204 lines
6.2 KiB
PHP
204 lines
6.2 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of the Dektrium project.
|
|
*
|
|
* (c) Dektrium project <http://github.com/dektrium/>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace dektrium\user\models;
|
|
|
|
use Da\User\Factory\TokenFactory;
|
|
use dektrium\user\helpers\Password;
|
|
use dektrium\user\Mailer;
|
|
use dektrium\user\Module;
|
|
use dektrium\user\traits\ModuleTrait;
|
|
use Yii;
|
|
use yii\base\Model;
|
|
|
|
/**
|
|
* SettingsForm gets user's username, email and password and changes them.
|
|
*
|
|
* @property User $user
|
|
*
|
|
* @author Dmitry Erofeev <dmeroff@gmail.com>
|
|
*/
|
|
class SettingsForm extends Model
|
|
{
|
|
use ModuleTrait;
|
|
|
|
/** @var string */
|
|
public $email;
|
|
|
|
/** @var string */
|
|
public $username;
|
|
|
|
/** @var string */
|
|
public $new_password;
|
|
|
|
/** @var string */
|
|
public $current_password;
|
|
|
|
/** @var Mailer */
|
|
protected $mailer;
|
|
|
|
/** @var User */
|
|
private $_user;
|
|
|
|
/** @return User */
|
|
public function getUser()
|
|
{
|
|
if ($this->_user == null) {
|
|
$this->_user = Yii::$app->user->identity;
|
|
}
|
|
|
|
return $this->_user;
|
|
}
|
|
|
|
/** @inheritdoc */
|
|
public function __construct(Mailer $mailer, $config = [])
|
|
{
|
|
$this->mailer = $mailer;
|
|
$this->setAttributes([
|
|
'username' => $this->user->username,
|
|
'email' => $this->user->unconfirmed_email ?: $this->user->email,
|
|
], false);
|
|
parent::__construct($config);
|
|
}
|
|
|
|
/** @inheritdoc */
|
|
public function rules()
|
|
{
|
|
return [
|
|
'usernameRequired' => ['username', 'required'],
|
|
'usernameTrim' => ['username', 'filter', 'filter' => 'trim'],
|
|
'usernameLength' => ['username', 'string', 'min' => 3, 'max' => 255],
|
|
'usernamePattern' => ['username', 'match', 'pattern' => '/^[-a-zA-Z0-9_\.@]+$/'],
|
|
'emailRequired' => ['email', 'required'],
|
|
'emailTrim' => ['email', 'filter', 'filter' => 'trim'],
|
|
'emailPattern' => ['email', 'email'],
|
|
'emailUsernameUnique' => [['email', 'username'], 'unique', 'when' => function ($model, $attribute) {
|
|
return $this->user->$attribute != $model->$attribute;
|
|
}, 'targetClass' => $this->module->modelMap['User']],
|
|
'newPasswordLength' => ['new_password', 'string', 'max' => 72, 'min' => 6],
|
|
'currentPasswordRequired' => ['current_password', 'required'],
|
|
'currentPasswordValidate' => ['current_password', function ($attr) {
|
|
if (!Password::validate($this->$attr, $this->user->password_hash)) {
|
|
$this->addError($attr, Yii::t('user', 'Current password is not valid'));
|
|
}
|
|
}],
|
|
];
|
|
}
|
|
|
|
/** @inheritdoc */
|
|
public function attributeLabels()
|
|
{
|
|
return [
|
|
'email' => Yii::t('user', 'Email'),
|
|
'username' => Yii::t('user', 'Username'),
|
|
'new_password' => Yii::t('user', 'New password'),
|
|
'current_password' => Yii::t('user', 'Current password'),
|
|
];
|
|
}
|
|
|
|
/** @inheritdoc */
|
|
public function formName()
|
|
{
|
|
return 'settings-form';
|
|
}
|
|
|
|
/**
|
|
* Saves new account settings.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function save()
|
|
{
|
|
if ($this->validate()) {
|
|
$this->user->scenario = 'settings';
|
|
$this->user->username = $this->username;
|
|
$this->user->password = $this->new_password;
|
|
if ($this->email == $this->user->email && $this->user->unconfirmed_email != null) {
|
|
$this->user->unconfirmed_email = null;
|
|
} elseif ($this->email != $this->user->email) {
|
|
switch ($this->module->emailChangeStrategy) {
|
|
case Module::STRATEGY_INSECURE:
|
|
$this->insecureEmailChange();
|
|
break;
|
|
case Module::STRATEGY_DEFAULT:
|
|
$this->defaultEmailChange();
|
|
break;
|
|
case Module::STRATEGY_SECURE:
|
|
$this->secureEmailChange();
|
|
break;
|
|
default:
|
|
throw new \OutOfBoundsException('Invalid email changing strategy');
|
|
}
|
|
}
|
|
|
|
return $this->user->save();
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Changes user's email address to given without any confirmation.
|
|
*/
|
|
protected function insecureEmailChange()
|
|
{
|
|
$this->user->email = $this->email;
|
|
Yii::$app->session->setFlash('success', Yii::t('user', 'Your email address has been changed'));
|
|
}
|
|
|
|
/**
|
|
* Sends a confirmation message to user's email address with link to confirm changing of email.
|
|
*/
|
|
protected function defaultEmailChange()
|
|
{
|
|
$this->user->unconfirmed_email = $this->email;
|
|
/** @var Token $token */
|
|
$token = TokenFactory::makeConfirmNewMailToken($this->user->id);
|
|
|
|
$this->mailer->sendReconfirmationMessage($this->user, $token);
|
|
Yii::$app->session->setFlash(
|
|
'info',
|
|
Yii::t('user', 'A confirmation message has been sent to your new email address')
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Sends a confirmation message to both old and new email addresses with link to confirm changing of email.
|
|
*
|
|
* @throws \yii\base\InvalidConfigException
|
|
*/
|
|
protected function secureEmailChange()
|
|
{
|
|
$this->defaultEmailChange();
|
|
/** @var Token $token */
|
|
$token = Yii::createObject([
|
|
'class' => Token::className(),
|
|
'user_id' => $this->user->id,
|
|
'type' => Token::TYPE_CONFIRM_OLD_EMAIL,
|
|
]);
|
|
$token->save(false);
|
|
$this->mailer->sendReconfirmationMessage($this->user, $token);
|
|
|
|
// unset flags if they exist
|
|
$this->user->flags &= ~User::NEW_EMAIL_CONFIRMED;
|
|
$this->user->flags &= ~User::OLD_EMAIL_CONFIRMED;
|
|
$this->user->save(false);
|
|
|
|
Yii::$app->session->setFlash(
|
|
'info',
|
|
Yii::t(
|
|
'user',
|
|
'We have sent confirmation links to both old and new email addresses. You must click both links to complete your request'
|
|
)
|
|
);
|
|
}
|
|
}
|