forked from fa/breadcrumb-the-shire
instances added god may help
This commit is contained in:
@@ -1,15 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Service\Auth\PasswordResetService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$errors = [];
|
||||
$email = trim((string) ($_POST['email'] ?? ''));
|
||||
$passwordResetService = (new AuthServicesFactory())->createPasswordResetService();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
if (!Session::checkCsrfToken()) {
|
||||
@@ -17,7 +16,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
} elseif ($email === '' || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$errors[] = t('Please enter a valid email address');
|
||||
} else {
|
||||
PasswordResetService::requestReset($email);
|
||||
$passwordResetService->requestReset($email);
|
||||
$_SESSION['password_reset_email'] = $email;
|
||||
Flash::success(
|
||||
t('If the email exists, a verification code has been sent.'),
|
||||
|
||||
@@ -1,14 +1,11 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Service\Auth\AuthService;
|
||||
use MintyPHP\Service\Auth\RememberMeService;
|
||||
use MintyPHP\Service\Auth\TenantSsoService;
|
||||
use MintyPHP\Service\Security\RateLimiterService;
|
||||
use MintyPHP\Service\Tenant\TenantAvatarService;
|
||||
use MintyPHP\Service\User\UserService;
|
||||
use MintyPHP\Repository\User\UserRepository;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Security\SecurityServicesFactory;
|
||||
use MintyPHP\Service\Tenant\TenantServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
if (!empty($_SESSION['user']['id'])) {
|
||||
@@ -36,6 +33,7 @@ $setRateLimitWarning = static function (int $retryAfterSeconds) use ($setLoginWa
|
||||
header('Retry-After: ' . $retryAfterSeconds);
|
||||
$setLoginWarning(t('Too many login attempts. Please wait and try again.'));
|
||||
};
|
||||
$rateLimiterService = (new SecurityServicesFactory())->createRateLimiterService();
|
||||
|
||||
$loginResolveScope = 'login.resolve.ip';
|
||||
$loginResolveLimit = 25;
|
||||
@@ -46,14 +44,22 @@ $loginPasswordScope = 'login.password.email_ip';
|
||||
$loginPasswordLimit = 5;
|
||||
$loginPasswordWindow = 900;
|
||||
$loginPasswordBlock = 900;
|
||||
$authServicesFactory = new AuthServicesFactory();
|
||||
$authService = $authServicesFactory->createAuthService();
|
||||
$rememberMeService = $authServicesFactory->createRememberMeService();
|
||||
$tenantSsoService = $authServicesFactory->createTenantSsoService();
|
||||
$tenantAvatarService = (new TenantServicesFactory())->createTenantAvatarService();
|
||||
$userServicesFactory = new UserServicesFactory();
|
||||
$userReadRepository = $userServicesFactory->createUserReadRepository();
|
||||
$userTenantContextService = $userServicesFactory->createUserTenantContextService();
|
||||
|
||||
$resolveLoginCandidates = static function (string $inputEmail): array {
|
||||
$resolveLoginCandidates = static function (string $inputEmail) use ($userReadRepository, $userTenantContextService, $tenantSsoService, $tenantAvatarService): array {
|
||||
$emailValue = strtolower(trim($inputEmail));
|
||||
if ($emailValue === '' || !filter_var($emailValue, FILTER_VALIDATE_EMAIL)) {
|
||||
return ['ok' => false];
|
||||
}
|
||||
|
||||
$user = UserRepository::findByEmail($emailValue);
|
||||
$user = $userReadRepository->findByEmail($emailValue);
|
||||
if (!$user || (int) ($user['active'] ?? 0) !== 1) {
|
||||
return ['ok' => false];
|
||||
}
|
||||
@@ -63,7 +69,7 @@ $resolveLoginCandidates = static function (string $inputEmail): array {
|
||||
return ['ok' => false];
|
||||
}
|
||||
|
||||
$tenants = UserService::getAssignedActiveTenants($userId);
|
||||
$tenants = $userTenantContextService->getAssignedActiveTenants($userId);
|
||||
if (!$tenants) {
|
||||
return ['ok' => false];
|
||||
}
|
||||
@@ -75,13 +81,13 @@ $resolveLoginCandidates = static function (string $inputEmail): array {
|
||||
if ($tenantId <= 0) {
|
||||
continue;
|
||||
}
|
||||
