1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace app\modules\auth\models\forms; |
4
|
|
|
|
5
|
|
|
use Yii; |
6
|
|
|
use yii\base\Exception; |
7
|
|
|
use yii\web\BadRequestHttpException; |
8
|
|
|
use app\models\entity\User; |
9
|
|
|
use app\modules\auth\services\Tokenizer; |
10
|
|
|
|
11
|
|
|
class ResetPasswordForm extends \yii\base\Model |
12
|
|
|
{ |
13
|
|
|
/** |
14
|
|
|
* @var string |
15
|
|
|
*/ |
16
|
|
|
public $password; |
17
|
|
|
/** |
18
|
|
|
* @var \app\models\entity\User |
19
|
|
|
*/ |
20
|
|
|
private $user; |
21
|
|
|
|
22
|
|
|
/** |
23
|
|
|
* Creates a form model given a token. |
24
|
|
|
* |
25
|
|
|
* @param string $token |
26
|
|
|
* @param array $config name-value pairs that will be used to initialize the object properties |
27
|
|
|
* @throws \yii\base\BadRequestHttpException |
28
|
|
|
*/ |
29
|
|
|
public function __construct($token, $config = []) |
30
|
|
|
{ |
31
|
|
|
$tokenizer = new Tokenizer(); |
32
|
|
|
if (empty($token) || !is_string($token) || !$tokenizer->validate($token)) { |
33
|
|
|
throw new BadRequestHttpException(Yii::t('app.msg', 'Invalid link for reset password')); |
34
|
|
|
} |
35
|
|
|
|
36
|
|
|
$this->user = User::find()->passwordResetToken($token)->one(); |
|
|
|
|
37
|
|
|
|
38
|
|
|
if (!$this->user) { |
39
|
|
|
throw new BadRequestHttpException(Yii::t('app.msg', 'Invalid link for reset password')); |
40
|
|
|
} |
41
|
|
|
|
42
|
|
|
parent::__construct($config); |
43
|
|
|
} |
44
|
|
|
|
45
|
|
|
/** |
46
|
|
|
* @inheritdoc |
47
|
|
|
*/ |
48
|
|
|
public function rules() |
49
|
|
|
{ |
50
|
|
|
return [ |
51
|
|
|
['password', 'required'], |
52
|
|
|
['password', 'string', 'min' => 6], |
53
|
|
|
]; |
54
|
|
|
} |
55
|
|
|
|
56
|
|
|
/** |
57
|
|
|
* @inheritdoc |
58
|
|
|
*/ |
59
|
|
|
public function attributeLabels() |
60
|
|
|
{ |
61
|
|
|
return [ |
62
|
|
|
'password' => Yii::t('app', 'Password'), |
63
|
|
|
]; |
64
|
|
|
} |
65
|
|
|
|
66
|
|
|
/** |
67
|
|
|
* Resets password |
68
|
|
|
* |
69
|
|
|
* @throws Exception |
70
|
|
|
*/ |
71
|
|
|
public function resetPassword(): void |
72
|
|
|
{ |
73
|
|
|
$this->user->setPassword($this->password); |
74
|
|
|
$this->user->removePasswordResetToken(); |
75
|
|
|
$this->user->updateDateLogin(); |
76
|
|
|
|
77
|
|
|
if (!$this->user->save()) { |
78
|
|
|
throw new Exception(Yii::t('app.msg', 'An error occurred while saving user')); |
79
|
|
|
} |
80
|
|
|
|
81
|
|
|
Yii::$app->user->login($this->user, 3600 * 24 * 30); |
82
|
|
|
} |
83
|
|
|
} |
84
|
|
|
|
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountId
that can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theid
property of an instance of theAccount
class. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.