@ B Fixed rescue/reset password flow

- Users can now successfully get a reset link via email to change password in the event they forgot the old one
CosmoQuestX · Mar 17, 2024 · fbae46b · fbae46b
1 parent 46b881a
commit fbae46b
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 20 deletions.
diff --git a/csb/csb-accounts/auth-login-functions.php b/csb/csb-accounts/auth-login-functions.php
@@ -232,23 +232,31 @@ function rescueUser ($db, $using, $value) {
 
     $msg['subject'] = $SITE_NAME." Password Reset";
 
-    $msg['body'] =  "Hello,
+    $msg['body'] =  "Hello,<br><br>".
+        "Someone has requested a password reset for your account.<br><br>".
+        "If you made this request and would like to reset your password, please go to <a href='$rescue_link'>this</a> link ($rescue_link).<br><br>".
+        "If you did not make this request, you may want to change your password by logging in with your current ".
+        "username and password, and going to <a href='".$ACC_URL."profile.php'>My Profile</a>.<br><br>".
+        "Sincerely,<br>".
+        $SITE_NAME;
+
+    $msg['alt-body'] = "Hello,
 
     Someone has requested a password reset for your account.
 
-    If you made this request and would like to reset your password, please go to this link: ".$rescue_link."
+    If you made this request and would like to reset your password, please go to this link: $rescue_link
 
-    If you did not make this request, you may want to change your password by logging in with your username and password and INSTRUCTIONS_TO_CHANGE_MANUALLY.
+    If you did not make this request, you may want to change your password by logging in with your ".
+        "username and password, and going to My Profile (".$ACC_URL."profile.php).
 
     Sincerely,
-
-    ".$SITE_NAME;
+    $SITE_NAME";
 
 
-    $email->sendMail($to, $msg);
+    $result = $email->sendMail($to, $msg);
 
-    if (PEAR::isError($mail)) {
-        error_log($mail->getMessage() . "/n");
+    if (!$result['result']) {
+        error_log($result['message'] . "/n");
         die("email settings aren't working. Contact the system administrator.");
     }
 

diff --git a/csb/csb-accounts/auth-login.php b/csb/csb-accounts/auth-login.php
@@ -99,17 +99,24 @@
             rescueUser($db, "email", $email);
         } else {
             $_SESSION['errMsg'] = "No username or email matched: $name";
-            header("Location: " . $ACC_URL."/rescue.php");
+            header("Location: " . $ACC_URL."/rescue.php"); // FIXME : This might be a double slash (/)
             exit();
         }
     } elseif ($_POST['go'] == 'passwordReset') {
-        die('Not Available'); // FIXME : See Trello for more info
-        $hashed = password_hash($_POST['password'], PASSWORD_DEFAULT);
+        $userEmail = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
+        $query  = "SELECT * from password_resets WHERE email='". $userEmail ."' ORDER BY created_at DESC LIMIT 1";
+        $result = $db->runQuery($query)[0];
 
-        $query = "UPDATE users SET password ='".$hashed."'  WHERE email = '".$_POST['email']."'";
-        $db->runQuery($query);
-        header("Location: " . $ACC_URL."/rescue.php?go=success");
-        exit();
+        if (password_verify($_POST['token'], $result['token'])) { // Does the token provided match the one in the database?
+            $hashed = password_hash($_POST['password'], PASSWORD_DEFAULT);
+
+            $query = "UPDATE users SET password ='" . $hashed . "'  WHERE email = '" . $userEmail . "'";
+            $db->runQuery($query);
+            header("Location: " . $ACC_URL . "/rescue.php?go=success");
+            exit();
+        } else {
+            die("You don't belong here. Run away. Run away from the error.");
+        }
     } else { // Javascript checks should prevent this from happening
         die("You don't belong here. Run away. Run away from the error.");
     }

diff --git a/csb/csb-content/templates/rescue-template.php b/csb/csb-content/templates/rescue-template.php
@@ -30,31 +30,43 @@
         $query  = "SELECT * from password_resets WHERE email='". $_GET['go'] ."' ORDER BY created_at DESC LIMIT 1";
         $result = $db->runQuery($query)[0];
         if(password_verify($_GET['token'], $result['token'])) {
+            $userEmail = filter_input(INPUT_GET, 'go', FILTER_SANITIZE_EMAIL);
+            $userId = $db->getUserIdByEmail($userEmail);
+            $user = $db->getUser(filter_var($userId, FILTER_SANITIZE_NUMBER_INT));
             ?>
             <h1>Please enter your password</h1>
             <form action="<?php echo($ACC_URL."auth-login.php"); ?>" method="post">
                 <input type="hidden" name="go" value="passwordReset">
                 <input type="hidden" name="email" value="<?php echo $_GET['go']; ?>">
+                <input type="hidden" name="token" value="<?php echo $_GET['token'] ?>">
+
                 <div class="error-msg"><?php if (isset($_SESSION['errMsg'])) {
                         echo "<span style=\"color: red;\">" . $_SESSION['errMsg'] . "</span>";
                         unset($_SESSION['errMsg']);
                     } ?>
                 </div>
 
+                <div class="clear"></div>
+                <div class="form-input-row">
+                    <div class="form-input-left"><label for="username">Username</label></div>
+                    <div class="form-input-right"><input type="text" id="username" name="username"
+                                                         value="<?php echo $user['name'] ?>"
+                                                         class="form-control" disabled></div>
+                </div>
                 <div class="clear"></div>
                 <div class="form-input-row">
                     <div class="form-input-left"><label for="password">Enter Password</label></div>
-                    <div class="form-input-right"><input name="password" type="password"></div>
+                    <div class="form-input-right"><input name="password" type="password" class="form-control"></div>
                 </div>
                 <div class="clear"></div>
                 <div class="form-input-row">
                     <div class="form-input-left"><label for="confirm">Confirm Password</label></div>
-                    <div class="form-input-right"><input name="confirm" type="password"></div>
+                    <div class="form-input-right"><input name="confirm" type="password" class="form-control"></div>
                 </div>
                 <div class="clear"></div>
                 <div class="field-submit">
                     <input type="submit" name="rescue" value="Rescue me!"
-                           class="form-submit-button">
+                           class="form-submit-button btn btn-cq mt-4 right">
                 </div>
             </form>
             <?php
@@ -100,13 +112,13 @@ class="form-submit-button">
 
             <div class="form-input-row">
                 <div class="form-input-left"><label for="name">Username or Email</label></div>
-                <div class="form-input-right"><input name="nameORemail" type="text"></div>
+                <div class="form-input-right"><input name="nameORemail" type="text" class="form-control"></div>
             </div>
 
             <div class="clear"></div>
             <div class="field-submit">
                 <input type="submit" name="rescue" value="Reset Password"
-                       class="form-submit-button">
+                       class="form-submit-button btn btn-cq mt-4 right">
             </div>
         </form>
     </div>