Page MenuHomePhabricator
Differential D20100 Diff 48007 src/applications/auth/controller/PhabricatorEmailLoginController.php

Changeset View

Standalone View

View Options

src/applications/auth/controller/PhabricatorEmailLoginController.php

<?php <?php
final class PhabricatorEmailLoginController final class PhabricatorEmailLoginController
extends PhabricatorAuthController { extends PhabricatorAuthController {
public function shouldRequireLogin() { public function shouldRequireLogin() {
return false; return false;
} }
public function handleRequest(AphrontRequest $request) { public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
if (!PhabricatorPasswordAuthProvider::getPasswordProvider()) {
return new Aphront400Response();
}
$e_email = true; $e_email = true;
$e_captcha = true; $e_captcha = true;
$errors = array(); $errors = array();
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business'); $v_email = $request->getStr('email');
if ($request->isFormPost()) { if ($request->isFormPost()) {
$e_email = null; $e_email = null;
$e_captcha = pht('Again'); $e_captcha = pht('Again');
$captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request); $captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request);
if (!$captcha_ok) { if (!$captcha_ok) {
$errors[] = pht('Captcha response is incorrect, try again.'); $errors[] = pht('Captcha response is incorrect, try again.');
$e_captcha = pht('Invalid'); $e_captcha = pht('Invalid');
} }
$email = $request->getStr('email'); if (!strlen($v_email)) {
if (!strlen($email)) {
$errors[] = pht('You must provide an email address.'); $errors[] = pht('You must provide an email address.');
$e_email = pht('Required'); $e_email = pht('Required');
} }
if (!$errors) { if (!$errors) {
// NOTE: Don't validate the email unless the captcha is good; this makes // NOTE: Don't validate the email unless the captcha is good; this makes
// it expensive to fish for valid email addresses while giving the user // it expensive to fish for valid email addresses while giving the user
// a better error if they goof their email. // a better error if they goof their email.
$target_email = id(new PhabricatorUserEmail())->loadOneWhere( $target_email = id(new PhabricatorUserEmail())->loadOneWhere(
'address = %s', 'address = %s',
$email); $v_email);
$target_user = null; $target_user = null;
if ($target_email) { if ($target_email) {
$target_user = id(new PhabricatorUser())->loadOneWhere( $target_user = id(new PhabricatorUser())->loadOneWhere(
'phid = %s', 'phid = %s',
$target_email->getUserPHID()); $target_email->getUserPHID());
} }
Show All 22 Lines if ($request->isFormPost()) {
'account has at least one verified address, you can only send '. 'account has at least one verified address, you can only send '.
'password reset links to one of the verified addresses. Try '. 'password reset links to one of the verified addresses. Try '.
'a verified address instead.'); 'a verified address instead.');
$e_email = pht('Unverified'); $e_email = pht('Unverified');
} }
} }
if (!$errors) { if (!$errors) {
$engine = new PhabricatorAuthSessionEngine(); $body = $this->newAccountLoginMailBody($target_user);
$uri = $engine->getOneTimeLoginURI(
$target_user,
null,
PhabricatorAuthSessionEngine::ONETIME_RESET);
if ($is_serious) {
$body = pht(
"You can use this link to reset your Phabricator password:".
"\n\n %s\n",
$uri);
} else {
$body = pht(
"Condolences on forgetting your password. You can use this ".
"link to reset it:\n\n".
" %s\n\n".
"After you set a new password, consider writing it down on a ".
"sticky note and attaching it to your monitor so you don't ".
"forget again! Choosing a very short, easy-to-remember password ".
"like \"cat\" or \"1234\" might also help.\n\n".
"Best Wishes,\nPhabricator\n",
$uri);
}
$mail = id(new PhabricatorMetaMTAMail()) $mail = id(new PhabricatorMetaMTAMail())
->setSubject(pht('[Phabricator] Password Reset')) ->setSubject(pht('[Phabricator] Account Login Link'))
->setForceDelivery(true) ->setForceDelivery(true)
->addRawTos(array($target_email->getAddress())) ->addRawTos(array($target_email->getAddress()))
->setBody($body) ->setBody($body)
->saveAndSend(); ->saveAndSend();
return $this->newDialog() return $this->newDialog()
->setTitle(pht('Check Your Email')) ->setTitle(pht('Check Your Email'))
->setShortTitle(pht('Email Sent')) ->setShortTitle(pht('Email Sent'))
->appendParagraph( ->appendParagraph(
pht('An email has been sent with a link you can use to log in.')) pht('An email has been sent with a link you can use to log in.'))
->addCancelButton('/', pht('Done')); ->addCancelButton('/', pht('Done'));
} }
} }
} }
$error_view = null; $form = id(new AphrontFormView())
if ($errors) { ->setViewer($viewer);
$error_view = new PHUIInfoView();
$error_view->setErrors($errors); if ($this->isPasswordAuthEnabled()) {
$form->appendRemarkupInstructions(
pht(
'To reset your password, provide your email address. An email '.
'with a login link will be sent to you.'));
} else {
$form->appendRemarkupInstructions(
pht(
'To access your account, provide your email address. An email '.
amckinleyUnsubmitted
Not Done
Inline Actions