$tenantSlug = TenantSsoService::tenantLoginSlug($tenant);
|
||||
$tenantSlug = $tenantSsoService->tenantLoginSlug($tenant);
|
||||
if ($tenantSlug === '') {
|
||||
continue;
|
||||
}
|
||||
$methods = TenantSsoService::resolveTenantLoginMethods($tenantId);
|
||||
$methods = $tenantSsoService->resolveTenantLoginMethods($tenantId);
|
||||
$tenantUuid = (string) ($tenant['uuid'] ?? '');
|
||||
$hasAvatar = $tenantUuid !== '' && TenantAvatarService::hasAvatar($tenantUuid);
|
||||
$hasAvatar = $tenantUuid !== '' && $tenantAvatarService->hasAvatar($tenantUuid);
|
||||
$candidate = [
|
||||
'id' => $tenantId,
|
||||
'uuid' => $tenantUuid,
|
||||
@@ -151,7 +157,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$stage = 'resolve_email';
|
||||
} else {
|
||||
if ($postedStage === 'resolve_email') {
|
||||
$resolveLimitResult = RateLimiterService::isBlocked($loginResolveScope, $clientIp);
|
||||
$resolveLimitResult = $rateLimiterService->isBlocked($loginResolveScope, $clientIp);
|
||||
if (!($resolveLimitResult['allowed'] ?? true)) {
|
||||
$setRateLimitWarning((int) ($resolveLimitResult['retry_after'] ?? 60));
|
||||
return;
|
||||
@@ -159,11 +165,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
}
|
||||
|
||||
$resolved = $resolveLoginCandidates($email);
|
||||
if (!($resolved['ok'] ?? false)) {
|
||||
if (!$resolved['ok']) {
|
||||
$stage = 'resolve_email';
|
||||
$setLoginWarning(t('We could not continue with these login details'));
|
||||
if ($postedStage === 'resolve_email') {
|
||||
$resolveFailureResult = RateLimiterService::registerFailure(
|
||||
$resolveFailureResult = $rateLimiterService->registerFailure(
|
||||
$loginResolveScope,
|
||||
$clientIp,
|
||||
$loginResolveLimit,
|
||||
@@ -175,9 +181,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$email = (string) ($resolved['email'] ?? '');
|
||||
$tenantCandidates = is_array($resolved['candidates'] ?? null) ? $resolved['candidates'] : [];
|
||||
$tenantCandidateById = is_array($resolved['candidate_by_id'] ?? null) ? $resolved['candidate_by_id'] : [];
|
||||
$email = (string) $resolved['email'];
|
||||
$tenantCandidates = $resolved['candidates'];
|
||||
$tenantCandidateById = $resolved['candidate_by_id'];
|
||||
$postedTenantId = (int) ($_POST['tenant_id'] ?? 0);
|
||||
|
||||
if (in_array($postedStage, ['choose_tenant', 'login_password'], true)
|
||||
@@ -204,10 +210,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$stage = 'resolve_email';
|
||||
$setLoginWarning(t('We could not continue with these login details'));
|
||||
} else {
|
||||
$selectedTenantMethods = is_array($selectedTenant['methods'] ?? null)
|
||||
? $selectedTenant['methods']
|
||||
: $selectedTenantMethods;
|
||||
$selectedTenantSlug = trim((string) ($selectedTenant['slug'] ?? ''));
|
||||
$selectedTenantMethods = $selectedTenant['methods'];
|
||||
$selectedTenantSlug = trim((string) $selectedTenant['slug']);
|
||||
$isMicrosoftOnlyTenant = empty($selectedTenantMethods['local'])
|
||||
&& !empty($selectedTenantMethods['microsoft'])
|
||||
&& $selectedTenantSlug !== '';
|
||||
@@ -236,7 +240,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
} elseif ($postedStage === 'login_password') {
|
||||
$stage = 'methods';
|
||||
$passwordAttemptKey = strtolower(trim($email)) . '|' . $clientIp;
|
||||
$passwordLimitResult = RateLimiterService::isBlocked($loginPasswordScope, $passwordAttemptKey);
|
||||
$passwordLimitResult = $rateLimiterService->isBlocked($loginPasswordScope, $passwordAttemptKey);
|
||||
if (!($passwordLimitResult['allowed'] ?? true)) {
|
||||
$setRateLimitWarning((int) ($passwordLimitResult['retry_after'] ?? 60));
|
||||
return;
|
||||
@@ -247,7 +251,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
} else {
|
||||
$password = (string) ($_POST['password'] ?? '');
|
||||
$remember = !empty($_POST['remember']);
|
||||
$result = AuthService::login($email, $password);
|
||||
$result = $authService->login($email, $password);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
