Toggle navigation
Go
Connexion
Accueil
Accéder au Wiki
Annuaire des Wikis
Liste des documents du Wiki
Annuaire Utilisateurs
XWiki
Accéder à l'Espace
Liste des documents de l'espace
ResetPassword
Main.WebHome
Mot de passe oublié ?
Code source wiki de Mot de passe oublié ?
Plus d'actions
Contenu
Commentaires
Pièces Jointes
Historique
Pages liées
Masquer les numéros de lignes
1: {{velocity}} 2: #** 3: This page starts the password reset procedure. It works according to the next algorithm: 4: 1. Display a form requesting the username 5: 2. When receiving the username via form submission, generate a random verification string which is stored (as a hash) inside a ResetPasswordRequestClass object attached to the user's profile page. If no such object exists, it is created, but an existing object will be reused, meaning that at most one password reset request can be active at a moment. 6: 3. Send an email to the address configured in the user's profile, containing a link to the second step of the password reset procedure. 7: 8: URL parameters: 9: 10: u = user account sent in the form 11: *### 12: ## 13: ## 14: ## The name of the class used for storing password reset verification data. 15: #set ($verifClass = 'XWiki.ResetPasswordRequestClass') 16: #set ($userName = "$!request.get('u')") 17: #if ($userName == '')## First step, display the form requesting the username 18: {{translation key="xe.admin.passwordReset.instructions"/}} 19: 20: {{html}} 21: <form method="post" action="" class="xformInline"> 22: <div> 23: <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" /> 24: <label for="u">$services.localization.render('xe.admin.passwordReset.username.label')</label> <input type="text" id="u" name="u"/> <span class="buttonwrapper"><input type="submit" value="$services.localization.render('xe.admin.passwordReset.submit')" class="button"/></span> 25: </div> 26: </form> 27: {{/html}} 28: #else## Second step, generate the verification string, store it, and send the email 29: ## TODO: Once the usernames are not bound to the XWiki space, revisit this code 30: #if ($userName.indexOf('.') != -1) 31: #set ($userDoc = $xwiki.getDocumentAsAuthor(${userName})) 32: #else 33: #set ($userDoc = $xwiki.getDocumentAsAuthor("XWiki.${userName}")) 34: #end 35: ## Check if the user exists and has a valid email address configured in his profile 36: #set ($userObj = '') 37: #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers')) 38: ## If local user does not exist check global user 39: #if (!$userObj && ${xcontext.database} != ${xcontext.mainWikiName}) 40: #if ($userName.indexOf('.') != -1) 41: #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:${userName}")) 42: #else 43: #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:XWiki.${userName}")) 44: #end 45: #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers')) 46: #end 47: #if (!$userObj) 48: 49: {{warning}}$services.localization.render('xe.admin.passwordReset.error.noUser', ["//${escapetool.xml($userName)}//"]){{/warning}} 50: 51: #elseif ($userDoc.getObject('XWiki.LDAPProfileClass')) 52: 53: {{warning}}$services.localization.render('xe.admin.passwordReset.error.ldapUser', ["//${escapetool.xml($userName)}//"]){{/warning}} 54: 55: #else 56: #set ($userEmail = $userObj.getProperty('email').value) 57: #if ("$!userEmail" == '') 58: 59: {{error}}{{translation key="xe.admin.passwordReset.error.noEmail"/}}{{/error}} 60: 61: #else 62: ## Find the object that will hold the verification string 63: #set ($verifObj = '') 64: #set ($verifObj = $userDoc.getObject($verifClass, true)) 65: ## Generate a random string 66: #set ($verifStr = $util.generateRandomString(30)) 67: ## If the class is correctly configured, the string should automatically be stored as a hash 68: #set ($discard = $verifObj.set('verification', $verifStr)) 69: #set ($discard = $userDoc.saveAsAuthor($services.localization.render('xe.admin.passwordReset.versionComment'), true)) 70: ## Compose the verification URL 71: #set ($userDocRef = $escapetool.url($services.model.serialize($userDoc.documentReference, 'default'))) 72: #set ($passwordResetURL = $xwiki.getDocument("XWiki.ResetPasswordComplete").getExternalURL('view', "u=${userDocRef}&v=${verifStr}")) 73: ## Send the email 74: #set ($from = $services.mailsender.configuration.fromAddress) 75: #if ("$!from" == '') 76: #set ($from = "no-reply@${request.serverName}") 77: #end 78: #set ($mailTemplateReference = $services.model.createDocumentReference('', 'XWiki', 'ResetPasswordMailContent')) 79: #set ($mailParameters = {'from' : $from, 'to' : $userEmail, 'language' : $xcontext.language}) 80: #set ($message = $services.mailsender.createMessage('template', $mailTemplateReference, $mailParameters)) 81: #set ($discard = $message.setType('Reset Password')) 82: #macro (displayError $text) 83: 84: {{html}} 85: <div class="xwikirenderingerror" title="Click to get more details about the error" style="cursor: pointer;"> 86: $services.localization.render('xe.admin.passwordReset.error.emailFailed') 87: </div> 88: <div class="xwikirenderingerrordescription hidden"> 89: <pre>${text}</pre> 90: </div> 91: {{/html}} 92: 93: #end 94: ## Check for an error constructing the message! 95: #if ($services.mailsender.lastError) 96: #displayError($exceptiontool.getStackTrace($services.mailsender.lastError)) 97: #else 98: ## Send the message and wait for it to be sent or for any error to be raised. 99: #set ($mailResult = $services.mailsender.send([$message], 'database')) 100: ## Check for errors during the send 101: #if ($services.mailsender.lastError) 102: #displayError($exceptiontool.getStackTrace($services.mailsender.lastError)) 103: #else 104: #set ($failedMailStatuses = $mailResult.statusResult.getByState('FAILED')) 105: #if ($failedMailStatuses.hasNext()) 106: #set ($mailStatus = $failedMailStatuses.next()) 107: #displayError($mailStatus.errorDescription) 108: #else 109: 110: {{info}}$services.localization.render('xe.admin.passwordReset.emailSent', ["$userDoc.display('email', $userObj)"]){{/info}} 111: 112: #end 113: #end 114: #end 115: #end 116: #end 117: [[{{translation key="xe.admin.passwordReset.error.retry"/}}>>$doc.fullName]] | [[{{translation key="xe.admin.passwordReset.error.recoverUsername"/}}>>ForgotUsername]] | [[{{translation key="xe.admin.passwordReset.login"/}}>>path:$xwiki.getURL('XWiki.XWikiLogin', 'login')]] 118: #end 119: ## Clear private variables, so that they cannot be accessed from the rest of the page (comments, panels...) 120: #set ($verifStr = '') 121: #set ($passwordResetURL = '') 122: {{/velocity}}