diff --git a/server/controllers/user.php b/server/controllers/user.php index 5eb5694e..af0e15ef 100644 --- a/server/controllers/user.php +++ b/server/controllers/user.php @@ -3,6 +3,7 @@ include 'user/login.php'; include 'user/signup.php'; include 'user/logout.php'; include 'user/recoverpassword.php'; +include 'user/sendrecoverpassword.php'; $userControllers = new ControllerGroup(); $userControllers->setGroupPath('/user'); @@ -10,6 +11,7 @@ $userControllers->setGroupPath('/user'); $userControllers->addController(new LoginController); $userControllers->addController(new SignUpController); $userControllers->addController(new LogoutController); +$userControllers->addController(new SendRecoverPasswordController); $userControllers->addController(new RecoverPasswordController); $userControllers->finalize(); diff --git a/server/controllers/user/recoverpassword.php b/server/controllers/user/recoverpassword.php index ffcc915b..47511abb 100644 --- a/server/controllers/user/recoverpassword.php +++ b/server/controllers/user/recoverpassword.php @@ -15,37 +15,23 @@ class RecoverPasswordController extends Controller { ]; } - public function handler() { - $this->email = Controller::request('email'); - $this->token = Controller::request('token'); - $this->password = Controller::request('password'); + public function handler(){ + $this->email = Controller::request('email'); + $this->token = Controller::request('token'); + $this->password = Controller::request('password'); + if ($this->email && $this->token) { + $this->recoverPassword = RecoverPassword::getDatastore($this->token, 'token'); - if($this->email && $this->token === null ) { - $this->token = Hashing::generateRandomToken(); - - $this->recoverPassword = new RecoverPassword(); - - $this->recoverPassword->setProperties(array( - 'email' => $this->email, - 'token' => $this->token - )); - - $this->recoverPassword->store(); - Response::respondSuccess($this->token); - /*mandar mail con token*/ - - } else if ($this->email && $this->token) { - if($this->recoverPassword->token === $this->token){ - /*borrar base de datos */ + if($this->recoverPassword){ + // TODO: borar item en base de datos $changePassword = User::getDataStore($this->email, 'email'); $changePassword->password = $this->password; - Response::respondSuccess($changePassword->password); + Response::respondSuccess('password changed'); } - - } else { - Response::respondError(ERRORS::INVALID_CREDENTIALS); + }else { + Response::respondError(ERRORS::NO_PERMISSION); } } } \ No newline at end of file diff --git a/server/controllers/user/sendrecoverpassword.php b/server/controllers/user/sendrecoverpassword.php new file mode 100644 index 00000000..db5973aa --- /dev/null +++ b/server/controllers/user/sendrecoverpassword.php @@ -0,0 +1,35 @@ + 'any', + 'requestData' => [] + ]; + } + + public function handler() { + $this->email = Controller::request('email'); + + if($this->email) { + $this->token = Hashing::generateRandomToken(); + + $recoverPassword = new RecoverPassword(); + + $recoverPassword->setProperties(array( + 'email' => $this->email, + 'token' => $this->token + )); + + $recoverPassword->store(); + Response::respondSuccess(); + //TODO: mandar mail con token + + } + } +} \ No newline at end of file