Very rough implementation of forgot password

This commit is contained in:
Toby Zerner 2015-05-26 11:14:06 +09:30
parent 35b362e393
commit e47678f403
18 changed files with 376 additions and 3 deletions

View File

@ -0,0 +1,66 @@
import Component from 'flarum/component';
import LoadingIndicator from 'flarum/components/loading-indicator';
import Alert from 'flarum/components/alert';
import icon from 'flarum/helpers/icon';
export default class ForgotPasswordModal extends Component {
constructor(props) {
super(props);
this.email = m.prop();
this.loading = m.prop(false);
this.success = m.prop(false);
}
view() {
return m('div.modal-dialog.modal-sm.modal-forgot-password', [
m('div.modal-content', [
m('button.btn.btn-icon.btn-link.close.back-control', {onclick: this.hide.bind(this)}, icon('times')),
m('form', {onsubmit: this.onsubmit.bind(this)}, [
m('div.modal-header', m('h3.title-control', 'Forgot Password')),
this.props.message ? m('div.modal-alert.alert', this.props.message) : '',
m('div.modal-body', [
m('div.form-centered', this.success() ? 'Sent!' : [
m('div.form-group', [
m('input.form-control[name=email][placeholder=Email]', {onchange: m.withAttr('value', this.email)})
]),
m('div.form-group', [
m('button.btn.btn-primary.btn-block[type=submit]', 'Recover Password')
])
])
])
])
]),
LoadingIndicator.component({className: 'modal-loading'+(this.loading() ? ' active' : '')})
])
}
ready($modal) {
$modal.find('[name=email]').focus();
}
hide() {
app.modal.close();
}
onsubmit(e) {
e.preventDefault();
this.loading(true);
m.request({
method: 'POST',
url: app.config['api_url']+'/forgot',
data: {email: this.email()},
background: true
}).then(response => {
this.loading(false);
this.success(true);
m.redraw();
}, response => {
this.loading(false);
m.redraw();
app.alerts.dismiss(this.errorAlert);
app.alerts.show(this.errorAlert = new Alert({ type: 'warning', message: 'Invalid credentials.' }));
});
}
}

View File

@ -1,5 +1,6 @@
import Component from 'flarum/component'; import Component from 'flarum/component';
import LoadingIndicator from 'flarum/components/loading-indicator'; import LoadingIndicator from 'flarum/components/loading-indicator';
import ForgotPasswordModal from 'flarum/components/forgot-password-modal';
import SignupModal from 'flarum/components/signup-modal'; import SignupModal from 'flarum/components/signup-modal';
import Alert from 'flarum/components/alert'; import Alert from 'flarum/components/alert';
import icon from 'flarum/helpers/icon'; import icon from 'flarum/helpers/icon';
@ -34,7 +35,7 @@ export default class LoginModal extends Component {
]) ])
]), ]),
m('div.modal-footer', [ m('div.modal-footer', [
m('p.forgot-password-link', m('a[href=javascript:;]', 'Forgot password?')), m('p.forgot-password-link', m('a[href=javascript:;]', {onclick: () => app.modal.show(new ForgotPasswordModal())}, 'Forgot password?')),
m('p.sign-up-link', [ m('p.sign-up-link', [
'Don\'t have an account? ', 'Don\'t have an account? ',
m('a[href=javascript:;]', {onclick: () => app.modal.show(new SignupModal())}, 'Sign Up') m('a[href=javascript:;]', {onclick: () => app.modal.show(new SignupModal())}, 'Sign Up')

View File

@ -20,6 +20,7 @@ export default class Modal extends Component {
this.component = component; this.component = component;
m.redraw(true); m.redraw(true);
this.$().modal('show'); this.$().modal('show');
this.ready();
} }
close() { close() {

View File

@ -0,0 +1,30 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateResetTokensTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('reset_tokens', function (Blueprint $table) {
$table->string('id');
$table->integer('user_id')->unsigned();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::drop('reset_tokens');
}
}

View File

@ -14,7 +14,6 @@ class CreateUsersTable extends Migration
public function up() public function up()
{ {
Schema::create('users', function (Blueprint $table) { Schema::create('users', function (Blueprint $table) {
$table->increments('id'); $table->increments('id');
$table->string('username', 100)->unique(); $table->string('username', 100)->unique();
$table->string('email', 150)->unique(); $table->string('email', 150)->unique();