if (!empty($result['needs_verification'])) {
|
||||
$_SESSION['email_verification_email'] = $result['email'] ?? $email;
|
||||
@@ -256,7 +260,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
return;
|
||||
}
|
||||
$setLoginWarning(t((string) ($result['message'] ?? 'Email/password not valid')));
|
||||
$passwordFailureResult = RateLimiterService::registerFailure(
|
||||
$passwordFailureResult = $rateLimiterService->registerFailure(
|
||||
$loginPasswordScope,
|
||||
$passwordAttemptKey,
|
||||
$loginPasswordLimit,
|
||||
@@ -268,10 +272,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
}
|
||||
} else {
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
if ($userId <= 0 || !AuthService::canLoginToTenant($userId, $selectedTenantId)) {
|
||||
AuthService::logout();
|
||||
if ($userId <= 0 || !$authService->canLoginToTenant($userId, $selectedTenantId)) {
|
||||
$authService->logout();
|
||||
$setLoginWarning(t('No access to this tenant'));
|
||||
$passwordFailureResult = RateLimiterService::registerFailure(
|
||||
$passwordFailureResult = $rateLimiterService->registerFailure(
|
||||
$loginPasswordScope,
|
||||
$passwordAttemptKey,
|
||||
$loginPasswordLimit,
|
||||
@@ -282,11 +286,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$setRateLimitWarning((int) ($passwordFailureResult['retry_after'] ?? $loginPasswordBlock));
|
||||
}
|
||||
} else {
|
||||
$setTenant = UserService::setCurrentTenant($userId, $selectedTenantId);
|
||||
$setTenant = $userTenantContextService->setCurrentTenant($userId, $selectedTenantId);
|
||||
if (!($setTenant['ok'] ?? false)) {
|
||||
AuthService::logout();
|
||||
$authService->logout();
|
||||
$setLoginWarning(t('No access to this tenant'));
|
||||
$passwordFailureResult = RateLimiterService::registerFailure(
|
||||
$passwordFailureResult = $rateLimiterService->registerFailure(
|
||||
$loginPasswordScope,
|
||||
$passwordAttemptKey,
|
||||
$loginPasswordLimit,
|
||||
@@ -297,10 +301,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$setRateLimitWarning((int) ($passwordFailureResult['retry_after'] ?? $loginPasswordBlock));
|
||||
}
|
||||
} else {
|
||||
RateLimiterService::reset($loginPasswordScope, $passwordAttemptKey);
|
||||
AuthService::loadTenantDataIntoSession($userId);
|
||||
$rateLimiterService->reset($loginPasswordScope, $passwordAttemptKey);
|
||||
$authService->loadTenantDataIntoSession($userId);
|
||||
if ($remember) {
|
||||
RememberMeService::rememberUser($userId);
|
||||
$rememberMeService->rememberUser($userId);
|
||||
}
|
||||
Router::redirect('admin');
|
||||
return;
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Service\Auth\AuthService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
|
||||
AuthService::logoutAndRedirect('login');
|
||||
(new AuthServicesFactory())->createAuthService()->logoutAndRedirect('login');
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Service\Auth\AuthService;
|
||||
use MintyPHP\Service\Auth\MicrosoftOidcService;
|
||||
use MintyPHP\Service\Auth\SsoUserLinkService;
|
||||
use MintyPHP\Service\Auth\TenantSsoService;
|
||||
|
||||
$authServicesFactory = new AuthServicesFactory();
|
||||
$authService = $authServicesFactory->createAuthService();
|
||||
$ssoUserLinkService = $authServicesFactory->createSsoUserLinkService();
|
||||
$tenantSsoService = $authServicesFactory->createTenantSsoService();
|
||||
$microsoftOidcService = $authServicesFactory->createMicrosoftOidcService();
|
||||
|
||||
$state = trim((string) ($_GET['state'] ?? ''));
|
||||
$code = trim((string) ($_GET['code'] ?? ''));
|
||||
@@ -17,7 +20,7 @@ if ($error !== '') {
|
||||
return;
|
||||
}
|
||||
|
||||
$callbackResult = MicrosoftOidcService::handleCallback($state, $code);
|
||||
$callbackResult = $microsoftOidcService->handleCallback($state, $code);
|
||||
if (!($callbackResult['ok'] ?? false)) {
|
||||
Flash::error(t('Microsoft login failed'), 'login', 'microsoft_login_failed');
|
||||
Router::redirect('login');
|
||||
