Änderungen von Dokument Kennwort vergessen?
Zuletzt geändert von xwikiadmin am 2022/07/28 11:40
Von Version 3.1
bearbeitet von xwikiadmin
am 2021/08/23 13:05
am 2021/08/23 13:05
Änderungskommentar:
Install extension [org.xwiki.platform:xwiki-platform-administration-ui/12.10.9]
Auf Version 4.1
bearbeitet von xwikiadmin
am 2022/01/18 21:18
am 2022/01/18 21:18
Änderungskommentar:
Install extension [org.xwiki.platform:xwiki-platform-administration-ui/13.10.2]
Zusammenfassung
-
Seiteneigenschaften (1 geändert, 0 hinzugefügt, 0 gelöscht)
Details
- Seiteneigenschaften
-
- Inhalt
-
... ... @@ -1,113 +1,5 @@ 1 1 {{velocity}} 2 -#** 3 -This page starts the password reset procedure. It works according to the next algorithm: 4 -1. Display a form requesting the username 5 -2. When receiving the username via form submission, generate a random verification string which is stored (as a hash) inside a ResetPasswordRequestClass object attached to the user's profile page. If no such object exists, it is created, but an existing object will be reused, meaning that at most one password reset request can be active at a moment. 6 -3. Send an email to the address configured in the user's profile, containing a link to the second step of the password reset procedure. 7 - 8 -URL parameters: 9 - 10 -u = user account sent in the form 11 -*### 12 -## 13 -## 14 -## The name of the class used for storing password reset verification data. 15 -#set ($verifClass = 'XWiki.ResetPasswordRequestClass') 16 -#set ($userName = "$!request.get('u')") 17 -## First step, display the form requesting the username 18 -#if ($userName == '' || !$services.csrf.isTokenValid($request.form_token)) 19 - {{translation key="xe.admin.passwordReset.instructions"/}} 20 - 21 - {{html}} 22 - <form method="post" action="$doc.getURL()" class="xformInline"> 23 - <div> 24 - <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" /> 25 - <label for="u">$services.localization.render('xe.admin.passwordReset.username.label')</label> <input type="text" id="u" name="u"/> <span class="buttonwrapper"><input type="submit" value="$services.localization.render('xe.admin.passwordReset.submit')" class="button"/></span> 26 - </div> 27 - </form> 28 - {{/html}} 29 -#else## Second step, generate the verification string, store it, and send the email 30 - ## TODO: Once the usernames are not bound to the XWiki space, revisit this code 31 - #if ($userName.indexOf('.') != -1) 32 - #set ($userDoc = $xwiki.getDocumentAsAuthor(${userName})) 33 - #else 34 - #set ($userDoc = $xwiki.getDocumentAsAuthor("XWiki.${userName}")) 35 - #end 36 - ## Check if the user exists and has a valid email address configured in his profile 37 - #set ($userObj = '') 38 - #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers')) 39 - ## If local user does not exist check global user 40 - #if (!$userObj && ${xcontext.database} != ${xcontext.mainWikiName}) 41 - #if ($userName.indexOf('.') != -1) 42 - #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:${userName}")) 43 - #else 44 - #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:XWiki.${userName}")) 45 - #end 46 - #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers')) 47 - #end 48 - #set ($errorDisplayed = false) 49 - #if ($userObj && !$userDoc.getObject('XWiki.LDAPProfileClass')) 50 - #set ($userEmail = $userObj.getProperty('email').value) 51 - #if ("$!userEmail" != '') 52 - ## Find the object that will hold the verification string 53 - #set ($verifObj = '') 54 - #set ($verifObj = $userDoc.getObject($verifClass, true)) 55 - ## Generate a random string 56 - #set ($verifStr = $util.generateRandomString(30)) 57 - ## If the class is correctly configured, the string should automatically be stored as a hash 58 - #set ($discard = $verifObj.set('verification', $verifStr)) 59 - #set ($discard = $userDoc.saveAsAuthor($services.localization.render('xe.admin.passwordReset.versionComment'), true)) 60 - ## Compose the verification URL 61 - #set ($userDocRef = $escapetool.url($services.model.serialize($userDoc.documentReference, 'default'))) 62 - #set ($passwordResetURL = $xwiki.getDocument("XWiki.ResetPasswordComplete").getExternalURL('view', "u=${userDocRef}&v=${verifStr}")) 63 - ## Send the email 64 - #set ($from = $services.mail.sender.configuration.fromAddress) 65 - #if ("$!from" == '') 66 - #set ($from = "no-reply@${request.serverName}") 67 - #end 68 - #set ($mailTemplateReference = $services.model.createDocumentReference('', 'XWiki', 'ResetPasswordMailContent')) 69 - #set ($mailParameters = {'from' : $from, 'to' : $userEmail, 'language' : $xcontext.locale}) 70 - #set ($message = $services.mail.sender.createMessage('template', $mailTemplateReference, $mailParameters)) 71 - #set ($discard = $message.setType('Reset Password')) 72 - #macro (displayError $text) 73 - #set ($errorDisplayed = true) 74 - {{html}} 75 - <div class="xwikirenderingerror" title="Click to get more details about the error" style="cursor: pointer;"> 76 - $services.localization.render('xe.admin.passwordReset.error.emailFailed') 77 - </div> 78 - <div class="xwikirenderingerrordescription hidden"> 79 - <pre>${text}</pre> 80 - </div> 81 - {{/html}} 82 - 83 - #end 84 - ## Check for an error constructing the message! 85 - #if ($services.mail.sender.lastError) 86 - #displayError($exceptiontool.getStackTrace($services.mail.sender.lastError)) 87 - #else 88 - ## Send the message and wait for it to be sent or for any error to be raised. 89 - #set ($mailResult = $services.mail.sender.send([$message], 'database')) 90 - ## Check for errors during the send 91 - #if ($services.mail.sender.lastError) 92 - #displayError($exceptiontool.getStackTrace($services.mail.sender.lastError)) 93 - #else 94 - #set ($failedMailStatuses = $mailResult.statusResult.getAllErrors()) 95 - #if ($failedMailStatuses.hasNext()) 96 - #set ($mailStatus = $failedMailStatuses.next()) 97 - #displayError($mailStatus.errorDescription) 98 - #end 99 - #end 100 - #end 101 - #end 102 - #end 103 - #if (!$errorDisplayed) 104 - 105 - {{info}}$services.localization.render('xe.admin.passwordReset.emailSentToUsername', ["$escapetool.xml(${userName})"]){{/info}} 106 - 107 - #end 108 - [[{{translation key="xe.admin.passwordReset.error.retry"/}}>>$doc.fullName]] | [[{{translation key="xe.admin.passwordReset.error.recoverUsername"/}}>>ForgotUsername]] | [[{{translation key="xe.admin.passwordReset.login"/}}>>path:$xwiki.getURL('XWiki.XWikiLogin', 'login')]] 109 -#end 110 -## Clear private variables, so that they cannot be accessed from the rest of the page (comments, panels...) 111 -#set ($verifStr = '') 112 -#set ($passwordResetURL = '') 2 +#set ($newUrl = $services.security.authentication.getAuthenticationURL('reset', $request.parameterMap)) 3 +#set ($discard = $services.logging.deprecated("ResetPassword", "The page [XWiki.ResetPassword] should not be used anymore in favor of the new 'authenticate/reset' URL.")); 4 +#set ($discard = $response.sendRedirect($newUrl)) 113 113 {{/velocity}}