reset by token

orvice · Jan 17, 2016 · e08a733 · e08a733
1 parent b2ee12d
commit e08a733
Show file tree

Hide file tree

Showing 6 changed files with 172 additions and 16 deletions.
diff --git a/app/Controllers/PasswordController.php b/app/Controllers/PasswordController.php
@@ -3,7 +3,10 @@
 namespace App\Controllers;
 
 use App\Models\User;
+use App\Models\PasswordReset;
 use App\Services\Password;
+use App\Utils\Hash;
+
 /***
  * Class Password
  * @package App\Controllers
@@ -16,7 +19,7 @@ public function reset(){
         return $this->view()->display('password/reset.tpl');
     }
 
-    public function handleReset($request, $response, $next){
+    public function handleReset($request, $response, $args){
         $email =  $request->getParam('email');
         // check limit
 
@@ -33,7 +36,39 @@ public function handleReset($request, $response, $next){
         return $response->getBody()->write(json_encode($rs));
     }
 
-    public function handleToken($request, $response, $next){
-
+    public function token($request, $response, $args){
+        $token = $args['token'];
+        return $this->view()->assign('token',$token)->display('password/token.tpl');
+    }
+
+    public function handleToken($request, $response, $args){
+        $tokenStr = $args['token'];
+        $password =  $request->getParam('password');
+        // check token
+        $token = PasswordReset::where('token',$tokenStr)->first();
+        if ($token == null || $token->expire_time < time() ){
+            $rs['ret'] = 0;
+            $rs['msg'] = '链接已经失效,请重新获取';
+            return $response->getBody()->write(json_encode($rs));
+        }
+
+        $user = User::where('email',$token->email)->first();
+        if ($user == null){
+            $rs['ret'] = 0;
+            $rs['msg'] = '链接已经失效,请重新获取';
+            return $response->getBody()->write(json_encode($rs));
+        }
+
+        // reset password
+        $hashPassword = Hash::passwordHash($password);
+        $user->pass = $hashPassword;
+        if(!$user->save()){
+            $rs['ret'] = 0;
+            $rs['msg'] = '重置失败,请重试';
+            return $response->getBody()->write(json_encode($rs));
+        }
+        $rs['ret'] = 1;
+        $rs['msg'] = '重置成功';
+        return $response->getBody()->write(json_encode($rs));
     }
 }
diff --git a/app/Models/Password.php b/app/Models/Password.php
diff --git a/app/Models/PasswordReset.php b/app/Models/PasswordReset.php
@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Models;
+
+
+class PasswordReset extends Model
+{
+    protected $table = 'ss_password_reset';
+}
diff --git a/app/Services/Password.php b/app/Services/Password.php
@@ -3,18 +3,33 @@
 
 namespace App\Services;
 
+use App\Models\PasswordReset;
+use App\Utils\Tools;
 /***
  * Class Password
  * @package App\Services
  */
 
 class Password
 {
+    /**
+     * @param $email string
+     * @return bool
+     */
     public static function sendResetEmail($email){
-
+        $pwdRst = new PasswordReset();
+        $pwdRst->email = $email;
+        $pwdRst->init_time = time();
+        $pwdRst->expire_time = time() + 3600*24; // @todo
+        $pwdRst->token = Tools::genRandomChar(64);
+        if(!$pwdRst->save()){
+            return false;
+        }
+
+        return true;
     }
 
-    public static function resetByToken($token,$password){
+    public static function resetBy($token,$password){
 
     }
 

diff --git a/config/routes.php b/config/routes.php
@@ -61,8 +61,8 @@
 $app->group('/password', function () {
     $this->get('/reset', 'App\Controllers\PasswordController:reset');
     $this->post('/reset', 'App\Controllers\PasswordController:handleReset');
-    $this->get('/token', 'App\Controllers\PasswordController:token');
-    $this->post('/token', 'App\Controllers\PasswordController:handleToken');
+    $this->get('/token/{token}', 'App\Controllers\PasswordController:token');
+    $this->post('/token/{token}', 'App\Controllers\PasswordController:handleToken');
 })->add(new Guest());
 