@@ -31,12 +34,12 @@ if (!is_array($tenant)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$linkResult = SsoUserLinkService::linkOrProvisionMicrosoftUser(
|
||||
$linkResult = $ssoUserLinkService->linkOrProvisionMicrosoftUser(
|
||||
$tenant,
|
||||
is_array($callbackResult['claims'] ?? null) ? $callbackResult['claims'] : []
|
||||
);
|
||||
if (!($linkResult['ok'] ?? false)) {
|
||||
$tenantSlug = TenantSsoService::tenantLoginSlug($tenant);
|
||||
$tenantSlug = $tenantSsoService->tenantLoginSlug($tenant);
|
||||
$loginTarget = $tenantSlug !== '' ? ('login?tenant=' . rawurlencode($tenantSlug)) : 'login';
|
||||
Flash::error(t('Microsoft login is not allowed for this account'), $loginTarget, 'microsoft_login_not_allowed');
|
||||
Router::redirect($loginTarget);
|
||||
@@ -45,9 +48,9 @@ if (!($linkResult['ok'] ?? false)) {
|
||||
|
||||
$userId = (int) ($linkResult['user_id'] ?? 0);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$loginResult = AuthService::loginUserById($userId, $tenantId, 'microsoft');
|
||||
$loginResult = $authService->loginUserById($userId, $tenantId, 'microsoft');
|
||||
if (!($loginResult['ok'] ?? false)) {
|
||||
$tenantSlug = TenantSsoService::tenantLoginSlug($tenant);
|
||||
$tenantSlug = $tenantSsoService->tenantLoginSlug($tenant);
|
||||
$loginTarget = $tenantSlug !== '' ? ('login?tenant=' . rawurlencode($tenantSlug)) : 'login';
|
||||
Flash::error(t('Microsoft login failed'), $loginTarget, 'microsoft_login_failed');
|
||||
Router::redirect($loginTarget);
|
||||
|
||||
@@ -1,9 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Service\Auth\MicrosoftOidcService;
|
||||
use MintyPHP\Service\Auth\TenantSsoService;
|
||||
|
||||
$authServicesFactory = new AuthServicesFactory();
|
||||
$tenantSsoService = $authServicesFactory->createTenantSsoService();
|
||||
$microsoftOidcService = $authServicesFactory->createMicrosoftOidcService();
|
||||
|
||||
$tenantSlug = trim((string) ($_GET['tenant'] ?? ''));
|
||||
if ($tenantSlug === '') {
|
||||
@@ -12,23 +15,23 @@ if ($tenantSlug === '') {
|
||||
return;
|
||||
}
|
||||
|
||||
$tenant = TenantSsoService::findTenantByLoginSlug($tenantSlug);
|
||||
$tenant = $tenantSsoService->findTenantByLoginSlug($tenantSlug);
|
||||
if (!$tenant) {
|
||||
Flash::error(t('Tenant login link is invalid'), 'login', 'tenant_login_invalid');
|
||||
Router::redirect('login');
|
||||
return;
|
||||
}
|
||||
$tenantSlug = TenantSsoService::tenantLoginSlug($tenant);
|
||||
$tenantSlug = $tenantSsoService->tenantLoginSlug($tenant);
|
||||
$loginTarget = $tenantSlug !== '' ? ('login?tenant=' . rawurlencode($tenantSlug)) : 'login';
|
||||
|
||||
$configResult = TenantSsoService::getEffectiveMicrosoftProviderConfig($tenant);
|
||||
$configResult = $tenantSsoService->getEffectiveMicrosoftProviderConfig($tenant);
|
||||
if (!($configResult['ok'] ?? false)) {
|
||||
Flash::error(t('Microsoft login is not available for this tenant'), $loginTarget, 'microsoft_login_not_available');
|
||||
Router::redirect($loginTarget);
|
||||
return;
|
||||
}
|
||||
|
||||
$authResult = MicrosoftOidcService::startAuthorization($tenant, $configResult['config'] ?? []);
|
||||
$authResult = $microsoftOidcService->startAuthorization($tenant, $configResult['config'] ?? []);
|
||||
if (!($authResult['ok'] ?? false)) {
|
||||
Flash::error(t('Microsoft login could not be started'), $loginTarget, 'microsoft_login_start_failed');
|
||||
Router::redirect($loginTarget);
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Service\Auth\AuthService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$error = false;
|
||||
if (!allowRegistration()) {
|
||||
@@ -11,13 +12,14 @@ if (!allowRegistration()) {
|
||||
}
|
||||
|
||||
if (isset($_POST['email'])) {
|
||||
$authService = (new AuthServicesFactory())->createAuthService();
|
||||
$firstName = trim((string) ($_POST['first_name'] ?? ''));
|
||||
$lastName = trim((string) ($_POST['last_name'] ?? ''));
|
||||
$email = trim((string) ($_POST['email'] ?? ''));
