mirror of
				https://github.com/invoiceninja/invoiceninja.git
				synced 2025-10-25 19:42:54 -04:00 
			
		
		
		
	Fix client password reset
This commit is contained in:
		
							parent
							
								
									3cbf29afad
								
							
						
					
					
						commit
						2978f005cd
					
				| @ -4,7 +4,9 @@ namespace App\Http\Controllers\ClientAuth; | ||||
| 
 | ||||
| use Password; | ||||
| use Config; | ||||
| use Utils; | ||||
| use App\Models\Contact; | ||||
| use App\Models\Account; | ||||
| use Illuminate\Http\Request; | ||||
| use App\Http\Controllers\Controller; | ||||
| use Illuminate\Foundation\Auth\SendsPasswordResetEmails; | ||||
| @ -45,10 +47,6 @@ class ForgotPasswordController extends Controller | ||||
|         	'clientauth' => true, | ||||
| 		]; | ||||
| 
 | ||||
|         if (! session('contact_key')) { | ||||
|             return \Redirect::to('/client/session_expired'); | ||||
|         } | ||||
| 
 | ||||
|         return view('clientauth.passwords.email')->with($data); | ||||
|     } | ||||
| 
 | ||||
| @ -61,15 +59,33 @@ class ForgotPasswordController extends Controller | ||||
|      */ | ||||
|     public function sendResetLinkEmail(Request $request) | ||||
|     { | ||||
|         $contactId = null; | ||||
|         $contactKey = session('contact_key'); | ||||
|         if ($contactKey) { | ||||
|             $contact = Contact::where('contact_key', '=', $contactKey)->first(); | ||||
|             if ($contact && ! $contact->is_deleted && $contact->email) { | ||||
|                 $contactId = $contact->id; | ||||
|         // resolve the email to a contact/account
 | ||||
|         $account = false; | ||||
|         if (! Utils::isNinja() && Account::count() == 1) { | ||||
|             $account = Account::first(); | ||||
|         } elseif ($accountKey = request()->account_key) { | ||||
|             $account = Account::whereAccountKey($accountKey)->first(); | ||||
|         } else { | ||||
|             $subdomain = Utils::getSubdomain(\Request::server('HTTP_HOST')); | ||||
|             if ($subdomain && $subdomain != 'app') { | ||||
|                 $account = Account::whereSubdomain($subdomain)->first(); | ||||
|             } | ||||
|         } | ||||
| 
 | ||||
|         if (! $account || ! request()->email) { | ||||
|             return $this->sendResetLinkFailedResponse($request, Password::INVALID_USER); | ||||
|         } | ||||
| 
 | ||||
|         $contact = Contact::where('email', '=', request()->email) | ||||
|             ->where('account_id', '=', $account->id) | ||||
|             ->first(); | ||||
| 
 | ||||
|         if ($contact) { | ||||
|             $contactId = $contact->id; | ||||
|         } else { | ||||
|             return $this->sendResetLinkFailedResponse($request, Password::INVALID_USER); | ||||
|         } | ||||
| 
 | ||||
|         $response = $this->broker()->sendResetLink(['id' => $contactId], function (Message $message) { | ||||
|             $message->subject($this->getEmailSubject()); | ||||
|         }); | ||||
|  | ||||
| @ -98,7 +98,7 @@ class LoginController extends Controller | ||||
|                 $account = Account::whereAccountKey($accountKey)->first(); | ||||
|             } else { | ||||
|                 $subdomain = Utils::getSubdomain(\Request::server('HTTP_HOST')); | ||||
|                 if ($subdomain != 'app') { | ||||
|                 if ($subdomain && $subdomain != 'app') { | ||||
|                     $account = Account::whereSubdomain($subdomain)->first(); | ||||
|                 } | ||||
|             } | ||||
|  | ||||
| @ -50,7 +50,7 @@ | ||||
| 
 | ||||
|         <div class="row meta"> | ||||
|             <div class="col-md-12 col-sm-12" style="text-align:center;padding-top:8px;"> | ||||
|                 {!! link_to('/client/recover_password', trans('texts.recover_password')) !!} | ||||
|                 {!! link_to('/client/recover_password' . (request()->account_key ? '?account_key=' . request()->account_key : ''), trans('texts.recover_password')) !!} | ||||
|             </div> | ||||
|         </div> | ||||
|         {!! Former::close() !!} | ||||
|  | ||||
| @ -3,7 +3,9 @@ | ||||
| @section('form') | ||||
|     @include('partials.warn_session', ['redirectTo' => '/client/session_expired']) | ||||
|     <div class="container"> | ||||
|         {!! Former::open('client/recover_password')->addClass('form-signin') !!} | ||||
|         {!! Former::open() | ||||
|                 ->rules(['email' => 'required|email']) | ||||
|                 ->addClass('form-signin') !!} | ||||
| 
 | ||||
|         <h2 class="form-signin-heading">{{ trans('texts.password_recovery') }}</h2> | ||||
|         <hr class="green"> | ||||
| @ -35,6 +37,9 @@ | ||||
|             <div class="alert alert-danger">{{ Session::get('error') }}</div> | ||||
|         @endif | ||||
| 
 | ||||
|         <div> | ||||
|             {!! Former::text('email')->placeholder(trans('texts.email_address'))->raw() !!} | ||||
|         </div> | ||||
|         {!! Button::success(trans('texts.send_email')) | ||||
|                     ->withAttributes(['class' => 'green']) | ||||
|                     ->large()->submit()->block() !!} | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user