33 @@ class ForgotPasswordController extends Controller
|
||||
*/
|
||||
public function sendResetLinkEmail(Request $request)
|
||||
{
|
||||
$contactId = null;
|
||||
$contactKey = session('contact_key');
|
||||
if ($contactKey) {
|
||||
$contact = Contact::where('contact_key', '=', $contactKey)->first();
|
||||
if ($contact && ! $contact->is_deleted && $contact->email) {
|
||||
$contactId = $contact->id;
|
||||
// resolve the email to a contact/account
|
||||
$account = false;
|
||||
if (! Utils::isNinja() && Account::count() == 1) {
|
||||
$account = Account::first();
|
||||
} elseif ($accountKey = request()->account_key) {
|
||||
$account = Account::whereAccountKey($accountKey)->first();
|
||||
} else {
|
||||
$subdomain = Utils::getSubdomain(\Request::server('HTTP_HOST'));
|
||||
if ($subdomain && $subdomain != 'app') {
|
||||
$account = Account::whereSubdomain($subdomain)->first();
|
||||
}
|
||||
}
|
||||
|
||||
if (! $account || ! request()->email) {
|
||||
return $this->sendResetLinkFailedResponse($request, Password::INVALID_USER);
|
||||
}
|
||||
|
||||
$contact = Contact::where('email', '=', request()->email)
|
||||
->where('account_id', '=', $account->id)
|
||||
->first();
|
||||
|
||||
if ($contact) {
|
||||
$contactId = $contact->id;
|
||||
} else {
|
||||
return $this->sendResetLinkFailedResponse($request, Password::INVALID_USER);
|
||||
}
|
||||
|
||||
$response = $this->broker()->sendResetLink(['id' => $contactId], function (Message $message) {
|
||||
$message->subject($this->getEmailSubject());
|
||||
});
|
||||
|
@ -98,7 +98,7 @@ class LoginController extends Controller
|
||||
$account = Account::whereAccountKey($accountKey)->first();
|
||||
} else {
|
||||
$subdomain = Utils::getSubdomain(\Request::server('HTTP_HOST'));
|
||||
if ($subdomain != 'app') {
|
||||
if ($subdomain && $subdomain != 'app') {
|
||||
$account = Account::whereSubdomain($subdomain)->first();
|
||||
}
|
||||
}
|
||||
|
@ -50,7 +50,7 @@
|
||||
|
||||
<div class="row meta">
|
||||
<div class="col-md-12 col-sm-12" style="text-align:center;padding-top:8px;">
|
||||
{!! link_to('/client/recover_password', trans('texts.recover_password')) !!}
|
||||
{!! link_to('/client/recover_password' . (request()->account_key ? '?account_key=' . request()->account_key : ''), trans('texts.recover_password')) !!}
|
||||
</div>
|
||||
</div>
|
||||
{!! Former::close() !!}
|
||||
|
@ -3,7 +3,9 @@
|
||||
@section('form')
|
||||
@include('partials.warn_session', ['redirectTo' => '/client/session_expired'])
|
||||
<div class="container">
|
||||
{!! Former::open('client/recover_password')->addClass('form-signin') !!}
|
||||
{!! Former::open()
|
||||
->rules(['email' => 'required|email'])
|
||||
->addClass('form-signin') !!}
|
||||
|
||||
<h2 class="form-signin-heading">{{ trans('texts.password_recovery') }}</h2>
|
||||
<hr class="green">
|
||||
@ -35,6 +37,9 @@
|
||||
<div class="alert alert-danger">{{ Session::get('error') }}</div>
|
||||
@endif
|
||||
|
||||
<div>
|
||||
{!! Former::text('email')->placeholder(trans('texts.email_address'))->raw() !!}
|
||||
</div>
|
||||
{!! Button::success(trans('texts.send_email'))
|
||||
->withAttributes(['class' => 'green'])
|
||||
->large()->submit()->block() !!}
|
||||
|
Loading…
Reference in New Issue
Block a user