|
||||
$password = (string) ($_POST['password'] ?? '');
|
||||
$password2 = (string) ($_POST['password2'] ?? '');
|
||||
|
||||
$result = AuthService::register([
|
||||
$result = $authService->register([
|
||||
'first_name' => $firstName,
|
||||
'last_name' => $lastName,
|
||||
'email' => $email,
|
||||
@@ -34,3 +36,7 @@ if (isset($_POST['email'])) {
|
||||
Router::redirect('verify-email');
|
||||
}
|
||||
}
|
||||
|
||||
$userPasswordPolicyService = (new UserServicesFactory())->createUserPasswordPolicyService();
|
||||
$passwordHints = $userPasswordPolicyService->hints();
|
||||
$passwordMinLength = $userPasswordPolicyService->minLength();
|
||||
|
||||
@@ -11,9 +11,10 @@
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Service\User\UserService;
|
||||
|
||||
Buffer::set('title', t('Register'));
|
||||
$passwordMinLength = (int) ($passwordMinLength ?? 0);
|
||||
$passwordHints = is_array($passwordHints ?? null) ? $passwordHints : [];
|
||||
?>
|
||||
<a role="button" class="back_to_login small secondary outline" href="/login"><i
|
||||
class="bi bi-arrow-left"></i> <?php e(t('Back to Login')); ?></a>
|
||||
@@ -46,18 +47,18 @@ Buffer::set('title', t('Register'));
|
||||
<label for="password">
|
||||
<span><?php e(t('Password')); ?></span>
|
||||
<input required type="password" name="password" id="password"
|
||||
minlength="<?php e(UserService::passwordMinLength()); ?>" autocomplete="new-password" />
|
||||
minlength="<?php e($passwordMinLength); ?>" autocomplete="new-password" />
|
||||
</label>
|
||||
<label for="password2">
|
||||
<span><?php e(t('Password (again)')); ?></span>
|
||||
<input required type="password" name="password2" id="password2"
|
||||
minlength="<?php e(UserService::passwordMinLength()); ?>" autocomplete="new-password" />
|
||||
minlength="<?php e($passwordMinLength); ?>" autocomplete="new-password" />
|
||||
</label>
|
||||
<div class="form-hint" data-password-hints data-password-input="#password" data-confirm-input="#password2"
|
||||
data-email-input="#email" data-min-length="<?php e(UserService::passwordMinLength()); ?>">
|
||||
data-email-input="#email" data-min-length="<?php e($passwordMinLength); ?>">
|
||||
<strong><?php e(t('Password requirements')); ?></strong>
|
||||
<ul class="form-hint-list">
|
||||
<?php foreach (UserService::passwordHints() as $hint): ?>
|
||||
<?php foreach ($passwordHints as $hint): ?>
|
||||
<li data-rule="<?php e($hint['rule']); ?>"><?php e($hint['text']); ?></li>
|
||||
<?php endforeach; ?>
|
||||
<li data-rule="match"><?php e(t('Passwords must match')); ?></li>
|
||||
|
||||
@@ -1,17 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Service\Auth\PasswordResetService;
|
||||
use MintyPHP\Service\User\UserService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$errors = [];
|
||||
$password = (string) ($_POST['password'] ?? '');
|
||||
$password2 = (string) ($_POST['password2'] ?? '');
|
||||
$passwordResetService = (new AuthServicesFactory())->createPasswordResetService();
|
||||
|
||||
$resetId = (int) ($_SESSION['password_reset_id'] ?? 0);
|
||||
if ($resetId <= 0) {
|
||||
@@ -22,7 +21,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
if (!Session::checkCsrfToken()) {
|
||||
$errors = [t('Form expired, please try again')];
|
||||
} else {
|
||||
$result = PasswordResetService::resetPassword($resetId, $password, $password2);
|
||||
$result = $passwordResetService->resetPassword($resetId, $password, $password2);
|
||||
if ($result['ok'] ?? false) {
|
||||
unset($_SESSION['password_reset_id']);
|
||||
unset($_SESSION['password_reset_email']);
|
||||
@@ -34,7 +33,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
}
|
||||
}
|
||||
|
||||
$passwordHints = UserService::passwordHints();
|
||||
$passwordMinLength = UserService::passwordMinLength();
|
||||
$userPasswordPolicyService = (new UserServicesFactory())->createUserPasswordPolicyService();
|
||||
$passwordHints = $userPasswordPolicyService->hints();
|
||||
