Added reset password functionality, and added a random password generator function

This commit is contained in:
mwalbeck 2016-11-01 16:38:38 +01:00
parent 4fc0d5c793
commit c91765e828
8 changed files with 76 additions and 9 deletions

View file

@ -88,6 +88,20 @@ class AdministrativeUserController extends Controller
return redirect("/" . Auth::user()->getAdminPath() . "/users/group/$user->group_id");
}
/**
*
* Function for reset a users password
*
*/
public function resetUserPassword(User $user, Request $request)
{
$this->authorize('resetPassword', $user);
$user->resetPassword();
$request->session()->flash('status', 'The password was successfully reset!');
return redirect("/" . Auth::user()->getAdminPath() . "/users/$user->id");
}
public function deleteUser(User $user, Request $request)
{
$this->authorize('delete', $user);

View file

@ -43,6 +43,14 @@ class UserPolicy
return false;
}
public function resetPassword(User $user, User $user2)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $user2->group_id AND !$user2->isAdministrator())) {
return true;
}
return false;
}
public function delete(User $user, User $user2)
{
if ($user->isAdministrator() || ($user->isModerator() AND $user->group_id === $user2->group_id AND !$user2->isAdministrator()) || $user === $user2) {

View file

@ -47,7 +47,7 @@ class User extends Authenticatable
public function passwordHash($password)
{
$this->password = password_hash($password, PASSWORD_DEFAULT);
return password_hash($password, PASSWORD_DEFAULT);
}
public function passwordVerify($password)
@ -55,6 +55,26 @@ class User extends Authenticatable
return password_verify($password, $this->password);
}
public function generatePassword(Int $length)
{
$chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWZYZabcdefghijklmnopqrstuvwxyz";
$password = "";
$char_max = strlen($chars) - 1;
for ($i = 0; $i < $length; ++$i) {
$password .= $chars[random_int(0, $char_max)];
}
return $password;
}
public function resetPassword()
{
$this->password = $this->passwordHash($this->generatePassword(10));
$this->update();
return true;
}
public function isModerator()
{
if ($this->access_level === 2) {
@ -80,7 +100,7 @@ class User extends Authenticatable
{
$this->name = $request["name"];
$this->email = trim($request["email"]);
$this->passwordHash($request["password"]);
$this->password = $this->passwordHash($request["password"]);
$this->enabled = $request["enabled"];
$this->access_level = $request["access_level"];
@ -108,7 +128,7 @@ class User extends Authenticatable
$this->enabled = $request["enabled"];
if ($request["password"]) {
$this->passwordHash($request["password"]);
$this->password = $this->passwordHash($request["password"]);
}
if (Auth::user()->isAdministrator()) {
@ -143,7 +163,7 @@ class User extends Authenticatable
public function updatePassword($password)
{
$this->passwordHash($password);
$this->password = $this->passwordHash($password);
$this->update();
}

View file

@ -23,9 +23,15 @@ $('.delete-modal').on('show.bs.modal', function (event) {
var button = $(event.relatedTarget); // Button that triggered the modal
var delete_url = button.data('url'); // Extract info from data-* attributes
var delete_id = button.data('id'); // Extract info from data-* attributes
// If necessary, you could initiate an AJAX request here (and then do the updating in a callback).
// Update the modal's content. We'll use jQuery here, but you could use a data binding library or other methods instead.
var modal = $(this);
var admin_path = modal.find('#modal-button-delete').attr("formaction");
modal.find('#modal-button-delete').attr("formaction", admin_path + delete_url + "/" + delete_id + "/delete");
})
$('.reset-password-modal').on('show.bs.modal', function (event) {
var button = $(event.relatedTarget); // Button that triggered the modal
var reset_password_id = button.data('id'); // Extract info from data-* attributes
var modal = $(this);
var admin_path = modal.find('#modal-button-reset-password').attr("formaction");
modal.find('#modal-button-reset-password').attr("formaction", admin_path + "users/" + reset_password_id + "/reset-password");
})

View file

@ -6,9 +6,7 @@
<h4 class="modal-title" id="myModalLabel">Are You Sure!</h4>
</div>
<div class="modal-body">
<form method="POST" class="">
{{ csrf_field() }}
{{ method_field('DELETE') }}
<form method="GET">
<button id="modal-button-delete" class="btn btn-danger" formaction="/{{ Auth::user()->getAdminPath() }}/">Yes</button>
<button type="button" class="btn btn-default" data-dismiss="modal">No</button>
</form>

View file

@ -0,0 +1,16 @@
<div class="modal fade reset-password-modal" tabindex="-1" role="dialog" aria-labelledby="reset-password-modal">
<div class="modal-dialog modal-sm" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title" id="myModalLabel">Are You Sure!</h4>
</div>
<div class="modal-body">
<form method="GET">
<button id="modal-button-reset-password" class="btn btn-danger" formaction="/{{ Auth::user()->getAdminPath() }}/">Yes</button>
<button type="button" class="btn btn-default" data-dismiss="modal">No</button>
</form>
</div>
</div>
</div>
</div>

View file

@ -4,6 +4,8 @@
@include('shared.delete-modal')
@include('shared.reset-password-modal')
<div class="container-fluid">
<div class="row">
<div class="col-md-6 col-md-offset-3">
@ -17,6 +19,7 @@
<form method="get">
<button type="button" class="btn btn-sm btn-danger pull-right" data-toggle="modal" data-target=".delete-modal" data-url="users" data-id="{{ $user->id }}">Delete</button>
<button class="btn btn-sm btn-default pull-right" formaction="/{{ Auth::user()->getAdminPath() }}/users/{{ $user->id }}/edit">Edit</button>
<button type="button" class="btn btn-sm btn-default pull-right" data-toggle="modal" data-target=".reset-password-modal" data-id="{{ $user->id }}">Reset Password</button>
</form>
@endif
<strong>Name:</strong><br>

View file

@ -67,6 +67,7 @@ Route::group(['prefix' => 'mod', 'middleware' => 'is.mod'], function () {
Route::get('/users/{user}', 'AdministrativeUserController@showUser');
Route::get('/users/{user}/edit', 'AdministrativeUserController@editUser');
Route::post('/users/{user}/edit', 'AdministrativeUserController@updateUser');
Route::get('/users/{user}/reset-password', 'AdministrativeUserController@resetUserPassword');
Route::delete('/users/{user}/delete', 'AdministrativeUserController@deleteUser');
Route::get('/groups/{group}', 'GroupController@showGroup');
@ -103,6 +104,7 @@ Route::group(['prefix' => 'admin', 'middleware' => 'is.admin'], function () {
Route::get('/users/{user}', 'AdministrativeUserController@showUser');
Route::get('/users/{user}/edit', 'AdministrativeUserController@editUser');
Route::post('/users/{user}/edit', 'AdministrativeUserController@updateUser');
Route::get('/users/{user}/reset-password', 'AdministrativeUserController@resetUserPassword');
Route::delete('/users/{user}/delete', 'AdministrativeUserController@deleteUser');
Route::get('/groups', 'GroupController@showGroups');