mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-06 22:40:14 -05:00
Reset password signs the user in
Closes #4196 - Clear confidential info on leaving reset route - Remove nested password access, because gross - Also cleaned up some .then(f, h) to .then(f).catch(h) in setup controller
This commit is contained in:
parent
27fe725357
commit
e27dd6f7df
5 changed files with 35 additions and 20 deletions
|
@ -4,19 +4,32 @@ import ajax from 'ghost/utils/ajax';
|
|||
import ValidationEngine from 'ghost/mixins/validation-engine';
|
||||
|
||||
var ResetController = Ember.Controller.extend(ValidationEngine, {
|
||||
passwords: {
|
||||
newPassword: '',
|
||||
ne2Password: ''
|
||||
},
|
||||
newPassword: '',
|
||||
ne2Password: '',
|
||||
token: '',
|
||||
submitButtonDisabled: false,
|
||||
|
||||
validationType: 'reset',
|
||||
|
||||
email: Ember.computed('token', function () {
|
||||
// The token base64 encodes the email (and some other stuff),
|
||||
// each section is divided by a '|'. Email comes second.
|
||||
return atob(this.get('token')).split('|')[1];
|
||||
}),
|
||||
|
||||
// Used to clear sensitive information
|
||||
clearData: function () {
|
||||
this.setProperties({
|
||||
newPassword: '',
|
||||
ne2Password: '',
|
||||
token: ''
|
||||
});
|
||||
},
|
||||
|
||||
actions: {
|
||||
submit: function () {
|
||||
var self = this,
|
||||
data = self.getProperties('passwords', 'token');
|
||||
var credentials = this.getProperties('newPassword', 'ne2Password', 'token'),
|
||||
self = this;
|
||||
|
||||
this.toggleProperty('submitting');
|
||||
this.validate({format: false}).then(function () {
|
||||
|
@ -24,16 +37,15 @@ var ResetController = Ember.Controller.extend(ValidationEngine, {
|
|||
url: self.get('ghostPaths.url').api('authentication', 'passwordreset'),
|
||||
type: 'PUT',
|
||||
data: {
|
||||
passwordreset: [{
|
||||
newPassword: data.passwords.newPassword,
|
||||
ne2Password: data.passwords.ne2Password,
|
||||
token: data.token
|
||||
}]
|
||||
passwordreset: [credentials]
|
||||
}
|
||||
}).then(function (resp) {
|
||||
self.toggleProperty('submitting');
|
||||
self.notifications.showSuccess(resp.passwordreset[0].message, true);
|
||||
self.transitionToRoute('signin');
|
||||
self.get('session').authenticate('simple-auth-authenticator:oauth2-password-grant', {
|
||||
identification: self.get('email'),
|
||||
password: credentials.newPassword
|
||||
});
|
||||
}).catch(function (response) {
|
||||
self.notifications.showAPIError(response);
|
||||
self.toggleProperty('submitting');
|
||||
|
|
|
@ -36,11 +36,11 @@ var SetupController = Ember.ObjectController.extend(ValidationEngine, {
|
|||
identification: self.get('email'),
|
||||
password: self.get('password')
|
||||
});
|
||||
}, function (resp) {
|
||||
}).catch(function (resp) {
|
||||
self.toggleProperty('submitting');
|
||||
self.notifications.showAPIError(resp);
|
||||
});
|
||||
}, function (errors) {
|
||||
}).catch(function (errors) {
|
||||
self.toggleProperty('submitting');
|
||||
self.notifications.showErrors(errors);
|
||||
});
|
||||
|
|
|
@ -11,6 +11,11 @@ var ResetRoute = Ember.Route.extend(styleBody, loadingIndicator, {
|
|||
},
|
||||
setupController: function (controller, params) {
|
||||
controller.token = params.token;
|
||||
},
|
||||
// Clear out any sensitive information
|
||||
deactivate: function () {
|
||||
this._super();
|
||||
this.controller.clearData();
|
||||
}
|
||||
});
|
||||
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
<section class="reset-box js-reset-box fade-in">
|
||||
<form id="reset" class="reset-form" method="post" novalidate="novalidate" {{action "submit" on="submit"}}>
|
||||
<div class="password-wrap">
|
||||
{{input value=passwords.newPassword class="password" type="password" placeholder="Password" name="newpassword" autofocus="autofocus" }}
|
||||
{{input value=newPassword class="password" type="password" placeholder="Password" name="newpassword" autofocus="autofocus" }}
|
||||
</div>
|
||||
<div class="password-wrap">
|
||||
{{input value=passwords.ne2Password class="password" type="password" placeholder="Confirm Password" name="ne2password" }}
|
||||
{{input value=ne2Password class="password" type="password" placeholder="Confirm Password" name="ne2password" }}
|
||||
</div>
|
||||
<button class="btn btn-blue" type="submit" {{bind-attr disabled='submitButtonDisabled'}}>Reset Password</button>
|
||||
</form>
|
||||
|
|
|
@ -1,9 +1,7 @@
|
|||
var ResetValidator = Ember.Object.create({
|
||||
check: function (model) {
|
||||
|
||||
var data = model.getProperties('passwords'),
|
||||
p1 = data.passwords.newPassword,
|
||||
p2 = data.passwords.ne2Password,
|
||||
var p1 = model.get('newPassword'),
|
||||
p2 = model.get('ne2Password'),
|
||||
validationErrors = [];
|
||||
|
||||
if (!validator.equals(p1, p2)) {
|
||||
|
|
Loading…
Reference in a new issue