open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

allow using of disabled password reset mechanism for special cases

Browse Source 
- LostController has three endpoints
- door opener email() still rejects
- resetform(), reachable from mail, checks the token first and may report
  that password reset is disabled
- setPassword() got its check removed as it is behind CSFR anyway and still
  requires a valid token
- this allows special cases like activating a freshly created guest account

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
pull/28794/head
Arthur Schiwon 5 years ago
parent 99a1468033
commit a843d3c5db
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
1 changed files with 15 additions and 17 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 32
      core/Controller/LostController.php

32
core/Controller/LostController.php
Unescape View File

@ -134,22 +134,24 @@ class LostController extends Controller {
* @return TemplateResponse
*/
public function resetform($token, $userId) {
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
return new TemplateResponse('core', 'error', [
'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
],
'guest'
);
}
try {
$this->checkPasswordResetToken($token, $userId);
} catch (\Exception $e) {
return new TemplateResponse(
'core', 'error', [
"errors" => [["error" => $e->getMessage()]]
],
'guest'
if ($this->config->getSystemValue('lost_password_link', '') !== 'disabled'
|| ($e instanceof InvalidTokenException
&& !in_array($e->getCode(), [InvalidTokenException::TOKEN_NOT_FOUND, InvalidTokenException::USER_UNKNOWN]))
) {
return new TemplateResponse(
'core', 'error', [
"errors" => [["error" => $e->getMessage()]]
],
TemplateResponse::RENDER_AS_GUEST
);
}
return new TemplateResponse('core', 'error', [
'errors' => [['error' => $this->l10n->t('Password reset is disabled')]]
],
TemplateResponse::RENDER_AS_GUEST
);
}
$this->initialStateService->provideInitialState('core', 'resetPasswordUser', $userId);
@ -241,10 +243,6 @@ class LostController extends Controller {
* @return array
*/
public function setPassword($token, $userId, $password, $proceed) {
if ($this->config->getSystemValue('lost_password_link', '') !== '') {
return $this->error($this->l10n->t('Password reset is disabled'));
}
if ($this->encryptionManager->isEnabled() && !$proceed) {
$encryptionModules = $this->encryptionManager->getEncryptionModules();
foreach ($encryptionModules as $module) {

Write Preview
Loading…
Cancel
Save