$passwordMinLength = $userPasswordPolicyService->minLength();
|
||||
|
||||
Buffer::set('title', t('Reset password'));
|
||||
|
||||
@@ -1,30 +1,30 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Service\Tenant\TenantAvatarService;
|
||||
use MintyPHP\Service\Tenant\TenantService;
|
||||
use MintyPHP\Service\Tenant\TenantServicesFactory;
|
||||
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
$uuid = trim((string) ($_GET['uuid'] ?? ''));
|
||||
$size = isset($_GET['size']) ? (int) $_GET['size'] : null;
|
||||
if (!TenantAvatarService::isValidUuid($uuid)) {
|
||||
$tenantAvatarService = (new TenantServicesFactory())->createTenantAvatarService();
|
||||
if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
|
||||
$tenant = TenantService::findByUuid($uuid);
|
||||
$tenant = directoryServicesFactory()->createTenantService()->findByUuid($uuid);
|
||||
if (!$tenant || (string) ($tenant['status'] ?? 'active') !== 'active') {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
|
||||
$path = TenantAvatarService::findAvatarPath($uuid, $size);
|
||||
$path = $tenantAvatarService->findAvatarPath($uuid, $size);
|
||||
if (!$path || !is_file($path)) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
|
||||
$mime = TenantAvatarService::detectMime($path);
|
||||
$mime = $tenantAvatarService->detectMime($path);
|
||||
header('Content-Type: ' . $mime);
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('Content-Security-Policy: sandbox');
|
||||
|
||||
@@ -1,16 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Service\Auth\PasswordResetService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$errors = [];
|
||||
$email = trim((string) ($_POST['email'] ?? ($_SESSION['password_reset_email'] ?? '')));
|
||||
$code = trim((string) ($_POST['code'] ?? ''));
|
||||
$passwordResetService = (new AuthServicesFactory())->createPasswordResetService();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
if (!Session::checkCsrfToken()) {
|
||||
@@ -20,7 +19,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
} elseif ($code === '' || !preg_match('/^\d{6}$/', $code)) {
|
||||
$errors[] = t('Please enter the 6-digit code');
|
||||
} else {
|
||||
$result = PasswordResetService::verifyCode($email, $code);
|
||||
$result = $passwordResetService->verifyCode($email, $code);
|
||||
if ($result['ok'] ?? false) {
|
||||
$_SESSION['password_reset_id'] = (int) $result['reset_id'];
|
||||
unset($_SESSION['password_reset_email']);
|
||||
|
||||
@@ -1,14 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\EmailVerificationService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$errors = [];
|
||||
$email = trim((string) ($_POST['email'] ?? ($_SESSION['email_verification_email'] ?? '')));
|
||||
$code = trim((string) ($_POST['code'] ?? ''));
|
||||
$emailVerificationService = (new AuthServicesFactory())->createEmailVerificationService();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$action = $_POST['action'] ?? 'verify';
|
||||
@@ -20,7 +21,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
if ($email === '' || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$errors[] = t('Please enter a valid email address');
|
||||
} else {
|
||||
$result = EmailVerificationService::resendVerification($email);
|
||||
$result = $emailVerificationService->resendVerification($email);
|
||||
if ($result['ok'] ?? false) {
|
||||
Flash::success(t('A new verification code has been sent.'), 'verify-email', 'code_resent');
|
||||
Router::redirect('verify-email');
|
||||
@@ -37,7 +38,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
} elseif ($code === '' || !preg_match('/^\d{6}$/', $code)) {
|
||||
$errors[] = t('Please enter the 6-digit code');
|
||||
} else {
|
||||
$result = EmailVerificationService::verifyCode($email, $code);
|
||||
$result = $emailVerificationService->verifyCode($email, $code);
|
||||
if ($result['ok'] ?? false) {
|
||||
unset($_SESSION['email_verification_email']);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user