diff --git a/core/js/lostpassword.js b/core/js/lostpassword.js new file mode 100644 index 0000000000..00dfe71be6 --- /dev/null +++ b/core/js/lostpassword.js @@ -0,0 +1,134 @@ + +OC.Lostpassword = { + sendErrorMsg : t('core', 'Couldn’t send reset email. Please contact your administrator.'), + + sendSuccessMsg : t('core', 'The link to reset your password has been sent to your email. If you do not receive it within a reasonable amount of time, check your spam/junk folders.
If it is not there ask your local administrator.'), + + encryptedMsg : t('core', "Your files are encrypted. If you haven't enabled the recovery key, there will be no way to get your data back after your password is reset.
If you are not sure what to do, please contact your administrator before you continue.
Do you really want to continue?") + + ('
') + + '
' + + '' + + t('core', 'Reset password') + + '', + + resetErrorMsg : t('core', 'Password can not be changed. Please contact your administrator.'), + + init : function() { + if ($('#lost-password-encryption').length){ + $('#lost-password-encryption').click(OC.Lostpassword.sendLink); + } else { + $('#lost-password').click(OC.Lostpassword.sendLink); + } + $('#reset-password #submit').click(OC.Lostpassword.resetPassword); + }, + + sendLink : function(event){ + event.preventDefault(); + if (!$('#user').val().length){ + $('#submit').trigger('click'); + } else { + $.post( + OC.filePath('core', 'ajax', 'password/lost'), + { + user : $('#user').val(), + proceed: $('#encrypted-continue').attr('checked') ? 'Yes' : 'No' + }, + OC.Lostpassword.sendLinkDone + ); + } + }, + + sendLinkDone : function(result){ + if (result && result.status === 'success'){ + OC.Lostpassword.sendLinkSuccess(); + } else { + if (result && result.msg){ + var sendErrorMsg = result.msg; + } else if (result && result.encryption) { + var sendErrorMsg = OC.Lostpassword.encryptedMsg; + } else { + var sendErrorMsg = OC.Lostpassword.sendErrorMsg; + } + OC.Lostpassword.sendLinkError(sendErrorMsg); + } + }, + + sendLinkSuccess : function(msg){ + var node = OC.Lostpassword.getSendStatusNode(); + node.addClass('success').css({width:'auto'}); + node.html(OC.Lostpassword.sendSuccessMsg); + }, + + sendLinkError : function(msg){ + var node = OC.Lostpassword.getSendStatusNode(); + node.addClass('warning'); + node.html(msg); + OC.Lostpassword.init(); + }, + + getSendStatusNode : function(){ + if (!$('#lost-password').length){ + $('

').insertBefore($('#remember_login')); + } else { + $('#lost-password').replaceWith($('

')); + } + return $('#lost-password'); + }, + + resetPassword : function(event){ + event.preventDefault(); + if ($('#password').val()){ + $.post( + $('#password').parents('form').attr('action'), + { + password : $('#password').val() + }, + OC.Lostpassword.resetDone + ); + } + }, + + resetDone : function(result){ + if (result && result.status === 'success'){ + $.post( + OC.webroot + '/', + { + user : window.location.href.split('/').pop(), + password : $('#password').val() + }, + OC.Lostpassword.redirect + ); + } else { + if (result && result.msg){ + var resetErrorMsg = result.msg; + } else { + var resetErrorMsg = OC.Lostpassword.resetErrorMsg; + } + OC.Lostpassword.resetError(resetErrorMsg); + } + }, + + redirect : function(msg){ + window.location = OC.webroot; + }, + + resetError : function(msg){ + var node = OC.Lostpassword.getResetStatusNode(); + node.addClass('warning'); + node.html(msg); + }, + + getResetStatusNode : function (){ + if (!$('#lost-password').length){ + $('

').insertAfter($('#submit')); + } else { + $('#lost-password').replaceWith($('

