github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2025-01-21 13:44:58 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #943 from poush/fix_#937

Browse Source 
Validation on password change
This commit is contained in:
Franz Liedke 2016-04-29 20:27:53 +09:00
commit 856053f464
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
framework/core/src/Forum/Controller/SavePasswordController.php
View File

@ -11,6 +11,7 @@
namespace Flarum\Forum\Controller;
use Flarum\Core\PasswordToken;
use Flarum\Core\Validator\UserValidator;
use Flarum\Forum\UrlGenerator;
use Flarum\Http\Controller\ControllerInterface;
use Flarum\Http\SessionAuthenticator;
@ -24,6 +25,11 @@ class SavePasswordController implements ControllerInterface
*/
protected $url;
/**
* @var UserValidator
*/
protected $validator;
/**
* @var SessionAuthenticator
*/
@ -33,10 +39,11 @@ class SavePasswordController implements ControllerInterface
* @param UrlGenerator $url
* @param SessionAuthenticator $authenticator
*/
public function __construct(UrlGenerator $url, SessionAuthenticator $authenticator)
public function __construct(UrlGenerator $url, SessionAuthenticator $authenticator, UserValidator $validator)
{
$this->url = $url;
$this->authenticator = $authenticator;
$this->validator = $validator;
}
/**
@ -52,6 +59,8 @@ class SavePasswordController implements ControllerInterface
$password = array_get($input, 'password');
$confirmation = array_get($input, 'password_confirmation');
$this->validator->assertValid(compact('password'));
if (! $password || $password !== $confirmation) {
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
}