diff options
| author |  Marien Fressinaud <dev@marienfressinaud.fr>
| 2014-09-18 14:18:00 +0200 |
|---|---|---|
| committer | Marien Fressinaud <dev@marienfressinaud.fr>
| 2014-09-18 14:18:00 +0200 |
| commit | 23609ad858552c54fc3fe8d9f8e2f7d966fd28a1 (patch) | |
| tree | 06b4ad452619571122a7547f22af1c67d79dcb08 | |
| parent | 5c752f71e9bd07d2e8f9ffd4b246cf4216c7a85f (diff) | |
Add page for reset auth type [NOT WORKING]
See https://github.com/marienfressinaud/FreshRSS/issues/521
| -rwxr-xr-x | app/Controllers/indexController.php | 77 | ||||
| -rw-r--r-- | app/views/index/resetAuth.phtml | 33 |
2 files changed, 110 insertions, 0 deletions
diff --git a/app/Controllers/indexController.php b/app/Controllers/indexController.php index 1d74a570b..fccf16ecf 100755 --- a/app/Controllers/indexController.php +++ b/app/Controllers/indexController.php @@ -420,4 +420,81 @@ class FreshRSS_index_Controller extends Minz_ActionController { self::deleteLongTermCookie(); Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } + + public function resetAuthAction() { + Minz_View::prependTitle(_t('reset_auth') . ' ยท '); + + $this->view->no_form = false; + // Enable changement of auth only if Persona! + if (Minz_Configuration::authType() != 'persona') { + $this->view->message = array( + 'status' => 'bad', + 'title' => _t('damn'), + 'body' => _t('auth_not_persona') + ); + $this->view->no_form = true; + return; + } + + $conf = new FreshRSS_Configuration(Minz_Configuration::defaultUser()); + // Admin user must have set its master password. + if (!$conf->passwordHash) { + $this->view->message = array( + 'status' => 'bad', + 'title' => _t('damn'), + 'body' => _t('auth_no_password_set') + ); + $this->view->no_form = true; + return; + } + + if (Minz_Request::isPost()) { + $nonce = Minz_Session::param('nonce'); + $username = Minz_Request::param('username', ''); + $c = Minz_Request::param('challenge', ''); + if (!(ctype_alnum($username) && ctype_graph($c) && ctype_alnum($nonce))) { + Minz_Log::debug('Invalid credential parameters:' . + ' user=' . $username . + ' challenge=' . $c . + ' nonce=' . $nonce); + Minz_Session::_param('notification', array( + 'type' => 'bad', + 'content' => Minz_Translate::t('invalid_login') + )); + return; + } + + if (!function_exists('password_verify')) { + include_once(LIB_PATH . '/password_compat.php'); + } + + try { + $s = $conf->passwordHash; + $ok = password_verify($nonce . $s, $c); + if (!$ok) { + Minz_Log::debug('Password mismatch for user ' . $username . + ', nonce=' . $nonce . ', c=' . $c); + Minz_Session::_param('notification', array( + 'type' => 'bad', + 'content' => Minz_Translate::t('invalid_login') + )); + return; + } + + Minz_Configuration::_authType('form'); + $ok = Minz_Configuration::writeFile(); + + if ($ok) { + Minz_Request::good(_t('auth_form_set')); + } else { + Minz_Session::_param('notification', array( + 'type' => 'bad', + 'content' => _t('auth_form_not_set') + )); + } + } catch (Minz_Exception $e) { + Minz_Log::warning('Login failure: ' . $e->getMessage()); + } + } + } } diff --git a/app/views/index/resetAuth.phtml b/app/views/index/resetAuth.phtml new file mode 100644 index 000000000..7f3b54bdb --- /dev/null +++ b/app/views/index/resetAuth.phtml @@ -0,0 +1,33 @@ +<div class="post content"> + <h1><?php echo _t('reset_auth'); ?></h1> + + <?php if (!empty($this->message)) { ?> + <p class="alert <?php echo $this->message['status'] === 'bad' ? 'alert-error' : 'alert-warn'; ?>"> + <span class="alert-head"><?php echo $this->message['title']; ?></span> + <?php echo $this->message['body']; ?> + </p> + <?php } ?> + + <?php if (!$this->no_form) { ?> + <form id="loginForm" method="post" action="<?php echo _url('index', 'resetAuth'); ?>"> + <p class="alert alert-warn"> + <span class="alert-head"><?php echo _t('attention'); ?></span> + <?php echo _t('auth_will_reset'); ?> + </p> + + <div> + <label for="username"><?php echo _t('username'); ?></label> + <input type="text" id="username" name="username" size="16" required="required" maxlength="16" pattern="[0-9a-zA-Z]{1,16}" autofocus="autofocus" /> + </div> + <div> + <label for="passwordPlain"><?php echo _t('password'); ?></label> + <input type="password" id="passwordPlain" required="required" /> + <input type="hidden" id="challenge" name="challenge" /><br /> + <noscript><strong><?php echo _t('javascript_should_be_activated'); ?></strong></noscript> + </div> + <div> + <button id="loginButton" type="submit" class="btn btn-important"><?php echo _t('reset'); ?></button> + </div> + </form> + <?php } ?> +</div> |