mirror of
https://github.com/openvk/openvk
synced 2024-12-23 00:51:03 +03:00
Auth: Add disabling the password reset page
This commit is contained in:
parent
29716660c7
commit
95a62f56e0
3 changed files with 8 additions and 1 deletions
|
@ -207,6 +207,9 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
|
|
||||||
function renderFinishRestoringPassword(): void
|
function renderFinishRestoringPassword(): void
|
||||||
{
|
{
|
||||||
|
if(OPENVK_ROOT_CONF['openvk']['preferences']['security']['disablePasswordRestoring'])
|
||||||
|
$this->notFound();
|
||||||
|
|
||||||
$request = $this->restores->getByToken(str_replace(" ", "+", $this->queryParam("key")));
|
$request = $this->restores->getByToken(str_replace(" ", "+", $this->queryParam("key")));
|
||||||
if(!$request || !$request->isStillValid()) {
|
if(!$request || !$request->isStillValid()) {
|
||||||
$this->flash("err", tr("token_manipulation_error"), tr("token_manipulation_error_comment"));
|
$this->flash("err", tr("token_manipulation_error"), tr("token_manipulation_error_comment"));
|
||||||
|
@ -241,6 +244,9 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
|
|
||||||
function renderRestore(): void
|
function renderRestore(): void
|
||||||
{
|
{
|
||||||
|
if(OPENVK_ROOT_CONF['openvk']['preferences']['security']['disablePasswordRestoring'])
|
||||||
|
$this->notFound();
|
||||||
|
|
||||||
if(!is_null($this->user))
|
if(!is_null($this->user))
|
||||||
$this->redirect($this->user->identity->getURL());
|
$this->redirect($this->user->identity->getURL());
|
||||||
|
|
||||||
|
|
|
@ -220,7 +220,7 @@
|
||||||
<input type="hidden" name="hash" value="{$csrfToken}" />
|
<input type="hidden" name="hash" value="{$csrfToken}" />
|
||||||
<input type="submit" value="{_log_in}" class="button" style="display: inline-block; font-family: Tahoma" />
|
<input type="submit" value="{_log_in}" class="button" style="display: inline-block; font-family: Tahoma" />
|
||||||
<a href="/reg"><input type="button" value="{_registration}" class="button" style="font-family: Tahoma" /></a><br><br>
|
<a href="/reg"><input type="button" value="{_registration}" class="button" style="font-family: Tahoma" /></a><br><br>
|
||||||
<a href="/restore">{_forgot_password}</a>
|
{if !OPENVK_ROOT_CONF['openvk']['preferences']['security']['disablePasswordRestoring']}<a href="/restore">{_forgot_password}</a>{/if}
|
||||||
</form>
|
</form>
|
||||||
{/ifset}
|
{/ifset}
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -28,6 +28,7 @@ openvk:
|
||||||
forcePhoneVerification: false
|
forcePhoneVerification: false
|
||||||
forceEmailVerification: false
|
forceEmailVerification: false
|
||||||
forceStrongPassword: false
|
forceStrongPassword: false
|
||||||
|
disablePasswordRestoring: true # turn this off if you have configured e-mail sending correctly
|
||||||
enableSu: true
|
enableSu: true
|
||||||
rateLimits:
|
rateLimits:
|
||||||
actions: 5
|
actions: 5
|
||||||
|
|
Loading…
Reference in a new issue