 // Admin

diff --git a/views/default/password/token.tpl b/views/default/password/token.tpl
@@ -0,0 +1,106 @@
+{include file='auth/header.tpl'}
+<body class="login-page">
+<div class="login-box">
+    <div class="login-logo">
+        <a href="#"><b>{$config['appName']}</b></a>
+    </div><!-- /.login-logo -->
+    <div class="login-box-body">
+        <p class="login-box-msg">重置密码</p>
+
+        <form>
+            <div class="form-group has-feedback">
+                <input type="password" id="password" class="form-control" placeholder="在这里输入新密码"/>
+                <span class="glyphicon glyphicon-lock form-control-feedback"></span>
+            </div>
+
+
+        </form>
+        <div class="row">
+
+            <div class="col-xs-4">
+                <button id="reset" type="submit" class="btn btn-primary btn-block btn-flat">重置密码</button>
+            </div><!-- /.col -->
+        </div>
+        <div id="msg-success" class="alert alert-info alert-dismissable" style="display: none;">
+            <button type="button" class="close" id="ok-close" aria-hidden="true">&times;</button>
+            <h4><i class="icon fa fa-info"></i> 成功!</h4>
+            <p id="msg-success-p"></p>
+        </div>
+        <div id="msg-error" class="alert alert-warning alert-dismissable" style="display: none;">
+            <button type="button" class="close" id="error-close" aria-hidden="true">&times;</button>
+            <h4><i class="icon fa fa-warning"></i> 出错了!</h4>
+            <p id="msg-error-p"></p>
+        </div>
+        <a href="/auth/login">注册</a><br>
+        <a href="/auth/register" class="text-center">注册个帐号</a>
+
+    </div><!-- /.login-box-body -->
+</div><!-- /.login-box -->
+
+<!-- jQuery 2.1.3 -->
+<script src="/assets/public/js/jquery.min.js"></script>
+<!-- Bootstrap 3.3.2 JS -->
+<script src="/assets/public/js/bootstrap.min.js" type="text/javascript"></script>
+<!-- iCheck -->
+<script src="/assets/public/js/icheck.min.js" type="text/javascript"></script>
+<script>
+    $(function () {
+        $('input').iCheck({
+            checkboxClass: 'icheckbox_square-blue',
+            radioClass: 'iradio_square-blue',
+            increaseArea: '20%' // optional
+        });
+    });
+    // $("#msg-error").hide(100);
+    // $("#msg-success").hide(100);
+</script>
+<script>
+    $(document).ready(function(){
+        function reset(){
+            $.ajax({
+                type:"POST",
+                url:"/password/token/{$token}",
+                dataType:"json",
+                data:{
+                    password: $("#password").val(),
+                    repasswd: $("#repasswd").val(),
+                },
+                success:function(data){
+                    if(data.ret){
+                        $("#msg-error").hide(100);
+                        $("#msg-success").show(100);
+                        $("#msg-success-p").html(data.msg);
+                        window.setTimeout("location.href='/auth/login'", 2000);
+                    }else{
+                        $("#msg-error").hide(10);
+                        $("#msg-error").show(100);
+                        $("#msg-error-p").html(data.msg);
+                    }
+                },
+                error:function(jqXHR){
+                    $("#msg-error").hide(10);
+                    $("#msg-error").show(100);
+                    $("#msg-error-p").html("发生错误："+jqXHR.status);
+                    // 在控制台输出错误信息
+                    console.log(removeHTMLTag(jqXHR.responseText));
+                }
+            });
+        }
+        $("html").keydown(function(event){
+            if(event.keyCode==13){
+                reset();
+            }
+        });
+        $("#reset").click(function(){
+            reset();
+        });
+        $("#ok-close").click(function(){
+            $("#msg-success").hide(100);
+        });
+        $("#error-close").click(function(){
+            $("#msg-error").hide(100);
+        });
+    })
+</script>
+</body>
+</html>