From 775f07f99beba0495ffd9825a9b19e3657e1bc55 Mon Sep 17 00:00:00 2001 From: Akhil Date: Wed, 25 May 2022 15:50:56 +0530 Subject: [PATCH] LostController patch fixes --- patches/006-recovery-email-changes.patch | 42 +++++++++++------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/patches/006-recovery-email-changes.patch b/patches/006-recovery-email-changes.patch index 34367ab9..80ade359 100644 --- a/patches/006-recovery-email-changes.patch +++ b/patches/006-recovery-email-changes.patch @@ -5,9 +5,9 @@ Subject: [PATCH] Makes password reset links use recovery email set through "emai This patch adds the necessary changes to core NC controller and template for "email-recovery" app to work correctly. Instead of the user's email address, the user's recovery email address set through the "email-recovery" app is used for the password reset email. diff --git ./core/Controller/LostController.php ./core/Controller/LostController.new.php ---- ./core/Controller/LostController.php 2022-03-23 12:00:12.000000000 +0100 -+++ ./core/Controller/LostController.new.php 2022-03-23 12:06:45.000000000 +0100 -@@ -174,8 +174,20 @@ +--- ./core/Controller/LostController.php 2022-05-25 15:07:44.582984541 +0530 ++++ ./core/Controller/LostController.new.php 2022-05-25 15:18:09.806020940 +0530 +@@ -174,6 +174,19 @@ */ protected function checkPasswordResetToken(string $token, string $userId): void { try { @@ -15,21 +15,19 @@ diff --git ./core/Controller/LostController.php ./core/Controller/LostController + $domainSuffix = !empty($domain) ? '@' . $domain : ''; + $altDomain = $this->config->getSystemValue('alt_mail_domain', ''); + $altDomainSuffix = !empty($altDomain) ? '@' . $altDomain : ''; -+ -+ $userId = str_replace($altDomainSuffix, $domainSuffix, $userId); -+ if(stristr($userId, $domainSuffix) === FALSE ) { ++ if(stristr($userId, $domainSuffix) !== FALSE) { ++ $userId = str_replace($domainSuffix, '', $userId); ++ } ++ if(stristr($userId, $altDomainSuffix) !== FALSE) { ++ $userId = str_replace($altDomainSuffix, '', $userId); ++ } ++ if(!$this->userManager->userExists($userId)) { + $userId = $userId . $domainSuffix; + } $user = $this->userManager->get($userId); -- $this->verificationToken->check($token, $user, 'lostpassword', $user ? $user->getEMailAddress() : '', true); -+ $recoveryEmail = $this->config->getUserValue($userId, 'email-recovery', 'recovery-email'); -+ $mailAddress = is_null($recoveryEmail) ? '' : $recoveryEmail; -+ -+ $this->verificationToken->check($token, $user, 'lostpassword', $mailAddress, true); + $this->verificationToken->check($token, $user, 'lostpassword', $user ? $user->getEMailAddress() : '', true); } catch (InvalidTokenException $e) { - $error = $e->getCode() === InvalidTokenException::TOKEN_EXPIRED - ? $this->l10n->t('Could not reset password because the token is expired') -@@ -287,8 +299,18 @@ +@@ -287,6 +300,19 @@ * @throws \OCP\PreConditionNotMetException */ protected function sendEmail($input) { @@ -37,15 +35,15 @@ diff --git ./core/Controller/LostController.php ./core/Controller/LostController + $domainSuffix = !empty($domain) ? '@' . $domain : ''; + $altDomain = $this->config->getSystemValue('alt_mail_domain', ''); + $altDomainSuffix = !empty($altDomain) ? '@' . $altDomain : ''; -+ -+ $input = str_replace($altDomainSuffix, $domainSuffix, $input); -+ if(stristr($input, $domainSuffix) === FALSE ) { ++ if (stristr($input, $domainSuffix) !== FALSE) { ++ $input = str_replace($domainSuffix, '', $input); ++ } ++ if(stristr($input, $altDomainSuffix) !== FALSE) { ++ $input = str_replace($altDomainSuffix, '', $input); ++ } ++ if(!$this->userManager->userExists($input) ) { + $input = $input . $domainSuffix; + } -+ $user = $this->findUserByIdOrMail($input); -- $email = $user->getEMailAddress(); -+ $email = $this->config->getUserValue($user->getUID(), 'email-recovery', 'recovery-email'); + $email = $user->getEMailAddress(); - if (empty($email)) { - throw new ResetPasswordException('Could not send reset e-mail since there is no email for username ' . $input); -- GitLab