1 | <?php |
||
2 | |||
3 | namespace Apps\Model\Front\User; |
||
4 | |||
5 | use Apps\ActiveRecord\UserLog; |
||
6 | use Apps\ActiveRecord\UserRecovery; |
||
7 | use Ffcms\Core\App; |
||
8 | use Ffcms\Core\Arch\Model; |
||
9 | use Ffcms\Core\Exception\SyntaxException; |
||
10 | use Ffcms\Core\Helper\Crypt; |
||
11 | use Ffcms\Core\Helper\Date; |
||
12 | |||
13 | /** |
||
14 | * Class FormRecovery. Model of business logic for user password recovery |
||
15 | * @package Apps\Model\Front\User |
||
16 | */ |
||
17 | class FormRecovery extends Model |
||
18 | { |
||
19 | const DELAY = 900; // delay between 2 recovery submits |
||
20 | |||
21 | public $email; |
||
22 | public $captcha; |
||
23 | |||
24 | /** |
||
25 | * Labels for visual display |
||
26 | * @return array |
||
27 | */ |
||
28 | public function labels(): array |
||
29 | { |
||
30 | return [ |
||
31 | 'email' => __('Email'), |
||
32 | 'captcha' => __('Captcha') |
||
33 | ]; |
||
34 | } |
||
35 | |||
36 | /** |
||
37 | * Validation rules |
||
38 | * @return array |
||
39 | */ |
||
40 | public function rules(): array |
||
41 | { |
||
42 | return [ |
||
43 | ['email', 'required'], |
||
44 | ['email', 'email'], |
||
45 | ['captcha', 'used'], |
||
46 | ['captcha', 'App::$Captcha::validate'], |
||
47 | ['email', 'App::$User::isMailExist'] |
||
48 | ]; |
||
49 | } |
||
50 | |||
51 | /** |
||
52 | * After validation generate new pwd, recovery token and send email |
||
53 | * @throws SyntaxException |
||
54 | */ |
||
55 | public function make() |
||
56 | { |
||
57 | $user = App::$User->getIdentityViaEmail($this->email); |
||
58 | if ($user === null) { |
||
59 | throw new SyntaxException('Email not found'); |
||
60 | } |
||
61 | |||
62 | if ($user->approve_token) { |
||
63 | throw new SyntaxException('You must approve your account'); |
||
64 | } |
||
65 | |||
66 | $rows = UserRecovery::where('user_id', '=', $user->getId()) |
||
67 | ->orderBy('id', 'DESC') |
||
68 | ->first(); |
||
69 | |||
70 | if ($rows !== null && $rows !== false) { |
||
71 | // prevent spam of recovery messages |
||
72 | if (Date::convertToTimestamp($rows->created_at) > time() - self::DELAY) { |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
73 | return; |
||
74 | } |
||
75 | } |
||
76 | |||
77 | // generate random token key chr[128] |
||
78 | $token = Crypt::randomString(mt_rand(64, 127)); |
||
79 | |||
80 | // write new data to recovery table |
||
81 | $rObject = new UserRecovery(); |
||
82 | $rObject->user_id = $user->id; |
||
83 | $rObject->token = $token; |
||
84 | $rObject->save(); |
||
85 | |||
86 | // write logs data |
||
87 | $log = new UserLog(); |
||
88 | $log->user_id = $user->id; |
||
89 | $log->type = 'RECOVERY'; |
||
90 | $log->message = __('Password recovery is initialized from: %ip%', ['ip' => App::$Request->getClientIp()]); |
||
91 | $log->save(); |
||
92 | |||
93 | if (App::$Mailer) { |
||
94 | // send recovery email |
||
95 | App::$Mailer->tpl('user/_mail/recovery', [ |
||
96 | 'login' => $user->login, |
||
97 | 'email' => $this->email, |
||
98 | 'token' => $token, |
||
99 | 'id' => $rObject->id |
||
100 | ])->send($this->email, App::$Translate->get('Profile', '%site% - account recovery', ['site' => App::$Request->getHost()])); |
||
101 | } |
||
102 | } |
||
103 | } |
||
104 |