Configuration du mot de passe

https://github.com/marienfressinaud/FreshRSS/issues/104

4 files changed, 25 insertions, 2 deletions

diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index 482e35c3e..8954c845d 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -14,8 +14,21 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 		if (Minz_Request::isPost()) {
 			$ok = true;
 
+			$passwordPlain = Minz_Request::param('passwordPlain', false);
+			if ($passwordPlain != '') {
+				Minz_Request::_param('passwordPlain');	//Discard plain-text password ASAP
+				$_POST['passwordPlain'] = '';
+				if (!function_exists('password_hash')) {
+					include_once(LIB_PATH . '/password_compat.php');
+				}
+				$passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT);	//A bit expensive, on purpose
+				$passwordPlain = '';
+				$this->view->conf->_passwordHash($passwordHash);
+			}
+
 			$mail = Minz_Request::param('mail_login', false);
 			$this->view->conf->_mail_login($mail);
+
 			$ok &= $this->view->conf->save();
 
 			$email = $this->view->conf->mail_login;
diff --git a/app/i18n/en.php b/app/i18n/en.php
index 89af15b17..3b9936e8e 100644
--- a/app/i18n/en.php
+++ b/app/i18n/en.php
@@ -161,7 +161,8 @@ return array (
 
 	'current_user'			=> 'Current user',
 	'default_user'			=> 'Username of the default user (maximum 16 alphanumeric characters)',
-	'persona_connection_email'	=> 'Login mail address (for <a href="https://persona.org/" rel="external">Mozilla Persona</a>)',
+	'password'			=>'Password<br /><small>(for the Web-form login method)</small>',
+	'persona_connection_email'	=> 'Login mail address<br /><small>(for <a href="https://persona.org/" rel="external">Mozilla Persona</a>)</small>',
 	'allow_anonymous'		=> 'Allow anonymous reading for the default user (%s)',
 	'auth_token'			=> 'Authentication token',
 	'explain_token'			=> 'Allows to access RSS output of the default user without authentication.<br /><kbd>%s?token=%s</kbd>',
diff --git a/app/i18n/fr.php b/app/i18n/fr.php
index d4c96c1db..7e71cbb6d 100644
--- a/app/i18n/fr.php
+++ b/app/i18n/fr.php
@@ -160,8 +160,9 @@ return array (
 	'think_to_add'			=> 'Pensez à en ajouter !',
 
 	'current_user'			=> 'Utilisateur actuel',
+	'password'			=>'Mot de passe<br /><small>(pour connexion par formulaire)</small>',
 	'default_user'			=> 'Nom de l’utilisateur par défaut (16 caractères alphanumériques maximum)',
-	'persona_connection_email'	=> 'Adresse courriel de connexion (pour <a href="https://persona.org/" rel="external">Mozilla Persona</a>)',
+	'persona_connection_email'	=> 'Adresse courriel de connexion<br /><small>(pour <a href="https://persona.org/" rel="external">Mozilla Persona</a>)</small>',
 	'allow_anonymous'		=> 'Autoriser la lecture anonyme pour l’utilisateur par défaut (%s)',
 	'auth_token'			=> 'Jeton d’identification',
 	'explain_token'			=> 'Permet d’accéder à la sortie RSS de l’utilisateur par défaut sans besoin de s’authentifier.<br /><kbd>%s?output=rss&token=%s</kbd>',
diff --git a/app/views/configure/users.phtml b/app/views/configure/users.phtml
index d40a3ad5b..68111bdbe 100644
--- a/app/views/configure/users.phtml
+++ b/app/views/configure/users.phtml
@@ -18,6 +18,14 @@
 		</div>
 
 		<div class="form-group">
+			<label class="group-name" for="passwordPlain"><?php echo Minz_Translate::t('password'); ?></label>
+			<div class="group-controls">
+				<input type="password" id="passwordPlain" name="passwordPlain" />
+				<noscript><b><?php echo Minz_Translate::t('javascript_should_be_activated'); ?></b></noscript>
+			</div>
+		</div>
+
+		<div class="form-group">
 			<label class="group-name" for="mail_login"><?php echo Minz_Translate::t('persona_connection_email'); ?></label>
 			<?php $mail = $this->conf->mail_login; ?>
 			<div class="group-controls">