View File

@ -3,6 +3,8 @@
use Closure; use Closure;
use Flarum\Api\Request; use Flarum\Api\Request;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Illuminate\Http\Response;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Flarum\Core\Exceptions\ValidationFailureException; use Flarum\Core\Exceptions\ValidationFailureException;
use Flarum\Core\Exceptions\PermissionDeniedException; use Flarum\Core\Exceptions\PermissionDeniedException;
@ -29,7 +31,9 @@ abstract class JsonApiAction implements ActionInterface
} }
return new JsonResponse(['errors' => $errors], 422); return new JsonResponse(['errors' => $errors], 422);
} catch (PermissionDeniedException $e) { } catch (PermissionDeniedException $e) {
return new JsonResponse(null, 401); return new Response(null, 401);
} catch (ModelNotFoundException $e) {
return new Response(null, 404);
} }
} }

View File

@ -0,0 +1,38 @@
<?php namespace Flarum\Api\Actions\Users;
use Flarum\Api\Request;
use Flarum\Api\Actions\JsonApiAction;
use Flarum\Core\Repositories\UserRepositoryInterface;
use Flarum\Core\Commands\RequestPasswordResetCommand;
use Illuminate\Http\Response;
use Illuminate\Contracts\Bus\Dispatcher;
class ForgotAction extends JsonApiAction
{
protected $users;
protected $bus;
public function __construct(UserRepositoryInterface $users, Dispatcher $bus)
{
$this->users = $users;
$this->bus = $bus;
}
/**
* Log in and return a token.
*
* @param \Flarum\Api\Request $request
* @return \Flarum\Api\Response
*/
public function respond(Request $request)
{
$email = $request->get('email');
$this->bus->dispatch(
new RequestPasswordResetCommand($email)
);
return new Response;
}
}

View File

@ -37,6 +37,12 @@ Route::group(['prefix' => 'api', 'middleware' => 'Flarum\Api\Middleware\LoginWit
'uses' => $action('Flarum\Api\Actions\TokenAction') 'uses' => $action('Flarum\Api\Actions\TokenAction')
]); ]);
// Send forgot password email
Route::post('forgot', [
'as' => 'flarum.api.forgot',
'uses' => $action('Flarum\Api\Actions\Users\ForgotAction')
]);
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Users | Users
@ -73,11 +79,13 @@ Route::group(['prefix' => 'api', 'middleware' => 'Flarum\Api\Middleware\LoginWit
'uses' => $action('Flarum\Api\Actions\Users\DeleteAction') 'uses' => $action('Flarum\Api\Actions\Users\DeleteAction')
]); ]);
// Upload avatar
Route::post('users/{id}/avatar', [ Route::post('users/{id}/avatar', [
'as' => 'flarum.api.users.avatar.upload', 'as' => 'flarum.api.users.avatar.upload',
'uses' => $action('Flarum\Api\Actions\Users\UploadAvatarAction') 'uses' => $action('Flarum\Api\Actions\Users\UploadAvatarAction')
]); ]);
// Remove avatar
Route::delete('users/{id}/avatar', [ Route::delete('users/{id}/avatar', [
'as' => 'flarum.api.users.avatar.delete', 'as' => 'flarum.api.users.avatar.delete',
'uses' => $action('Flarum\Api\Actions\Users\DeleteAvatarAction') 'uses' => $action('Flarum\Api\Actions\Users\DeleteAvatarAction')

View File

@ -0,0 +1,11 @@
<?php namespace Flarum\Core\Commands;
class RequestPasswordResetCommand
{
public $email;
public function __construct($email)
{
$this->email = $email;
}
}

View File

@ -0,0 +1,52 @@
<?php namespace Flarum\Core\Handlers\Commands;
use Flarum\Core\Commands\RequestPasswordResetCommand;
use Flarum\Core\Models\ResetToken;
use Flarum\Core\Repositories\UserRepositoryInterface;
use Illuminate\Contracts\Mail\Mailer;
use Illuminate\Database\Eloquent\ModelNotFoundException;
class RequestPasswordResetCommandHandler
{
/**
* @var UserRepositoryInterface
*/
protected $users;
/**
* The mailer instance.
*
* @var \Illuminate\Contracts\Mail\Mailer
*/
protected $mailer;
public function __construct(UserRepositoryInterface $users, Mailer $mailer)
{
$this->users = $users;
$this->mailer = $mailer;
}
public function handle(RequestPasswordResetCommand $command)
{
$user = $this->users->findByEmail($command->email);
if (! $user) {
throw new ModelNotFoundException;
}
$token = ResetToken::generate($user->id);
$token->save();
$data = [
'username' => $user->username,
'url' => route('flarum.forum.resetPassword', ['token' => $token->id])
];
$this->mailer->send(['text' => 'flarum::emails.reset'], $data, function ($message) use ($user) {
$message->to($user->email);
$message->subject('Reset Your Password');
});
return $user;
}
}

