add reset pass method to api

2023-10-18 16:26:49 +03:00 · 2023-10-18 16:26:49 +03:00 · b02d0b3ddf
commit b02d0b3ddf
parent 61085a1362
3 changed files with 138 additions and 4 deletions
--- a/common/mail/passwordResetToken-html.php
+++ b/common/mail/passwordResetToken-html.php
@ -3,13 +3,11 @@ use yii\helpers\Html;

 /* @var $this yii\web\View */
 /* @var $user common\models\User */
-
-$resetLink = Yii::$app->urlManager->createAbsoluteUrl(['site/reset-password', 'token' => $user->password_reset_token]);
 ?>
 <div class="password-reset">
    <p>Hello <?= Html::encode($user->username) ?>,</p>

-    <p>Follow the link below to reset your password:</p>
+    <p>Your reset token:</p>

-    <p><?= Html::a(Html::encode($resetLink), $resetLink) ?></p>
+    <p><?= $user->password_reset_token ?></p>
 </div>
--- a/common/models/email/ResetPasswordEmail.php
+++ b/common/models/email/ResetPasswordEmail.php
@ -0,0 +1,20 @@
+<?php
+
+namespace common\models\email;
+
+use common\models\User;
+use Yii;
+
+class ResetPasswordEmail extends Email
+{
+    /**
+     * @param User $user
+     */
+    public function __construct(User $user)
+    {
+        $this->sendTo = $user->email;
+        $this->subject = 'Password reset for ' . Yii::$app->name;
+        $this->mailLayout = ['html' => 'passwordResetToken-html', 'text' => 'passwordResetToken-text']; //+
+        $this->params = ['user' => $user];//+
+    }
+}
--- a/frontend/modules/api/controllers/RegisterController.php
+++ b/frontend/modules/api/controllers/RegisterController.php
@ -3,10 +3,16 @@
 namespace frontend\modules\api\controllers;

 use common\models\email\RegistrationEmail;
+use common\models\email\ResetPasswordEmail;
 use common\models\User;
 use common\services\EmailService;
+use Exception;
+use frontend\models\PasswordResetRequestForm;
+use frontend\models\ResetPasswordForm;
 use frontend\models\SignupForm;
 use Yii;
+use yii\base\InvalidParamException;
+use yii\web\BadRequestHttpException;

 class RegisterController extends ApiController
 {
@ -78,4 +84,114 @@ class RegisterController extends ApiController

        return null;
    }
+
+    /**
+     *
+     * @OA\Post(path="/register/request-password-reset",
+     *   summary="Запросить сброс пароля",
+     *   description="Метод метод высылает токен сброса пароля на почтовый адрес",
+     *   tags={"Registration"},
+     *   @OA\RequestBody(
+     *     @OA\MediaType(
+     *       mediaType="multipart/form-data",
+     *       @OA\Schema(
+     *          required={"email"},
+     *          @OA\Property(
+     *              property="email",
+     *              type="string",
+     *              description="Электронная почта пользователя",
+     *          ),
+     *       ),
+     *     ),
+     *   ),
+     *   @OA\Response(
+     *     response=200,
+     *     description="Возвращает true в случае успеха",
+     *     @OA\MediaType(
+     *         mediaType="application/json",
+     *     ),
+     *   ),
+     * )
+     *
+     * @return bool|string
+     */
+    public function actionRequestPasswordReset()
+    {
+        $model = new PasswordResetRequestForm();
+
+        if ($model->load(Yii::$app->request->post(), '') & $model->validate()) {
+
+            /* @var $user User */
+            $user = User::findOne([
+                'status' => User::STATUS_ACTIVE,
+                'email' => $model->email,
+            ]);
+
+            if (!$user) {
+                return false;
+            }
+
+            if (!User::isPasswordResetTokenValid($user->password_reset_token)) {
+                $user->generatePasswordResetToken();
+                if (!$user->save()) {
+                    return false;
+                }
+            }
+
+            return $this->emailService->sendEmail(new ResetPasswordEmail($user));
+        }
+
+        return json_encode($model->getFirstErrors());
+    }
+
+    /**
+     *
+     * @OA\Post(path="/register/reset-password",
+     *   summary="Cброс пароля",
+     *   description="Метод сброса пароля",
+     *   tags={"Registration"},
+     *   @OA\RequestBody(
+     *     @OA\MediaType(
+     *       mediaType="multipart/form-data",
+     *       @OA\Schema(
+     *          required={"token", "password"},
+     *          @OA\Property(
+     *              property="token",
+     *              type="string",
+     *              description="Токен сброса пароля",
+     *          ),
+     *          @OA\Property(
+     *              property="password",
+     *              type="string",
+     *              description="Новый пароль пользователя",
+     *          ),
+     *       ),
+     *     ),
+     *   ),
+     *   @OA\Response(
+     *     response=200,
+     *     description="Возвращает сообщение об успехе",
+     *     @OA\MediaType(
+     *         mediaType="application/json",
+     *     ),
+     *   ),
+     * )
+     *
+     * @return array|string
+     * @throws BadRequestHttpException
+     */
+    public function actionResetPassword()
+    {
+        try {
+            $model = new ResetPasswordForm(Yii::$app->request->post()['token']);
+        } catch (Exception $e) {
+            throw new BadRequestHttpException($e->getMessage());
+        }
+
+        if ($model->load(Yii::$app->request->post(), '') & $model->validate() & $model->resetPassword()) {
+            return 'Success! New password saved.';
+        } else {
+            return $model->errors;
+        }
+    }
 }