[Password] Handle resetting based on passcode

2024-11-23 01:59:14 +00:00 · 2022-01-18 16:14:22 +00:00 · 2022-01-18 16:14:22 +00:00 · d2690462ae
commit d2690462ae
parent 4a2f6c0cfa
4 changed files with 103 additions and 12 deletions
--- a/application/controllers/User.php
+++ b/application/controllers/User.php
@ -527,19 +527,9 @@ class User extends CI_Controller {
 				
 				// Send email with reset code

-				$config = Array(
-					'protocol' => 'smtp',
-					'smtp_host' => 'smtp.mailtrap.io',
-					'smtp_port' => 2525,
-					'smtp_user' => '2a4ee81ff3810f',
-					'smtp_pass' => 'bd4ec48aa67b14',
-					'crlf' => "\r\n",
-					'newline' => "\r\n"
-				  );
-
 				$this->data['reset_code'] = $reset_code;
 				$this->load->library('email');
-				$this->email->initialize($config);
+
 				$message = $this->load->view('email/forgot_password', $this->data,  TRUE);

 				$this->email->from('noreply@cloudlog.co.uk', 'Cloudlog');
@ -559,4 +549,36 @@ class User extends CI_Controller {
 			}
 		}
 	}
+
+	function reset_password($reset_code = NULL)
+	{
+		$data['reset_code'] = $reset_code;
+		if($reset_code != NULL) {
+			$this->load->helper(array('form', 'url'));
+
+			$this->load->library('form_validation');
+	
+			$this->form_validation->set_rules('password', 'Password', 'required');
+			$this->form_validation->set_rules('password_confirm', 'Password Confirmation', 'required|matches[password]');
+	
+			if ($this->form_validation->run() == FALSE)
+			{
+				$data['page_title'] = "Reset Password";
+				$this->load->view('interface_assets/mini_header', $data);
+				$this->load->view('user/reset_password');
+				$this->load->view('interface_assets/footer');
+			}
+			else
+			{
+				// Lets reset the password!
+				$this->load->model('user_model');
+			
+				$this->user_model->reset_password($this->input->post('password', true), $reset_code);
+				$this->session->set_flashdata('notice', 'Password Reset.');
+				redirect('user/login');
+			}
+		} else {
+			redirect('user/login');
+		}
+	}
 }
--- a/application/models/User_model.php
+++ b/application/models/User_model.php
@ -413,6 +413,25 @@ class User_Model extends CI_Model {
 		$this->db->update('users', $data);
 	}

+	/*
+	 * FUNCTION: reset_password
+	 *
+	 * Sets new password for users account where the reset code matches then clears the password reset code and password reset date.
+	 * 
+	 * @param string $password
+	 * @return string $reset_code
+	 */
+	function reset_password($password, $reset_code) {
+		$data = array(
+			'user_password' => $this->_hash($password),
+			'reset_password_code' => NULL,
+			'reset_password_date' => NULL
+		);
+				
+		$this->db->where('reset_password_code', $reset_code);
+		$this->db->update('users', $data);
+	}
+
 	// FUNCTION: bool _auth($password, $hash)
 	// Checks a password against the stored hash
 	private function _auth($password, $hash) {
--- a/application/views/email/forgot_password.php
+++ b/application/views/email/forgot_password.php
@ -5,6 +5,9 @@ You or someone else has requested a password reset on your Cloudlog account.
 Your password reset code is: <?php echo $reset_code; ?>


+Click here to reset password <?php echo site_url('user/reset_password/').$reset_code; ?>
+
+
 If you didn't request this just ignore.

 Regards,
--- a/application/views/user/reset_password.php
+++ b/application/views/user/reset_password.php
@ -0,0 +1,47 @@
+<div id="container" class="container mx-auto pt-5">
+	<div class="row">
+		<div class="col-12">
+            <div class="panel panel-default">
+              <div class="panel-body">
+                <div class="text-center">
+                  <h3><i class="fa fa-lock fa-4x"></i></h3>
+                  <h2 class="text-center">Reset Password?</h2>
+                  <p>You can reset your password here.</p>
+                  <div class="panel-body">
+                    
+                    <?php if(validation_errors() != ''): ?>
+                    <div class="alert alert-danger" role="alert">
+                        <?php echo validation_errors(); ?>
+                    </div>
+                    <?php endif; ?>
+
+                    <form role="form" autocomplete="off" class="form" method="post" action="<?php echo site_url('user/reset_password'); ?>/<?php echo $reset_code; ?>">
+
+                        <div class="form-group row">
+                            <label for="inputPassword" class="col-sm-2 col-form-label">Password</label>
+                            <div class="col-sm-10">
+                                <input type="password" name="password" class="form-control" id="inputPassword" placeholder="Password">
+                            </div>
+                        </div>
+
+                        <div class="form-group row">
+                            <label for="inputPassword" class="col-sm-2 col-form-label">Confirm Password</label>
+                            <div class="col-sm-10">
+                                <input type="password" name="password_confirm" class="form-control" id="inputPassword" placeholder="Password">
+                            </div>
+                        </div>
+
+                      <div class="form-group">
+                        <input name="recover-submit" class="btn btn-lg btn-primary btn-block" value="Reset Password" type="submit">
+                      </div>
+                      
+                      <input type="hidden" class="hide" name="token" id="token" value=""> 
+                    </form>
+    
+                  </div>
+                </div>
+              </div>
+            </div>
+          </div>
+	</div>
+</div>