View File

@ -0,0 +1,44 @@
<?php namespace Flarum\Core\Models;
class ResetToken extends Model
{
/**
* The table associated with the model.
*
* @var string
*/
protected $table = 'reset_tokens';
/**
* Use a custom primary key for this model.
*
* @var boolean
*/
public $incrementing = false;
/**
* Generate a reset token for the specified user.
*
* @param int $userId
* @return static
*/
public static function generate($userId)
{
$token = new static;
$token->id = str_random(40);
$token->user_id = $userId;
return $token;
}
/**
* Define the relationship with the owner of this reset token.
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*/
public function user()
{
return $this->belongsTo('Flarum\Core\Models\User');
}
}

View File

@ -45,6 +45,17 @@ class EloquentUserRepository implements UserRepositoryInterface
return User::where($field, $identification)->first(); return User::where($field, $identification)->first();
} }
/**
* Find a user by email.
*
* @param string $email
* @return \Flarum\Core\Models\User|null
*/
public function findByEmail($email)
{
return User::where('email', $email)->first();
}
/** /**
* Get the ID of a user with the given username. * Get the ID of a user with the given username.
* *

View File

@ -31,6 +31,14 @@ interface UserRepositoryInterface
*/ */
public function findByIdentification($identification); public function findByIdentification($identification);
/**
* Find a user by email.
*
* @param string $email
* @return \Flarum\Core\Models\User|null
*/
public function findByEmail($email);
/** /**
* Get the ID of a user with the given username. * Get the ID of a user with the given username.
* *

View File

@ -0,0 +1,16 @@
<?php namespace Flarum\Forum\Actions;
use Flarum\Core\Models\ResetToken;
use Illuminate\Http\Request;
class ResetPasswordAction extends BaseAction
{
public function handle(Request $request, $routeParams = [])
{
$token = array_get($routeParams, 'token');
$token = ResetToken::findOrFail($token);
return view('flarum::reset')->with('token', $token->id);
}
}

View File

@ -0,0 +1,28 @@
<?php namespace Flarum\Forum\Actions;
use Flarum\Core\Models\ResetToken;
use Flarum\Core\Commands\EditUserCommand;
use Illuminate\Http\Request;
class SavePasswordAction extends BaseAction
{
public function handle(Request $request, $routeParams = [])
{
$token = ResetToken::findOrFail($request->get('token'));
$password = $request->get('password');
$confirmation = $request->get('password_confirmation');
if (! $password || $password !== $confirmation) {
return redirect()->back();
}
$this->dispatch(
new EditUserCommand($token->user_id, $token->user, ['password' => $password])
);
$token->delete();
return redirect('');
}
}

View File

@ -32,3 +32,13 @@ Route::get('confirm/{id}/{token}', [
'as' => 'flarum.forum.confirm', 'as' => 'flarum.forum.confirm',
'uses' => $action('Flarum\Forum\Actions\ConfirmAction') 'uses' => $action('Flarum\Forum\Actions\ConfirmAction')
]); ]);
Route::get('reset/{token}', [
'as' => 'flarum.forum.resetPassword',
'uses' => $action('Flarum\Forum\Actions\ResetPasswordAction')
]);
Route::post('reset', [
'as' => 'flarum.forum.savePassword',
'uses' => $action('Flarum\Forum\Actions\SavePasswordAction')
]);

View File

@ -0,0 +1,3 @@
Hey {{ $username }}!
Click here to reset your password: {{ $url }}

View File

@ -0,0 +1,43 @@
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Reset Your Password</title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, minimum-scale=1">
</head>
<body>
<h1>Reset Your Password</h1>
@if (count($errors) > 0)
<div class="alert alert-danger">
<strong>Whoops!</strong> There were some problems with your input.<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
<form class="form-horizontal" role="form" method="POST" action="{{ route('flarum.forum.savePassword') }}">
<input type="hidden" name="token" value="{{ $token }}">
<div class="form-group">
<label class="control-label">Password</label>
<input type="password" class="form-control" name="password">
</div>
<div class="form-group">
<label class="control-label">Confirm Password</label>
<input type="password" class="form-control" name="password_confirmation">
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary">Reset Password</button>
</div>
</form>
</body>
</html>