')); + } + return $('#lost-password'); + } + +}; + +$(document).ready(OC.Lostpassword.init); diff --git a/core/lostpassword/ajaxcontroller.php b/core/lostpassword/ajaxcontroller.php new file mode 100644 index 0000000000..3722681308 --- /dev/null +++ b/core/lostpassword/ajaxcontroller.php @@ -0,0 +1,45 @@ + '1') + ); + } catch (\Exception $e){ + \OCP\JSON::error( + array('msg'=> $e->getMessage()) + ); + } + + exit(); + } + + public static function resetPassword($args) { + \OCP\JSON::callCheck(); + try { + Controller::resetPassword($args); + \OCP\JSON::success(); + } catch (Exception $e){ + \OCP\JSON::error( + array('msg'=> $e->getMessage()) + ); + } + exit(); + } +} diff --git a/core/lostpassword/controller.php b/core/lostpassword/controller.php index c858696885..0c6ada4edc 100644 --- a/core/lostpassword/controller.php +++ b/core/lostpassword/controller.php @@ -36,47 +36,37 @@ class Controller { return \OC_Preferences::getValue($user, 'owncloud', 'lostpassword') === hash('sha256', $token); } - public static function index($args) { - self::displayLostPasswordPage(false, false); - } - - public static function sendEmail($args) { - + public static function sendEmail($user, $proceed) { + $l = \OC_L10N::get('core'); $isEncrypted = \OC_App::isEnabled('files_encryption'); - if(!$isEncrypted || isset($_POST['continue'])) { - $continue = true; - } else { - $continue = false; + if ($isEncrypted && $proceed !== 'Yes'){ + throw new EncryptedDataException(); } - if (\OC_User::userExists($_POST['user']) && $continue) { - $token = hash('sha256', \OC_Util::generateRandomBytes(30).\OC_Config::getValue('passwordsalt', '')); - \OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', - hash('sha256', $token)); // Hash the token again to prevent timing attacks - $email = \OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); - if (!empty($email)) { - $link = \OC_Helper::linkToRoute('core_lostpassword_reset', - array('user' => $_POST['user'], 'token' => $token)); - $link = \OC_Helper::makeURLAbsolute($link); + if (!\OC_User::userExists($user)) { + throw new \Exception($l->t('Couldn’t send reset email. Please make sure your username is correct.')); + } + $token = hash('sha256', \OC_Util::generateRandomBytes(30).\OC_Config::getValue('passwordsalt', '')); + \OC_Preferences::setValue($user, 'owncloud', 'lostpassword', + hash('sha256', $token)); // Hash the token again to prevent timing attacks + $email = \OC_Preferences::getValue($user, 'settings', 'email', ''); + if (empty($email)) { + throw new \Exception($l->t('Couldn’t send reset email because there is no email address for this username. Please contact your administrator.')); + } + $link = \OC_Helper::linkToRoute('core_lostpassword_reset', + array('user' => $user, 'token' => $token)); + $link = \OC_Helper::makeURLAbsolute($link); - $tmpl = new \OC_Template('core/lostpassword', 'email'); - $tmpl->assign('link', $link, false); - $msg = $tmpl->fetchPage(); - $l = \OC_L10N::get('core'); - $from = \OCP\Util::getDefaultEmailAddress('lostpassword-noreply'); - try { - $defaults = new \OC_Defaults(); - \OC_Mail::send($email, $_POST['user'], $l->t('%s password reset', array($defaults->getName())), $msg, $from, $defaults->getName()); - } catch (Exception $e) { - \OC_Template::printErrorPage( $l->t('A problem has occurred whilst sending the email, please contact your administrator.') ); - } - self::displayLostPasswordPage(false, true); - } else { - self::displayLostPasswordPage(true, false); - } - } else { - self::displayLostPasswordPage(true, false); + $tmpl = new \OC_Template('core/lostpassword', 'email'); + $tmpl->assign('link', $link, false); + $msg = $tmpl->fetchPage(); + $from = \OCP\Util::getDefaultEmailAddress('lostpassword-noreply'); + try { + $defaults = new \OC_Defaults(); + \OC_Mail::send($email, $user, $l->t('%s password reset', array($defaults->getName())), $msg, $from, $defaults->getName()); + } catch (\Exception $e) { + throw new \Exception( $l->t('Couldn’t send reset email. Please contact your administrator.')); } } diff --git a/core/lostpassword/encrypteddataexception.php b/core/lostpassword/encrypteddataexception.php new file mode 100644 index 0000000000..99d19445b6 --- /dev/null +++ b/core/lostpassword/encrypteddataexception.php @@ -0,0 +1,14 @@ +

-
+

diff --git a/core/routes.php b/core/routes.php index 5368fd4564..fbbbdee81f 100644 --- a/core/routes.php +++ b/core/routes.php @@ -70,18 +70,15 @@ $this->create('core_ajax_preview', '/core/preview') ->actionInclude('core/ajax/preview.php'); $this->create('core_ajax_preview', '/core/preview.png') ->actionInclude('core/ajax/preview.php'); -$this->create('core_lostpassword_index', '/lostpassword/') - ->get() - ->action('OC\Core\LostPassword\Controller', 'index'); -$this->create('core_lostpassword_send_email', '/lostpassword/') +$this->create('core_ajax_password_lost', '/core/ajax/password/lost') ->post() - ->action('OC\Core\LostPassword\Controller', 'sendEmail'); + ->action('OC\Core\Lostpassword\AjaxController', 'lost'); +$this->create('core_ajax_password_reset', '/core/ajax/password/reset/{token}/{user}') + ->post() + ->action('OC\Core\LostPassword\AjaxController', 'resetPassword'); $this->create('core_lostpassword_reset', '/lostpassword/reset/{token}/{user}') ->get() ->action('OC\Core\LostPassword\Controller', 'reset'); -$this->create('core_lostpassword_reset_password', '/lostpassword/reset/{token}/{user}') - ->post() - ->action('OC\Core\LostPassword\Controller', 'resetPassword'); // Avatar routes $this->create('core_avatar_get_tmp', '/avatar/tmp') diff --git a/core/templates/login.php b/core/templates/login.php index 6af3d76969..951ba3b4f6 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -46,8 +46,8 @@

- - t('Lost your password?')); ?> + + t('Forgot your password? Reset it!')); ?> @@ -74,4 +74,4 @@