"To access to"

amckinley: "To access to"
'with a login link will be sent to you.'));
} }
$email_auth = new PHUIFormLayoutView(); $form
$email_auth->appendChild($error_view); ->appendControl(
$email_auth
->setUser($request->getUser())
->setFullWidth(true)
->appendChild(
id(new AphrontFormTextControl()) id(new AphrontFormTextControl())
->setLabel(pht('Email')) ->setLabel(pht('Email Address'))
->setName('email') ->setName('email')
->setValue($request->getStr('email')) ->setValue($v_email)
->setError($e_email)) ->setError($e_email))
->appendChild( ->appendControl(
id(new AphrontFormRecaptchaControl()) id(new AphrontFormRecaptchaControl())
->setLabel(pht('Captcha')) ->setLabel(pht('Captcha'))
->setError($e_captcha)); ->setError($e_captcha));
$crumbs = $this->buildApplicationCrumbs(); if ($this->isPasswordAuthEnabled()) {
$crumbs->addTextCrumb(pht('Reset Password')); $title = pht('Password Reset');
$crumbs->setBorder(true); } else {
$title = pht('Email Login');
$dialog = new AphrontDialogView(); }
$dialog->setUser($request->getUser());
$dialog->setTitle(pht('Forgot Password / Email Login'));
$dialog->appendChild($email_auth);
$dialog->addSubmitButton(pht('Send Email'));
$dialog->setSubmitURI('/login/email/');
return $this->newPage()
->setTitle(pht('Forgot Password'))
->setCrumbs($crumbs)
->appendChild($dialog);
return $this->newDialog()
->setTitle($title)
->setErrors($errors)
->setWidth(AphrontDialogView::WIDTH_FORM)
->appendForm($form)
->addCancelButton('/auth/start/')
->addSubmitButton(pht('Send Email'));
} }
private function newAccountLoginMailBody(PhabricatorUser $user) {
$engine = new PhabricatorAuthSessionEngine();
$uri = $engine->getOneTimeLoginURI(
$user,
null,
PhabricatorAuthSessionEngine::ONETIME_RESET);
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
$have_passwords = $this->isPasswordAuthEnabled();
if ($have_passwords) {
if ($is_serious) {
$body = pht(
"You can use this link to reset your Phabricator password:".
"\n\n %s\n",
$uri);
} else {
$body = pht(
"Condolences on forgetting your password. You can use this ".
"link to reset it:\n\n".
" %s\n\n".
"After you set a new password, consider writing it down on a ".
"sticky note and attaching it to your monitor so you don't ".
"forget again! Choosing a very short, easy-to-remember password ".
"like \"cat\" or \"1234\" might also help.\n\n".
"Best Wishes,\nPhabricator\n",
$uri);
}
} else {
$body = pht(
"You can use this login link to regain access to your Phabricator ".
"account:".
"\n\n".
" %s\n",
$uri);
}
return $body;
}
private function isPasswordAuthEnabled() {
return (bool)PhabricatorPasswordAuthProvider::getPasswordProvider();
}
} }
Phabricator · Built by Phacility