81 lines
2.0 KiB
PHP
81 lines
2.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
/**
|
|
* @copyright 2020 Ad Aures
|
|
* @license https://www.gnu.org/licenses/agpl-3.0.en.html AGPL3
|
|
* @link https://castopod.org/
|
|
*/
|
|
|
|
namespace Modules\Auth\Controllers;
|
|
|
|
use CodeIgniter\HTTP\RedirectResponse;
|
|
use CodeIgniter\Shield\Entities\User;
|
|
use Modules\Admin\Controllers\BaseController;
|
|
|
|
class MyAccountController extends BaseController
|
|
{
|
|
public function index(): string
|
|
{
|
|
return view('my_account/view');
|
|
}
|
|
|
|
public function changePassword(): string
|
|
{
|
|
helper('form');
|
|
|
|
return view('my_account/change_password');
|
|
}
|
|
|
|
public function attemptChange(): RedirectResponse
|
|
{
|
|
$rules = [
|
|
'password' => 'required',
|
|
'new_password' => 'required|strong_password|differs[password]',
|
|
];
|
|
|
|
if (! $this->validate($rules)) {
|
|
return redirect()
|
|
->back()
|
|
->withInput()
|
|
->with('errors', $this->validator->getErrors());
|
|
}
|
|
|
|
$validData = $this->validator->getValidated();
|
|
|
|
// check credentials with the old password if logged in without magic link
|
|
$credentials = [
|
|
'email' => auth()
|
|
->user()
|
|
->email,
|
|
'password' => $validData['password'],
|
|
];
|
|
|
|
$validCreds = auth()
|
|
->check($credentials);
|
|
|
|
if (! $validCreds->isOK()) {
|
|
return redirect()->back()
|
|
->with('error', lang('MyAccount.messages.wrongPasswordError'));
|
|
}
|
|
|
|
$user = auth()
|
|
->user();
|
|
|
|
if ($user instanceof User) {
|
|
// set new password to user
|
|
$user->password = $validData['new_password'];
|
|
|
|
$userModel = auth()
|
|
->getProvider();
|
|
$userModel->save($user);
|
|
}
|
|
|
|
// Success!
|
|
return redirect()
|
|
->back()
|
|
->with('message', lang('MyAccount.messages.passwordChangeSuccess'));
|
|
}
|
|
}
|