Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorEmailLoginController.php
<?php | <?php | ||||
final class PhabricatorEmailLoginController | final class PhabricatorEmailLoginController | ||||
extends PhabricatorAuthController { | extends PhabricatorAuthController { | ||||
public function shouldRequireLogin() { | public function shouldRequireLogin() { | ||||
return false; | return false; | ||||
} | } | ||||
public function handleRequest(AphrontRequest $request) { | public function handleRequest(AphrontRequest $request) { | ||||
$viewer = $this->getViewer(); | |||||
if (!PhabricatorPasswordAuthProvider::getPasswordProvider()) { | |||||
return new Aphront400Response(); | |||||
} | |||||
$e_email = true; | $e_email = true; | ||||
$e_captcha = true; | $e_captcha = true; | ||||
$errors = array(); | $errors = array(); | ||||
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business'); | $v_email = $request->getStr('email'); | ||||
if ($request->isFormPost()) { | if ($request->isFormPost()) { | ||||
$e_email = null; | $e_email = null; | ||||
$e_captcha = pht('Again'); | $e_captcha = pht('Again'); | ||||
$captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request); | $captcha_ok = AphrontFormRecaptchaControl::processCaptcha($request); | ||||
if (!$captcha_ok) { | if (!$captcha_ok) { | ||||
$errors[] = pht('Captcha response is incorrect, try again.'); | $errors[] = pht('Captcha response is incorrect, try again.'); | ||||
$e_captcha = pht('Invalid'); | $e_captcha = pht('Invalid'); | ||||
} | } | ||||
$email = $request->getStr('email'); | if (!strlen($v_email)) { | ||||
if (!strlen($email)) { | |||||
$errors[] = pht('You must provide an email address.'); | $errors[] = pht('You must provide an email address.'); | ||||
$e_email = pht('Required'); | $e_email = pht('Required'); | ||||
} | } | ||||
if (!$errors) { | if (!$errors) { | ||||
// NOTE: Don't validate the email unless the captcha is good; this makes | // NOTE: Don't validate the email unless the captcha is good; this makes | ||||
// it expensive to fish for valid email addresses while giving the user | // it expensive to fish for valid email addresses while giving the user | ||||
// a better error if they goof their email. | // a better error if they goof their email. | ||||
$target_email = id(new PhabricatorUserEmail())->loadOneWhere( | $target_email = id(new PhabricatorUserEmail())->loadOneWhere( | ||||
'address = %s', | 'address = %s', | ||||
$email); | $v_email); | ||||
$target_user = null; | $target_user = null; | ||||
if ($target_email) { | if ($target_email) { | ||||
$target_user = id(new PhabricatorUser())->loadOneWhere( | $target_user = id(new PhabricatorUser())->loadOneWhere( | ||||
'phid = %s', | 'phid = %s', | ||||
$target_email->getUserPHID()); | $target_email->getUserPHID()); | ||||
} | } | ||||
Show All 22 Lines | if ($request->isFormPost()) { | ||||
'account has at least one verified address, you can only send '. | 'account has at least one verified address, you can only send '. | ||||
'password reset links to one of the verified addresses. Try '. | 'password reset links to one of the verified addresses. Try '. | ||||
'a verified address instead.'); | 'a verified address instead.'); | ||||
$e_email = pht('Unverified'); | $e_email = pht('Unverified'); | ||||
} | } | ||||
} | } | ||||
if (!$errors) { | if (!$errors) { | ||||
$engine = new PhabricatorAuthSessionEngine(); | $body = $this->newAccountLoginMailBody($target_user); | ||||
$uri = $engine->getOneTimeLoginURI( | |||||
$target_user, | |||||
null, | |||||
PhabricatorAuthSessionEngine::ONETIME_RESET); | |||||
if ($is_serious) { | |||||
$body = pht( | |||||
"You can use this link to reset your Phabricator password:". | |||||
"\n\n %s\n", | |||||
$uri); | |||||
} else { | |||||
$body = pht( | |||||
"Condolences on forgetting your password. You can use this ". | |||||
"link to reset it:\n\n". | |||||
" %s\n\n". | |||||
"After you set a new password, consider writing it down on a ". | |||||
"sticky note and attaching it to your monitor so you don't ". | |||||
"forget again! Choosing a very short, easy-to-remember password ". | |||||
"like \"cat\" or \"1234\" might also help.\n\n". | |||||
"Best Wishes,\nPhabricator\n", | |||||
$uri); | |||||
} | |||||
$mail = id(new PhabricatorMetaMTAMail()) | $mail = id(new PhabricatorMetaMTAMail()) | ||||
->setSubject(pht('[Phabricator] Password Reset')) | ->setSubject(pht('[Phabricator] Account Login Link')) | ||||
->setForceDelivery(true) | ->setForceDelivery(true) | ||||
