Changes for page Forgot your password?
Last modified by superadmin on 2021/12/03 15:30
Change comment:
Install extension [org.xwiki.platform:xwiki-platform-administration-ui/12.10.8]
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -14,7 +14,8 @@ 14 14 ## The name of the class used for storing password reset verification data. 15 15 #set ($verifClass = 'XWiki.ResetPasswordRequestClass') 16 16 #set ($userName = "$!request.get('u')") 17 -#if ($userName == '')## First step, display the form requesting the username 17 +## First step, display the form requesting the username 18 +#if ($userName == '' || !$services.csrf.isTokenValid($request.form_token)) 18 18 {{translation key="xe.admin.passwordReset.instructions"/}} 19 19 20 20 {{html}} ... ... @@ -35,6 +35,15 @@ 35 35 ## Check if the user exists and has a valid email address configured in his profile 36 36 #set ($userObj = '') 37 37 #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers')) 39 + ## If local user does not exist check global user 40 + #if (!$userObj && ${xcontext.database} != ${xcontext.mainWikiName}) 41 + #if ($userName.indexOf('.') != -1) 42 + #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:${userName}")) 43 + #else 44 + #set ($userDoc = $xwiki.getDocumentAsAuthor("${xcontext.mainWikiName}:XWiki.${userName}")) 45 + #end 46 + #set ($userObj = $userDoc.getObject('XWiki.XWikiUsers')) 47 + #end 38 38 #if (!$userObj) 39 39 40 40 {{warning}}$services.localization.render('xe.admin.passwordReset.error.noUser', ["//${escapetool.xml($userName)}//"]){{/warning}} ... ... @@ -59,15 +59,16 @@ 59 59 #set ($discard = $verifObj.set('verification', $verifStr)) 60 60 #set ($discard = $userDoc.saveAsAuthor($services.localization.render('xe.admin.passwordReset.versionComment'), true)) 61 61 ## Compose the verification URL 62 - #set ($passwordResetURL = $xwiki.getDocument('XWiki.ResetPasswordComplete').getExternalURL('view', "u=${userName}&v=${verifStr}")) 72 + #set ($userDocRef = $escapetool.url($services.model.serialize($userDoc.documentReference, 'default'))) 73 + #set ($passwordResetURL = $xwiki.getDocument("XWiki.ResetPasswordComplete").getExternalURL('view', "u=${userDocRef}&v=${verifStr}")) 63 63 ## Send the email 64 - #set ($from = $services.mailsender.configuration.fromAddress) 75 + #set ($from = $services.mail.sender.configuration.fromAddress) 65 65 #if ("$!from" == '') 66 66 #set ($from = "no-reply@${request.serverName}") 67 67 #end 68 68 #set ($mailTemplateReference = $services.model.createDocumentReference('', 'XWiki', 'ResetPasswordMailContent')) 69 69 #set ($mailParameters = {'from' : $from, 'to' : $userEmail, 'language' : $xcontext.locale}) 70 - #set ($message = $services.mailsender.createMessage('template', $mailTemplateReference, $mailParameters)) 81 + #set ($message = $services.mail.sender.createMessage('template', $mailTemplateReference, $mailParameters)) 71 71 #set ($discard = $message.setType('Reset Password')) 72 72 #macro (displayError $text) 73 73 ... ... @@ -82,14 +82,14 @@ 82 82 83 83 #end 84 84 ## Check for an error constructing the message! 85 - #if ($services.mailsender.lastError) 86 - #displayError($exceptiontool.getStackTrace($services.mailsender.lastError)) 96 + #if ($services.mail.sender.lastError) 97 + #displayError($exceptiontool.getStackTrace($services.mail.sender.lastError)) 87 87 #else 88 88 ## Send the message and wait for it to be sent or for any error to be raised. 89 - #set ($mailResult = $services.mailsender.send([$message], 'database')) 100 + #set ($mailResult = $services.mail.sender.send([$message], 'database')) 90 90 ## Check for errors during the send 91 - #if ($services.mailsender.lastError) 92 - #displayError($exceptiontool.getStackTrace($services.mailsender.lastError)) 102 + #if ($services.mail.sender.lastError) 103 + #displayError($exceptiontool.getStackTrace($services.mail.sender.lastError)) 93 93 #else 94 94 #set ($failedMailStatuses = $mailResult.statusResult.getAllErrors()) 95 95 #if ($failedMailStatuses.hasNext())