Merge pull request #29 from justcoded/develop

Register form, Password reset feature, Admin user role edit

CHANGELOG.md

@@ -7,6 +7,9 @@ v0.9
 ---------------------
 * Upgrade app folder structure: moved controllers from web to root, moved commands to console, 
 * Moved migration component/views custom configuration to a separate module.
+* Admin panel: Added user "Roles" fields to edit form.
+* Issue #13: Registration is absent
+* Issue #14: Reset password
 
 v0.8.6
 ---------------------

app/controllers/AuthController.php

@@ -4,10 +4,13 @@
 
 use Yii;
 use yii\filters\AccessControl;
+use yii\web\NotFoundHttpException;
 use yii\web\Response;
 use yii\filters\VerbFilter;
 use app\forms\LoginForm;
-use app\forms\ContactForm;
+use app\forms\PasswordRequestForm;
+use app\forms\PasswordUpdateForm;
+use app\models\User;
 
 class AuthController extends Controller
 {
@@ -44,7 +47,7 @@ public function behaviors()
 	 */
 	public function actionLogin()
 	{
-		if ( ! Yii::$app->user->isGuest) {
+		if (! Yii::$app->user->isGuest) {
 			return $this->goHome();
 		}
 
@@ -71,4 +74,87 @@ public function actionLogout()
 		return $this->goHome();
 	}
 
+	/**
+	 * Register action.
+	 *
+	 * @return string|Response
+	 */
+	public function actionRegister()
+	{
+		if (!Yii::$app->user->isGuest) {
+			return $this->goHome();
+		}
+
+		$model = new RegisterForm();
+
+		if ($model->load(Yii::$app->request->post()) && $model->register()) {
+			Yii::$app->session->addFlash('success', 'You have been successfully registered');
+
+			return $this->goBack();
+		}
+
+		return $this->render('register', [
+			'model' => $model,
+		]);
+	}
+
+	/**
+	 * Password request action
+	 *
+	 * @return string|Response
+	 */
+	public function actionPasswordRequest()
+	{
+		if (!Yii::$app->user->isGuest) {
+			return $this->goHome();
+		}
+
+		$model = new PasswordRequestForm();
+
+		if ($model->load(Yii::$app->request->post()) && $model->request()) {
+			Yii::$app->session->addFlash(
+				'success',
+				'If the email address is registered in the system, we would send a letter there shortly.'
+			);
+
+			return $this->goBack();
+		}
+
+		return $this->render('password-request', [
+			'model' => $model,
+		]);
+	}
+
+	/**
+	 * Password update action
+	 *
+	 * @param string $token Password reset token.
+	 *
+	 * @return string|Response
+	 * @throws NotFoundHttpException If token not found in DB.
+	 */
+	public function actionPasswordUpdate($token)
+	{
+		if (!Yii::$app->user->isGuest) {
+			return $this->goHome();
+		}
+
+		if (!User::isPasswordResetTokenValid($token)) {
+			throw new NotFoundHttpException('Page not found.');
+		}
+
+		$model = new PasswordUpdateForm();
+		$model->resetToken = $token;
+
+		if ($model->load(Yii::$app->request->post()) && $model->update()) {
+			Yii::$app->session->addFlash('success', 'Your password has been successfully updated!');
+
+			return $this->goBack();
+		}
+
+		return $this->render('password-update', [
+			'model' => $model,
+		]);
+	}
+
 }

app/forms/PasswordRequestForm.php

@@ -0,0 +1,70 @@
+<?php
+
+namespace app\forms;
+
+use app\models\User;
+use Yii;
+use yii\base\Model;
+use yii\helpers\Url;
+
+class PasswordRequestForm extends Model
+{
+	public $email;
+
+
+	/**
+	 * @return array the validation rules.
+	 */
+	public function rules()
+	{
+		return [
+			['email', 'required'],
+			['email', 'email'],
+		];
+	}
+
+	/**
+	 * Sends an email to the user with reset token if the email exists in the DB
+	 *
+	 * @return bool
+	 */
+	public function request()
+	{
+		if ($this->validate()) {
+			$user = User::findByUsername($this->email);
+
+			if (empty($user)) {
+				return true; //needed for security reasons
+			}
+
+			$user->generatePasswordResetToken();
+			$user->save();
+
+			Yii::$app->mailer->compose()
+				->setTo($user->email)
+				->setFrom(settings()->app->systemFriendlyEmail)
+				->setSubject('Restore your password on ' . Yii::$app->name)
+				->setTextBody($this->getMessageBody($user->password_reset_token))
+				->send();
+
+			return true;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Render a message with reset token
+	 *
+	 * @param string $resetToken
+	 *
+	 * @return string
+	 */
+	protected function getMessageBody($resetToken)
+	{
+		return 'To restore your password, please, follow this link ' . Url::to([
+				'auth/password-update',
+				'token' => $resetToken,
+			], true);
+	}
+}

app/forms/PasswordUpdateForm.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace app\forms;
+
+use app\models\User;
+use yii\base\Model;
+
+class PasswordUpdateForm extends Model
+{
+	public $resetToken;
+	public $newPassword;
+	public $newPasswordRepeat;
+
+
+	/**
+	 * @return array the validation rules.
+	 */
+	public function rules()
+	{
+		return [
+			[['newPassword', 'newPasswordRepeat'], 'required'],
+			['newPasswordRepeat', 'compare', 'compareAttribute' => 'newPassword'],
+		];
+	}
+
+	/**
+	 * Updates user's password if $resetToken is valid
+	 *
+	 * @return bool
+	 */
+	public function update()
+	{
+		$user = User::findByPasswordResetToken($this->resetToken);
+
+		if (empty($user)) {
+			return false;
+		}
+
+		if ($this->validate()) {
+			$user->setPassword($this->newPassword);
+			$user->removePasswordResetToken();
+
+			if (!$user->save()) {
+				$this->addErrors($user->errors);
+
+				return false;
+			}
+
+			return true;
+		}
+
+		return false;
+	}
+}

app/forms/RegisterForm.php

@@ -0,0 +1,70 @@
+<?php
+
+namespace app\forms;
+
+use app\models\User;
+use yii\base\Model;
+
+/**
+ * RegisterForm is the model behind the register form.
+ */
+class RegisterForm extends Model
+{
+	public $email;
+	public $password;
+	public $passwordRepeat;
+	public $firstName;
+	public $lastName;
+
+
+	/**
+	 * @return array of the validation rules
+	 */
+	public function rules()
+	{
+		return [
+			[['email', 'password', 'passwordRepeat', 'firstName', 'lastName'], 'required'],
+			['email', 'email'],
+			['email', 'unique', 'targetClass' => User::className()],
+			['passwordRepeat', 'compare', 'compareAttribute' => 'password'],
+		];
+	}
+
+	/**
+	 * @return array customized attribute labels
+	 */
+	public function attributeLabels()
+	{
+		return [
+			'passwordRepeat' => 'Repeat Password',
+		];
+	}
+
+	/**
+	 * Registers a user
+	 *
+	 * @return bool whether the model passes validation
+	 */
+	public function register()
+	{
+		if ($this->validate()) {
+			$user = new User();
+			$user->email = $user->username = $this->email;
+			$user->first_name = $this->firstName;
+			$user->last_name = $this->lastName;
+
+			$user->setPassword($this->password);
+			$user->generateAuthKey();
+
+			if (!$user->save()) {
+				$this->addErrors($user->errors);
+
+				return false;
+			}
+
+			return true;
+		}
+
+		return false;
+	}
+}