->addRawTos(array($target_email->getAddress())) | ->addRawTos(array($target_email->getAddress())) | ||||
->setBody($body) | ->setBody($body) | ||||
->saveAndSend(); | ->saveAndSend(); | ||||
return $this->newDialog() | return $this->newDialog() | ||||
->setTitle(pht('Check Your Email')) | ->setTitle(pht('Check Your Email')) | ||||
->setShortTitle(pht('Email Sent')) | ->setShortTitle(pht('Email Sent')) | ||||
->appendParagraph( | ->appendParagraph( | ||||
pht('An email has been sent with a link you can use to log in.')) | pht('An email has been sent with a link you can use to log in.')) | ||||
->addCancelButton('/', pht('Done')); | ->addCancelButton('/', pht('Done')); | ||||
} | } | ||||
} | } | ||||
} | } | ||||
$error_view = null; | $form = id(new AphrontFormView()) | ||||
if ($errors) { | ->setViewer($viewer); | ||||
$error_view = new PHUIInfoView(); | |||||
$error_view->setErrors($errors); | if ($this->isPasswordAuthEnabled()) { | ||||
$form->appendRemarkupInstructions( | |||||
pht( | |||||
'To reset your password, provide your email address. An email '. | |||||
'with a login link will be sent to you.')); | |||||
} else { | |||||
$form->appendRemarkupInstructions( | |||||
pht( | |||||
'To access your account, provide your email address. An email '. | |||||
amckinley: "To access to" | |||||
'with a login link will be sent to you.')); | |||||
} | } | ||||
$email_auth = new PHUIFormLayoutView(); | $form | ||||
$email_auth->appendChild($error_view); | ->appendControl( | ||||
$email_auth | |||||
->setUser($request->getUser()) | |||||
->setFullWidth(true) | |||||
->appendChild( | |||||
id(new AphrontFormTextControl()) | id(new AphrontFormTextControl()) | ||||
->setLabel(pht('Email')) | ->setLabel(pht('Email Address')) | ||||
->setName('email') | ->setName('email') | ||||
->setValue($request->getStr('email')) | ->setValue($v_email) | ||||
->setError($e_email)) | ->setError($e_email)) | ||||
->appendChild( | ->appendControl( | ||||
id(new AphrontFormRecaptchaControl()) | id(new AphrontFormRecaptchaControl()) | ||||
->setLabel(pht('Captcha')) | ->setLabel(pht('Captcha')) | ||||
->setError($e_captcha)); | ->setError($e_captcha)); | ||||
$crumbs = $this->buildApplicationCrumbs(); | if ($this->isPasswordAuthEnabled()) { | ||||
$crumbs->addTextCrumb(pht('Reset Password')); | $title = pht('Password Reset'); | ||||
$crumbs->setBorder(true); | } else { | ||||
$title = pht('Email Login'); | |||||
$dialog = new AphrontDialogView(); | } | ||||
$dialog->setUser($request->getUser()); | |||||
$dialog->setTitle(pht('Forgot Password / Email Login')); | |||||
$dialog->appendChild($email_auth); | |||||
$dialog->addSubmitButton(pht('Send Email')); | |||||
$dialog->setSubmitURI('/login/email/'); | |||||
return $this->newPage() | |||||
->setTitle(pht('Forgot Password')) | |||||
->setCrumbs($crumbs) | |||||
->appendChild($dialog); | |||||
return $this->newDialog() | |||||
->setTitle($title) | |||||
->setErrors($errors) | |||||
->setWidth(AphrontDialogView::WIDTH_FORM) | |||||
->appendForm($form) | |||||
->addCancelButton('/auth/start/') | |||||
->addSubmitButton(pht('Send Email')); | |||||
} | } | ||||
private function newAccountLoginMailBody(PhabricatorUser $user) { | |||||
$engine = new PhabricatorAuthSessionEngine(); | |||||
$uri = $engine->getOneTimeLoginURI( | |||||
$user, | |||||
null, | |||||
PhabricatorAuthSessionEngine::ONETIME_RESET); | |||||
$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business'); | |||||
$have_passwords = $this->isPasswordAuthEnabled(); | |||||
if ($have_passwords) { | |||||
if ($is_serious) { | |||||
$body = pht( | |||||
"You can use this link to reset your Phabricator password:". | |||||
"\n\n %s\n", | |||||
$uri); | |||||
} else { | |||||
$body = pht( | |||||
"Condolences on forgetting your password. You can use this ". | |||||
"link to reset it:\n\n". | |||||
" %s\n\n". | |||||
"After you set a new password, consider writing it down on a ". | |||||
"sticky note and attaching it to your monitor so you don't ". | |||||
"forget again! Choosing a very short, easy-to-remember password ". | |||||
"like \"cat\" or \"1234\" might also help.\n\n". | |||||
"Best Wishes,\nPhabricator\n", | |||||
$uri); | |||||
} | |||||
} else { | |||||
$body = pht( | |||||
"You can use this login link to regain access to your Phabricator ". | |||||
"account:". | |||||
"\n\n". | |||||
" %s\n", | |||||
$uri); | |||||
} | |||||
return $body; | |||||
} | |||||
private function isPasswordAuthEnabled() { | |||||
return (bool)PhabricatorPasswordAuthProvider::getPasswordProvider(); | |||||
} | |||||
} | } |
"To access to"