Fixes account creation and password reset abilities.

This commit is contained in:
Dane Everitt 2017-04-28 00:07:38 -04:00
parent 3dc286b511
commit 1c37a8fe1a
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
4 changed files with 16 additions and 18 deletions

View file

@ -25,6 +25,8 @@
namespace Pterodactyl\Observers; namespace Pterodactyl\Observers;
use DB; use DB;
use Hash;
use Carbon;
use Pterodactyl\Events; use Pterodactyl\Events;
use Pterodactyl\Models\User; use Pterodactyl\Models\User;
use Pterodactyl\Notifications\AccountCreated; use Pterodactyl\Notifications\AccountCreated;
@ -52,12 +54,20 @@ class UserObserver
{ {
event(new Events\User\Created($user)); event(new Events\User\Created($user));
$token = DB::table('password_resets')->where('email', $user->email)->orderBy('created_at', 'desc')->first(); if ($user->password === 'unset') {
$user->notify((new AccountCreated([ $token = hash_hmac('sha256', str_random(40), config('app.key'));
DB::table('password_resets')->insert([
'email' => $user->email,
'token' => Hash::make($token),
'created_at' => Carbon::now()->toDateTimeString(),
]);
}
$user->notify(new AccountCreated([
'name' => $user->name_first, 'name' => $user->name_first,
'username' => $user->username, 'username' => $user->username,
'token' => (! is_null($token)) ? $token->token : null, 'token' => (isset($token)) ? $token : null,
]))); ]));
} }
/** /**

View file

@ -83,23 +83,12 @@ class UserRepository
'username' => $data['username'], 'username' => $data['username'],
'name_first' => $data['name_first'], 'name_first' => $data['name_first'],
'name_last' => $data['name_last'], 'name_last' => $data['name_last'],
'password' => Hash::make((empty($data['password'])) ? str_random(30) : $data['password']), 'password' => (empty($data['password'])) ? 'unset' : Hash::make($data['password']),
'root_admin' => $data['root_admin'], 'root_admin' => $data['root_admin'],
'language' => Settings::get('default_language', 'en'), 'language' => Settings::get('default_language', 'en'),
]); ]);
$user->save(); $user->save();
// Setup a Password Reset to use when they set a password.
// Only used if no password is provided.
if (empty($data['password'])) {
$token = str_random(32);
DB::table('password_resets')->insert([
'email' => $user->email,
'token' => $token,
'created_at' => Carbon::now()->toDateTimeString(),
]);
}
DB::commit(); DB::commit();
return $user; return $user;

View file

@ -93,7 +93,6 @@ return [
'passwords' => [ 'passwords' => [
'users' => [ 'users' => [
'provider' => 'users', 'provider' => 'users',
'email' => 'emails.password',
'table' => 'password_resets', 'table' => 'password_resets',
'expire' => 60, 'expire' => 60,
], ],

View file

@ -76,7 +76,7 @@
<div class="col-xs-12"> <div class="col-xs-12">
{!! csrf_field() !!} {!! csrf_field() !!}
<input type="hidden" name="token" value="{{ $token }}"> <input type="hidden" name="token" value="{{ $token }}">
<button type="submit" class="btn btn-primary btn-block btn-flat">@lang('auth.reset_password')</button> <button type="submit" class="btn btn-primary btn-block btn-flat g-recaptcha" @if(config('recaptcha.enabled')) data-sitekey="{{ config('recaptcha.website_key') }}" data-callback='onSubmit' @endif>@lang('auth.reset_password')</button>
</div> </div>
</div> </div>
</form> </form>